Adds doc about aud field.

doc/tokens.md

@@ -18,6 +18,7 @@ The following JWT claims are used in authentication token:
 - 'iss' specifies *application ID* which identifies the client app connecting to the server
 - 'room' contains the name of the room for which the token has been allocated. This is *NOT* full MUC room address. Example assuming that we have full MUC 'conference1@muc.server.net' then 'conference1' should be used here.
 - 'exp' token expiration timstamp as defined in the RFC
+- 'aud' contains the name of the domain used when authenticating with this token. By default assuming that we have full MUC 'conference1@muc.server.net' then 'server.net' should be used here.
 
 Secret is used to compute HMAC hash value and verify the token.