diff --git a/apps/emqx_auth_jwt/etc/emqx_auth_jwt.conf b/apps/emqx_auth_jwt/etc/emqx_auth_jwt.conf
index 5a599ca23..748902f9f 100644
--- a/apps/emqx_auth_jwt/etc/emqx_auth_jwt.conf
+++ b/apps/emqx_auth_jwt/etc/emqx_auth_jwt.conf
@@ -36,10 +36,14 @@ auth.jwt.verify_claims = off
 
 ## The checklist of claims to validate
 ##
-## Value: String
-## auth.jwt.verify_claims.$name = expected
+## Configuration format: auth.jwt.verify_claims.$name = $expected
+##   - $name: the name of the field in the JWT payload to be verified
+##   - $expected: the expected value
 ##
-## Variables:
-##  - %u: username
-##  - %c: clientid
+## The available placeholders for $expected:
+##   - %u: username
+##   - %c: clientid
+##
+## For example, to verify that the username in the JWT payload is the same
+## as the client (MQTT protocol) username
 #auth.jwt.verify_claims.username = %u