diff --git a/website/content/api-docs/secret/pki/index.mdx b/website/content/api-docs/secret/pki/index.mdx
index abe7c34af2..889438116e 100644
--- a/website/content/api-docs/secret/pki/index.mdx
+++ b/website/content/api-docs/secret/pki/index.mdx
@@ -2758,6 +2758,29 @@ do so, import a new issuer and a new `issuer_id` will be assigned.
~> **Note**: If no cluster-local address is present and templating is used,
issuance will fail.
+- `disable_critical_extension_checks` `(bool: false)` - This determines whether this issuer is able
+ to issue certificates where the chain of trust (including the issued
+ certificate) contain critical extensions not processed by vault, breaking the
+ behavior required by [RFC 5280 Section 6.1](https://www.rfc-editor.org/rfc/rfc5280#section-6.1).
+
+- `disable_path_length_checks` `(bool: false)` - This determines whether this issuer is able
+ to issue certificates where the chain of trust (including the final issued
+ certificate) is longer than allowed by a certificate authority in that chain,
+ breaking the behavior required by
+ [RFC 5280 Section 4.2.1.9](https://www.rfc-editor.org/rfc/rfc5280#section-4.2.1.9).
+
+- `disable_name_checks` `(bool: false)` - This determines whether this issuer is able
+ to issue certificates where the chain of trust (including the final issued
+ certificate) contains a link in which the subject of the issuing certificate
+ does not match the named issuer of the certificate it signed, breaking the
+ behavior required by [RFC 5280 Section 4.1.2.4](https://www.rfc-editor.org/rfc/rfc5280#section-4.1.2.4).
+
+- `disable_name_constraint_checks` `(bool: false)` - This determines whether this issuer is able
+ to issue certificates where the chain of trust (including the final issued
+ certificate) violates the name constraints critical extension of one of the
+ issuer certificates in the chain, breaking the behavior required by
+ [RFC 5280 Section 4.2.1.10](https://www.rfc-editor.org/rfc/rfc5280#section-4.2.1.10).
+
#### Sample payload
```json