Update CLI documentation (#458)

Co-authored-by: EthanHeilman <274814+EthanHeilman@users.noreply.github.com>

Author: github-actions[bot]

docs/cli/opkssh.md

@@ -38,4 +38,4 @@ opkssh [flags]
 * [opkssh readhome](opkssh_readhome.md)	 - Read the principal's home policy file
 * [opkssh verify](opkssh_verify.md)	 - Verify an SSH key (used by sshd AuthorizedKeysCommand)
 
-###### Auto generated by spf13/cobra on 19-Jan-2026
+###### Auto generated by spf13/cobra on 21-Jan-2026

docs/cli/opkssh_add.md

@@ -36,4 +36,4 @@ opkssh add <principal> <email|sub|group> <issuer> [flags]
 
 * [opkssh](opkssh.md)	 - SSH with OpenPubkey
 
-###### Auto generated by spf13/cobra on 19-Jan-2026
+###### Auto generated by spf13/cobra on 21-Jan-2026

docs/cli/opkssh_audit.md

@@ -42,4 +42,4 @@ opkssh audit [flags]
 
 * [opkssh](opkssh.md)	 - SSH with OpenPubkey
 
-###### Auto generated by spf13/cobra on 19-Jan-2026
+###### Auto generated by spf13/cobra on 21-Jan-2026

docs/cli/opkssh_client.md

@@ -19,4 +19,4 @@ Interact with client configuration
 * [opkssh](opkssh.md)	 - SSH with OpenPubkey
 * [opkssh client provider](opkssh_client_provider.md)	 - Interact with provider configuration
 
-###### Auto generated by spf13/cobra on 19-Jan-2026
+###### Auto generated by spf13/cobra on 21-Jan-2026

docs/cli/opkssh_client_provider.md

@@ -19,4 +19,4 @@ Interact with provider configuration
 * [opkssh client](opkssh_client.md)	 - Interact with client configuration
 * [opkssh client provider list](opkssh_client_provider_list.md)	 - List configured providers
 
-###### Auto generated by spf13/cobra on 19-Jan-2026
+###### Auto generated by spf13/cobra on 21-Jan-2026

docs/cli/opkssh_client_provider_list.md

@@ -23,4 +23,4 @@ opkssh client provider list [flags]
 
 * [opkssh client provider](opkssh_client_provider.md)	 - Interact with provider configuration
 
-###### Auto generated by spf13/cobra on 19-Jan-2026
+###### Auto generated by spf13/cobra on 21-Jan-2026

docs/cli/opkssh_inspect.md

@@ -22,4 +22,4 @@ opkssh inspect <path> [flags]
 
 * [opkssh](opkssh.md)	 - SSH with OpenPubkey
 
-###### Auto generated by spf13/cobra on 19-Jan-2026
+###### Auto generated by spf13/cobra on 21-Jan-2026

docs/cli/opkssh_login.md

@@ -28,23 +28,24 @@ opkssh login [alias] [flags]
 ### Options
 
 ```
-      --auto-refresh              Automatically refresh PK token after login
-      --config-path string        Path to the client config file. Default: ~/.opk/config.yml on linux and %APPDATA%\.opk\config.yml on windows
-      --configure                 Apply changes to ssh config and create ~/.ssh/opkssh directory
-      --create-config             Creates a client config file if it does not exist
-      --disable-browser-open      Set this flag to disable opening the browser. Useful for choosing the browser you want to use
-  -h, --help                      help for login
-  -t, --key-type Key Type         Type of key to generate (default ecdsa)
-      --log-dir string            Directory to write output logs
-      --print-id-token            Set this flag to print out the contents of the id_token. Useful for inspecting claims
-  -p, --print-key                 Print private key and SSH cert instead of writing them to the filesystem
-  -i, --private-key-file string   Path where private keys is written
-      --provider string           OpenID Provider specification in the format: <issuer>,<client_id> or <issuer>,<client_id>,<client_secret> or <issuer>,<client_id>,<client_secret>,<scopes>
-      --send-access-token         Set this flag to send the Access Token as well as the PK Token in the SSH cert. The Access Token is used to call the userinfo endpoint to get claims not included in the ID Token
+      --auto-refresh                 Automatically refresh PK token after login
+      --config-path string           Path to the client config file. Default: ~/.opk/config.yml on linux and %APPDATA%\.opk\config.yml on windows
+      --configure                    Apply changes to ssh config and create ~/.ssh/opkssh directory
+      --create-config                Creates a client config file if it does not exist
+      --disable-browser-open         Set this flag to disable opening the browser. Useful for choosing the browser you want to use
+  -h, --help                         help for login
+  -t, --key-type Key Type            Type of key to generate (default ecdsa)
+      --log-dir string               Directory to write output logs
+      --print-id-token               Set this flag to print out the contents of the id_token. Useful for inspecting claims
+  -p, --print-key                    Print private key and SSH cert instead of writing them to the filesystem
+  -i, --private-key-file string      Path where private keys is written
+      --provider string              OpenID Provider specification in the format: <issuer>,<client_id> or <issuer>,<client_id>,<client_secret> or <issuer>,<client_id>,<client_secret>,<scopes>
+      --remote-redirect-uri string   Remote redirect URI used for non-localhost redirects. This is an advanced option for embedding opkssh in server-side logic.
+      --send-access-token            Set this flag to send the Access Token as well as the PK Token in the SSH cert. The Access Token is used to call the userinfo endpoint to get claims not included in the ID Token
 ```
 
 ### SEE ALSO
 
 * [opkssh](opkssh.md)	 - SSH with OpenPubkey
 
-###### Auto generated by spf13/cobra on 19-Jan-2026
+###### Auto generated by spf13/cobra on 21-Jan-2026

docs/cli/opkssh_readhome.md

@@ -29,4 +29,4 @@ opkssh readhome <principal> [flags]
 
 * [opkssh](opkssh.md)	 - SSH with OpenPubkey
 
-###### Auto generated by spf13/cobra on 19-Jan-2026
+###### Auto generated by spf13/cobra on 21-Jan-2026

docs/cli/opkssh_verify.md

@@ -51,4 +51,4 @@ opkssh verify <principal> <cert> <key_type> [flags]
 
 * [opkssh](opkssh.md)	 - SSH with OpenPubkey
 
-###### Auto generated by spf13/cobra on 19-Jan-2026
+###### Auto generated by spf13/cobra on 21-Jan-2026