Update README: mention the InvalidToken exception

wbolster-eiq · wbolster-eiq · commit e3f0ce09619e · 2015-01-06T15:16:43.000+01:00
diff --git a/README.md b/README.md
@@ -43,6 +43,16 @@ You can still get the payload by setting the `verify` argument to `False`.
 jwt.decode('someJWTstring', verify=False)
 ```
 
+The `decode()` function can raise other exceptions, e.g. for invalid issuer or audience (see below). All exceptions that signify that the token is invalid extend from the base `InvalidToken` exception class, so applications can use this approach to catch any issues relating to invalid tokens:
+
+```python
+try:
+    payload = jwt.decode('someJWTstring')
+exception jwt.InvalidToken:
+    pass  # do something sensible here, e.g. return HTTP 403 status code
+```
+
+
 ## Algorithms
 
 The JWT spec supports several algorithms for cryptographic signing. This library
