diff --git a/lib/get-signed-json-web-token.js b/lib/get-signed-json-web-token.js
index 59c9d042e..bafdb8d28 100644
--- a/lib/get-signed-json-web-token.js
+++ b/lib/get-signed-json-web-token.js
@@ -6,7 +6,7 @@ function getSignedJsonWebToken ({ id, privateKey }) {
   const now = Math.floor(Date.now() / 1000)
   const payload = {
     iat: now, // Issued at time
-    exp: now + 60, // JWT expiration time
+    exp: now + 60, // JWT expiration time (10 minute maximum)
     iss: id
   }
   const token = jsonwebtoken.sign(payload, privateKey, { algorithm: 'RS256' })