diff --git a/docs/man/policy/kas-registry/create.md b/docs/man/policy/kas-registry/create.md
index 4a40452d..9ca7dced 100644
--- a/docs/man/policy/kas-registry/create.md
+++ b/docs/man/policy/kas-registry/create.md
@@ -27,6 +27,11 @@ command:
       default: ''
 ---
 
+:::warning Deprecated flags
+`--public-keys` and `--public-key-remote` are deprecated and will be removed in an upcoming release.
+Use `otdfctl policy kas-registry key create` to manage KAS keys instead.
+:::
+
 ## Examples
 
 ```shell
diff --git a/docs/man/policy/kas-registry/update.md b/docs/man/policy/kas-registry/update.md
index a95ad29c..c30f3de8 100644
--- a/docs/man/policy/kas-registry/update.md
+++ b/docs/man/policy/kas-registry/update.md
@@ -14,10 +14,10 @@ command:
       description: URI of the Key Access Server
     - name: public-keys
       shorthand: c
-      description: One or more 'cached' public keys saved for the KAS
+      description: "(Deprecated: Use otdfctl policy kas-registry key) One or more 'cached' public keys saved for the KAS"
     - name: public-key-remote
       shorthand: r
-      description: URI of the 'remote' public key of the Key Access Server
+      description: "(Deprecated: Use otdfctl policy kas-registry key) URI of the 'remote' public key of the Key Access Server"
     - name: name
       shorthand: n
       description: Optional name of the registered KAS (must be unique within Policy)
@@ -30,7 +30,12 @@ command:
       default: false
 ---
 
-Update the `uri`, `metadata`, or key material (remote/cached) for a KAS registered to the platform.
+Update the `uri`, `metadata`, or name for a KAS registered to the platform.
+
+:::warning Deprecated flags
+`--public-keys` and `--public-key-remote` are deprecated and will be removed in an upcoming release.
+Use `otdfctl policy kas-registry key` commands to manage KAS keys instead.
+:::
 
 If resource data has been TDFd utilizing key splits from the registered KAS, deletion from
 the registry (and therefore any associated grants) may prevent decryption depending on the
@@ -40,8 +45,8 @@ Make sure you know what you are doing.
 
 For more information about registration of Key Access Servers, see the manual for `kas-registry`.
 
-## Example 
+## Example
 
 ```shell
-otdfctl policy kas-registry update --id 3c39618a-cd8c-48cf-a60c-e8a2f4be4dd5 --name example-kas2-newname --public-key-remote "https://example.com/kas2/new_public_key"
+otdfctl policy kas-registry update --id 3c39618a-cd8c-48cf-a60c-e8a2f4be4dd5 --name example-kas2-newname
 ```