From c67492fd72b3d14da2ad15aa3e6a3f788d9c6446 Mon Sep 17 00:00:00 2001
From: Steven Martin <steven@goteleport.com>
Date: Tue, 10 Sep 2024 11:59:02 -0400
Subject: [PATCH] docs: correct user ca rotation (#46431)

---
 docs/pages/admin-guides/management/security/revoking-access.mdx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/pages/admin-guides/management/security/revoking-access.mdx b/docs/pages/admin-guides/management/security/revoking-access.mdx
index f9ece36815f1..6a80cc471ef2 100644
--- a/docs/pages/admin-guides/management/security/revoking-access.mdx
+++ b/docs/pages/admin-guides/management/security/revoking-access.mdx
@@ -12,7 +12,7 @@ There are two options available for revoking access: CA rotations and Teleport l
 ## CA rotations
 
 To generate a new certificate authority and invalidate user certificates issued
-by the current CA, run `tctl auth rotate --type-user`. This process will require
+by the current CA, run `tctl auth rotate --type=user`. This process will require
 that the newly generated CA certificate is uploaded to your entire fleet of
 OpenSSH servers. This can be a disruptive change, especially in environments
 that lack automation, so proceed with caution.