diff --git a/website/source/docs/auth/cert.html.md b/website/source/docs/auth/cert.html.md
index da978fc60..3fb319fe8 100644
--- a/website/source/docs/auth/cert.html.md
+++ b/website/source/docs/auth/cert.html.md
@@ -19,10 +19,22 @@ from an external source.
 
 ## Authentication
 
+### Via the CLI
+```
+vault auth -method=cert \
+  -ca-cert=ca.pem -client-cert=cert.pem -client-key=key.pem
+```
+
+### Via the API
 The endpoint for the login is `/login`. The client simply connects with their TLS
 certificate and when the login endpoint is hit, the auth backend will determine
 if there is a matching trusted certificate to authenticate the client.
 
+```
+curl --cacert ca.pem --cert cert.pem --key key.pem \
+  $VAULT_ADDR/v1/auth/cert/login -XPOST
+```
+
 ## Configuration
 
 First, you must enable the certificate auth backend: