diff --git a/website/content/docs/configuration/kms/transit.mdx b/website/content/docs/configuration/kms/transit.mdx
index a55f8ef120..dbc1ab3732 100644
--- a/website/content/docs/configuration/kms/transit.mdx
+++ b/website/content/docs/configuration/kms/transit.mdx
@@ -94,8 +94,9 @@ Authentication-related values must be provided, either as environment
 variables or as configuration parameters.
 
 ~> **Note:** Although the configuration file allows you to pass in
-`VAULT_TOKEN` as part of the KMS's parameters, it is _strongly_ recommended
-to set these values via environment variables.
+`token` as part of the KMS stanza's parameters, it is _strongly_ recommended
+to omit the `token` parameter from the configuration file and set the 
+token used to authenticate to Vault via the `VAULT_TOKEN` environment variable.
 
 The Vault token used to authenticate needs the following permissions on the
 transit key: