From f145c66d22d74093a44f7d00a25d9e37144eb308 Mon Sep 17 00:00:00 2001
From: Jim Kalafut <jkalafut@hashicorp.com>
Date: Mon, 27 Jul 2020 08:51:59 -0700
Subject: [PATCH] Update OIDC docs (#9599)

Clarify that verbose logging is to the server logs.
---
 website/pages/docs/auth/jwt.mdx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/website/pages/docs/auth/jwt.mdx b/website/pages/docs/auth/jwt.mdx
index 1bc7500738..722cf51f3e 100644
--- a/website/pages/docs/auth/jwt.mdx
+++ b/website/pages/docs/auth/jwt.mdx
@@ -230,7 +230,7 @@ EOF
   `cat jwt.json | jq -r .access_token | cut -d. -f2 | base64 -D`
 
 - As of Vault 1.2, the [`verbose_oidc_logging`](/api/auth/jwt#verbose_oidc_logging) role
-  option is available which will log the received OIDC token if debug-level logging is enabled. This can
+  option is available which will log the received OIDC token to the _server_ logs if debug-level logging is enabled. This can
   be helpful when debugging provider setup and verifying that the received claims are what you expect.
   Since claims data is logged verbatim and may contain sensitive information, this option should not be
   used in production.