From 845d74fb21d94f50747a97454df516d54f377a59 Mon Sep 17 00:00:00 2001
From: Nate Rini <nate@schedmd.com>
Date: Wed, 2 Dec 2020 13:58:32 -0600
Subject: [PATCH] Docs - man slurm.conf - Add more information on "auth/jwt"

Bug 9310
---
 doc/man/man5/slurm.conf.5 | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/doc/man/man5/slurm.conf.5 b/doc/man/man5/slurm.conf.5
index 54eb1883d69..22831102c02 100644
--- a/doc/man/man5/slurm.conf.5
+++ b/doc/man/man5/slurm.conf.5
@@ -346,7 +346,16 @@ value for this option is "YES" for Cray systems and "NO" for other system types.
 .TP
 \fBAuthAltTypes\fR
 Comma separated list of alternative authentication plugins that the slurmctld
-will permit for communication. Acceptable values at present include "auth/jwt".
+will permit for communication. Acceptable values at present include
+\fIauth/jwt\fR.
+
+\fBNOTE\fR: \fIauth/jwt\fR requires a jwt_hs256.key to be populated in the
+\fBStateSaveLocation\fR directory for \fBslurmctld\fR only. The jwt_hs256.key
+should only be visible to the SlurmUser and root. It is not suggested to place
+the jwt_hs256.key on any nodes but the controller running \fBslurmctld\fR.
+\fIauth/jwt\fR can be activated by the presence of the \fISLURM_JWT\fR
+environment variable.  When activated, it will override the default
+\fBAuthType\fR.
 
 .TP
 \fBAuthAltParameters\fR
-- 
GitLab