From ef969a6c722ca5081dafd11b5598cb106368798a Mon Sep 17 00:00:00 2001
From: Noah Stride <noah.stride@goteleport.com>
Date: Wed, 4 Dec 2024 16:13:03 +0000
Subject: [PATCH 1/2] Add documentation remark on the static_jwks option for
 the GHES provision token

---
 docs/pages/includes/provision-token/github-spec.mdx | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/docs/pages/includes/provision-token/github-spec.mdx b/docs/pages/includes/provision-token/github-spec.mdx
index 3b252c185af86..c230b30c54541 100644
--- a/docs/pages/includes/provision-token/github-spec.mdx
+++ b/docs/pages/includes/provision-token/github-spec.mdx
@@ -22,6 +22,16 @@ spec:
     # this value should be configured to the hostname of your GHES instance.
     enterprise_server_host: ghes.example.com
 
+    # static_jwks allows the JSON Web Key Set (JWKS) used to verify the token
+    # issued by GitHub Actions to be overridden. This can be used in scenarios
+    # where the Teleport Auth Server is unable to reach a GHES server.
+    #
+    # This field is optional and should only be used with GitHub Enterprise
+    # Server. When unspecified, the JWKS will be fetched automatically using the
+    # GHES server specified in `enterprise_server_host`.
+    static_jwks: |
+      {"keys":[--snip--]}
+
     # enterprise_slug allows the slug of a GitHub Enterprise organisation to be
     # included in the expected issuer of the OIDC tokens. This is for
     # compatibility with the include_enterprise_slug option in GHE.

From 72ec0fb121824e67069c93a3929fff9b8ea45197 Mon Sep 17 00:00:00 2001
From: Noah Stride <noah.stride@goteleport.com>
Date: Wed, 4 Dec 2024 23:00:10 +0000
Subject: [PATCH 2/2] Update
 docs/pages/includes/provision-token/github-spec.mdx

Co-authored-by: Paul Gottschling <paul.gottschling@goteleport.com>
---
 docs/pages/includes/provision-token/github-spec.mdx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/pages/includes/provision-token/github-spec.mdx b/docs/pages/includes/provision-token/github-spec.mdx
index c230b30c54541..9e86dfa0694df 100644
--- a/docs/pages/includes/provision-token/github-spec.mdx
+++ b/docs/pages/includes/provision-token/github-spec.mdx
@@ -24,7 +24,7 @@ spec:
 
     # static_jwks allows the JSON Web Key Set (JWKS) used to verify the token
     # issued by GitHub Actions to be overridden. This can be used in scenarios
-    # where the Teleport Auth Server is unable to reach a GHES server.
+    # where the Teleport Auth Service is unable to reach a GHES server.
     #
     # This field is optional and should only be used with GitHub Enterprise
     # Server. When unspecified, the JWKS will be fetched automatically using the