From f2ce14b4b2ec2d50a6affd92018640a385b27b33 Mon Sep 17 00:00:00 2001
From: Yoko Hyakuna <yoko@hashicorp.com>
Date: Wed, 24 Jul 2024 09:00:53 -0700
Subject: [PATCH] [Docs] Minor editorial fixes - "token capabilities" (#27851)

* Minor editorial fixes

* Fix a typo
---
 .../docs/commands/token/capabilities.mdx      | 20 ++++++++++++-------
 1 file changed, 13 insertions(+), 7 deletions(-)

diff --git a/website/content/docs/commands/token/capabilities.mdx b/website/content/docs/commands/token/capabilities.mdx
index dc26fdbad2..265f4707ab 100644
--- a/website/content/docs/commands/token/capabilities.mdx
+++ b/website/content/docs/commands/token/capabilities.mdx
@@ -11,27 +11,33 @@ description: |-
 The `token capabilities` command fetches the capabilities of a token for a given
 path.
 
-If a TOKEN is provided as an argument, this command uses the "/sys/capabilities"
-endpoint and permission. If no TOKEN is provided, this command uses the
-"/sys/capabilities-self" endpoint and permission with the locally authenticated
-token.
+If you pass a token value as an argument, this command uses the
+`/sys/capabilities` endpoint and permission. In the absence of an explicit token
+value, this command uses the `/sys/capabilities-self` endpoint and permission
+with the locally authenticated token.
 
 ## Examples
 
-List capabilities for the local token on the "secret/foo" path:
+List capabilities for the local token on the `secret/foo` path:
 
 ```shell-session
 $ vault token capabilities secret/foo
 read
 ```
 
-List capabilities for a token on the "cubbyhole/foo" path:
+The output shows the local token has read permission on the `secret/foo` path.
+
+List capabilities for a token (`hvs.CAESI...WtiSW5mWUY`) on the `cubbyhole/foo`
+path:
 
 ```shell-session
-$ vault token capabilities 96ddf4bc-d217-f3ba-f9bd-017055595017 database/creds/readonly
+$ vault token capabilities hvs.CAESI...WtiSW5mWUY database/creds/readonly
 deny
 ```
 
+The output shows the token (`hvs.CAESI...WtiSW5mWUY`) has no permission to
+operate on the `cubbyhole/foo` path.
+
 ## Usage
 
 The following flags are available in addition to the [standard set of