From aa8047c0933fc9fb51ccc843e0abaa4325c62a7c Mon Sep 17 00:00:00 2001
From: jsteemann <jan@arangodb.com>
Date: Tue, 11 Sep 2018 14:56:40 +0200
Subject: [PATCH] added note about max JWT secret length

---
 .../Manual/Administration/Configuration/GeneralArangod.md  | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/Documentation/Books/Manual/Administration/Configuration/GeneralArangod.md b/Documentation/Books/Manual/Administration/Configuration/GeneralArangod.md
index 3d668f96ae..7ae1380fb3 100644
--- a/Documentation/Books/Manual/Administration/Configuration/GeneralArangod.md
+++ b/Documentation/Books/Manual/Administration/Configuration/GeneralArangod.md
@@ -195,14 +195,15 @@ generator and the Mersenne Twister.
 
 `--server.jwt-secret secret`
 
-ArangoDB will use JWTs to authenticate requests. Using this option lets
-you specify a JWT.
+ArangoDB will use JWTs to authenticate requests. Using this option let's
+you specify a JWT. When specified, the JWT secret must be at most 64 bytes
+long.
 
 In single server setups and when not specifying this secret ArangoDB will
 generate a secret.
 
 In cluster deployments which have authentication enabled a secret must
-be set consistently across all cluster tasks so they can talk to each other.
+be set consistently across all cluster nodes so they can talk to each other.
 
 ### Enable/disable authentication for UNIX domain sockets