diff --git a/CHANGELOG.md b/CHANGELOG.md
index 71fc8db..2a65795 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 2.6.4
+
+* add create jwt function to get_jwt
+
 ## 2.5.4
 
 * add 403 as a valid response code for get_service call
diff --git a/README.md b/README.md
index c25a367..9d3b772 100644
--- a/README.md
+++ b/README.md
@@ -10,28 +10,3 @@ Docs
 * [Configuration](https://lyft.github.io/confidant/configuration)
 * [Usage](https://lyft.github.io/confidant/using_confidant)
 * [Contribution](https://lyft.github.io/confidant/contributing)
-
-Reporting security vulnerabilities
-----------------------------------
-
-If you've found a vulnerability or a potential vulnerability in Confidant
-please let us know at security@lyft.com. We'll send a confirmation email to
-acknowledge your report, and we'll send an additional email when we've
-identified the issue positively or negatively.
-
-Getting support or asking questions
------------------------------------
-
-We have a mailing list for discussion, and a low volume list for announcements:
-
-* https://groups.google.com/forum/#!forum/confidant-users
-* https://groups.google.com/forum/#!forum/confidant-announce
-
-We also have an IRC channel on freenode and a Gitter channel:
-
-* [#confidant](http://webchat.freenode.net/?channels=confidant)
-* [lyft/confidant on Gitter](https://gitter.im/lyft/confidant)
-
-Feel free to drop into either Gitter or the IRC channel for any reason, even
-if just to chat. It doesn't matter which one you join, the messages are sync'd
-between the two.
diff --git a/confidant_client/__init__.py b/confidant_client/__init__.py
index 469408a..f5640a2 100644
--- a/confidant_client/__init__.py
+++ b/confidant_client/__init__.py
@@ -504,12 +504,15 @@ def update_credential(
         ret['result'] = True
         return ret
 
-    def get_jwt(self, environment, resource_id):
+    def get_jwt(self, environment, resource_id, expiry):
         ret = {'result': False}
         url = '{0}/v1/jwks/token'.format(self.config['url'])
         if resource_id:
             url += '/{0}'.format(resource_id)
 
+        if expiry:
+            url += '/{0}'.format(expiry)
+
         try:
             response = self._execute_request(
                 'get',
diff --git a/confidant_client/cli.py b/confidant_client/cli.py
index 4e68b4e..57ab1bf 100644
--- a/confidant_client/cli.py
+++ b/confidant_client/cli.py
@@ -597,6 +597,14 @@ def _parse_args():
         type=str,
         dest='resource_id',
         default=None,
+        help='The actual name of the resource to generate a JWT for',
+    )
+    get_jwt.add_argument(
+        '--expiry',
+        type=int,
+        dest='expiry',
+        default=None,
+        help='The expiry of the JWT in seconds',
     )
     return parser.parse_args()
 
@@ -795,7 +803,8 @@ def main():
             logging.exception('An unexpected general error occurred.')
     elif args.subcommand == 'get_jwt':
         try:
-            ret = client.get_jwt(args.environment, args.resource_id)
+            ret = client.get_jwt(args.environment, args.resource_id,
+                                 args.expiry)
         except Exception:
             logging.exception('An unexpected general error occurred.')
 
diff --git a/setup.py b/setup.py
index 6312b59..29ecb89 100644
--- a/setup.py
+++ b/setup.py
@@ -18,7 +18,7 @@
 
 setup(
     name="confidant-client",
-    version="2.5.4",
+    version="2.6.4",
     packages=find_packages(exclude=["test*"]),
     install_requires=[
         # Boto3 is the Amazon Web Services (AWS) Software Development Kit (SDK)
diff --git a/tests/unit/confidant_client/client_test.py b/tests/unit/confidant_client/client_test.py
index 2612e39..49cd2be 100644
--- a/tests/unit/confidant_client/client_test.py
+++ b/tests/unit/confidant_client/client_test.py
@@ -876,7 +876,7 @@ def test_get_jwt_no_resource(self):
         client.request_session.request = mock_200
 
         self.assertEqual(
-            client.get_jwt('development', None),
+            client.get_jwt('development', None, None),
             {'result': True}
         )
         client.request_session.request.assert_called_with(
@@ -901,7 +901,7 @@ def test_get_jwt(self):
         client.request_session.request = mock_200
 
         self.assertEqual(
-            client.get_jwt('development', 'test-resource'),
+            client.get_jwt('development', 'test-resource', None),
             {'result': True}
         )
         client.request_session.request.assert_called_with(
@@ -912,3 +912,28 @@ def test_get_jwt(self):
             timeout=5,
             params={'environment': 'development'},
         )
+
+    def test_get_jwt_creation(self):
+        client = confidant_client.ConfidantClient(
+            'http://localhost',
+            'alias/authnz-testing',
+            {'from': 'confidant-unittest',
+             'to': 'test',
+             'user_type': 'service'},
+        )
+        token_mock = MagicMock()
+        client._get_token = token_mock
+        client.request_session.request = mock_200
+
+        self.assertEqual(
+            client.get_jwt('development', 'test-resource', 3600),
+            {'result': True}
+        )
+        client.request_session.request.assert_called_with(
+            'GET',
+            'http://localhost/v1/jwks/token/test-resource/3600',
+            auth=('2/service/confidant-unittest', token_mock()),
+            allow_redirects=False,
+            timeout=5,
+            params={'environment': 'development'},
+        )