apply suggestion from review

gardenerik · n2ygk · n2ygk · commit 8ab8f8d59743 · 2023-09-13T11:37:27.000-04:00
Co-authored-by: Alan Crosswell &lt;alan@crosswell.us&gt;
diff --git a/docs/getting_started.rst b/docs/getting_started.rst
@@ -246,7 +246,7 @@ Point your browser to http://127.0.0.1:8000/o/applications/register/ lets create
 
 Fill the form as show in the screenshot below and before save take note of ``Client id`` and ``Client secret``, we will use it in a minute.
 
-If you want to use this application with OIDC and ``HS256`` (see :doc:`OpenID Connect <oidc>`), uncheck ``Hash client secret`` to allow verifying tokens using JWT signatures.
+If you want to use this application with OIDC and ``HS256`` (see :doc:`OpenID Connect <oidc>`), uncheck ``Hash client secret`` to allow verifying tokens using JWT signatures. This means your client secret will be stored in cleartext but is the only way to successfully use signed JWT's.
 
 .. image:: _images/application-register-auth-code.png
    :alt: Authorization code application registration
