updated README to include information about Auth Header Requirement - DK/MW

README.md

@@ -108,17 +108,9 @@ For more validation options see [auth0/jsonwebtoken](https://github.com/auth0/no
 Append the jwt token using query string:
 
 ```javascript
-//// token part of query string ////
 var socket = io.connect('http://localhost:9000', {
   'query': 'token=' + your_jwt
 });
-
-
-//// token coming in as Authorization Header ////
-var socket = io.connect('http://localhost:9000', {
-  'extraHeaders': { Authorization: `Bearer ${your_jwt}` }
-});
-
 ```
 
 Append the jwt token using 'Authorization Header' (Bearer Token):
@@ -131,6 +123,20 @@ var socket = io.connect('http://localhost:9000', {
 
 Both options can be combined or used optionally.
 
+### Authorization Header Requirement
+
+Require Bearer Tokens to be passed in as an Authorization Header
+
+**Server side**:
+
+```javascript
+io.use(socketioJwt.authorize({
+  secret: 'your secret or public key',
+  handshake: true,
+  auth_header_required: true
+}));
+```
+
 ### Handling token expiration
 
 **Server side**