diff --git a/src/main/jwt_full/jws.nim b/src/main/jwt_full/jws.nim
index 943e60a..1268d74 100644
--- a/src/main/jwt_full/jws.nim
+++ b/src/main/jwt_full/jws.nim
@@ -140,7 +140,7 @@ proc sign*(
   result.compactSerialization =
     some($header & "." & result.payloadB64 & "." & signatureB64)
 
-proc sign*(claims: JwtClaims, header: JoseHeader, key: JWK): JWS =
+proc sign*(claims: JwtClaims, header: JoseHeader, key: JWK | string): JWS =
   ## Create a JWS signing a set of JWT claims. The returned JWS will be a valid
   ## JWT.
   sign($claims, header, key, payloadIsB64Encoded = true)
diff --git a/src/main/jwt_full/jwt.nim b/src/main/jwt_full/jwt.nim
index 77a61a7..65c229c 100644
--- a/src/main/jwt_full/jwt.nim
+++ b/src/main/jwt_full/jwt.nim
@@ -64,10 +64,17 @@ proc toJWT*(encoded: string): JWT = initJWT(encoded)
 proc createSignedJwt*(
     header: JoseHeader,
     claims: JwtClaims,
-    key: JWK
+    key: JWK | string
   ): JWT =
   ## Create a new JWT with the given header, claims, and signed with the given
   ## key.
+  ##
+  ## *header* can be easily created with `initJoseHeader <>`_.
+  ## *claims* can be easily created with `initClaims <>`_.
+  ## *key* is expected to be either a `JWK <>`_ or a string. If a string is
+  ## supplied, it is expected to be the binary value of the key when using
+  ## HSxxx algorithms, and a PEM representing the private key for RSxxx and
+  ## ECxxx algorithms.
 
   result = JWT(
     kind: jkJWS,
@@ -85,7 +92,7 @@ proc validateTimeClaims*(jwt: JWT) =
 proc validate*(
     jwt: JWT,
     sigAlg: JwtAlgorithm,
-    key: JWK,
+    key: JWK | string,
     validateTimeClaims = true
   ) =
 
@@ -101,7 +108,7 @@ proc validate*(
 proc tryValidate*(
     jwt: JWT,
     sigAlg: JwtAlgorithm,
-    key: JWK,
+    key: JWK | string,
     validateTimeClaims = true
   ): bool =