Clarify that keybase is supported only in the CLI (#3744)

2026-05-05 20:36:26 +02:00 · 2018-01-03 18:18:38 +02:00 · 2018-01-03 18:18:38 +02:00 · ec8befbaac
commit ec8befbaac
parent ad0a39dfe1
1 changed files with 8 additions and 0 deletions
--- a/website/source/docs/concepts/pgp-gpg-keybase.html.md
+++ b/website/source/docs/concepts/pgp-gpg-keybase.html.md
@ -16,6 +16,14 @@ and services like Keybase.io to provide an additional layer of security when
 performing certain operations.  This page details the various PGP integrations,
 their use, and operation.

+Keybase.io support is available only in the command-line tool and not via the
+Vault HTTP API, tools that help with initialization should use the Keybase.io
+API in order to obtain the GPG keys needed for a secure initialization if you
+want them to use Keybase for keys.
+
+Once the Vault has been initialized, it is possible to use Keybase to decrypt
+the shards and unseal normally.
+
 ## Initializing with PGP
 One of the early fundamental problems when bootstrapping and initializing Vault
 was that the first user (the initializer) received a plain-text copy of all of