Add missing authentication parameters to README Options Overview

README.md

@@ -96,6 +96,13 @@ end
 | jwt_secret_base64            | For HMAC with SHA2 (e.g. HS256) signing algorithms, specify the base64-encoded secret used to sign the JWT token. Defaults to the OAuth2 client secret if not specified. | no       | client_options.secret         | "bXlzZWNyZXQ=\n"                                    |
 | logout_path                  | The log out is only triggered when the request path ends on this path                                                                                                    | no       | '/logout'                     | '/sign_out'                                         |
 | acr_values                   | Authentication Class Reference (ACR) values to be passed to the authorize_uri to enforce a specific level, see [RFC9470](https://www.rfc-editor.org/rfc/rfc9470.html)    | no       | nil                           | "c1 c2"                                             |
+| client_signing_alg           | If specified, verify that the JWT token is signed with the expected algorithm                                                                                            | no       | nil                           | "RS256", "HS256"                                   |
+| client_jwk_signing_key       | JWK (JSON Web Key) used to verify the JWT token signature                                                                                                               | no       | nil                           | { "kty": "RSA", ... }                               |
+| client_x509_signing_key      | X.509 certificate used to verify the JWT token signature                                                                                                                 | no       | nil                           | "-----BEGIN CERTIFICATE-----\n..."                  |
+| hd                           | Host domain parameter, primarily for Google OpenID Connect, to restrict authentication to a specific G Suite domain                                                       | no       | nil                           | "example.com"                                       |
+| max_age                      | Maximum authentication age in seconds. If the elapsed time is greater than this value, the session is no longer valid                                                    | no       | nil                           | 3600                                                |
+| ui_locales                   | End-user's preferred languages and scripts for the user interface                                                                                                        | no       | nil                           | "en-US fr-CA"                                       |
+| id_token_hint                | Previously issued ID Token passed as a hint about the user's previous authentication session                                                                             | no       | nil                           | "eyJhbGciOiJSUzI1NiJ9..."                           |
 
 ### Client Config Options