Update README.md

Author: yaacov

README.md

@@ -7,6 +7,18 @@ creates tokens for the [oc-gate](https://github.com/yaacov/oc-gate) service
 [![Go Report Card](https://goreportcard.com/badge/github.com/yaacov/oc-gate-operator)](https://goreportcard.com/report/github.com/yaacov/oc-gate-operator)
 [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
 
+Requesting a token for [oc-gate](https://github.com/yaacov/oc-gate) service is done using GateToken CRD,
+
+Available fields are:
+
+- user-id: string (required), user-id is the user id of the user requesting this token.
+- match-path: string (required), match-path is a regular expresion used to validate API request path, API requests matching this pattern will be validated by the token. This field may not be empty.
+- match-method: string, a comma separeted list of allowed http methods, defoult is "GET,OPTIONS"
+- duration-sec: int, duration-sec is the duration in sec the token will be validated since it's invocation. Defalut value is 3600s (1h).
+- from: string, from is time of token invocation, the token will not validate before this time, the token duration will start from this time. Defalut to token object creation time.
+
+Creating a token requires a secret holding a RSA private-key for sighing the token in the namespace of the token (secret name: oc-gate-jwt-secret), nce token is ready it will be available in the GateToken status.
+
 Get a token:
 
 [![asciicast](https://asciinema.org/a/397136.svg)](https://asciinema.org/a/397136)