From fc4f1497cbbc5bc0058e354352fecee74f63cd1d Mon Sep 17 00:00:00 2001
From: davhojt <davhojt@gmail.com>
Date: Fri, 31 Mar 2023 10:08:10 +0300
Subject: [PATCH] docs(graphql): add hint to point student towards where to
 find the authenticated user's ID in the JWT

---
 subjects/graphql/README.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/subjects/graphql/README.md b/subjects/graphql/README.md
index e6583838c..e37323514 100644
--- a/subjects/graphql/README.md
+++ b/subjects/graphql/README.md
@@ -53,7 +53,9 @@ If the credentials are invalid, an appropriate error message must be displayed.
 
 You must provide a method to log out.
 
-When making GraphQL queries, you'll supply the JWT using `Bearer` authentication.
+When making GraphQL queries, you'll supply the JWT using `Bearer` authentication. It will only allow access to the data belonging to the authenticated user.
+
+> You may inspect the JWT to discover the ID of the authenticated user.
 
 ### Hosting