Add vault docs

docs/cli/commands/commands.mdx

@@ -9,7 +9,7 @@ title: "Commands"
 | `login` | Used to authenticate and set the logged in user.                     |
 | `init`  | Used to link a local project to the platform.                        |
 | `run`   | Used to inject envars from the platform into an application process. |
-
+| `vault` | Used to manage where your login credentials are stored at rest       |
 ## Global options
 
 | Option            | Description                                     |

docs/cli/commands/login.mdx

@@ -7,7 +7,5 @@ infisical login
 ```
 
 ## Description
-
-Verify a user and save credentials to the system keyring.
-
-To change the logged in user, run the command again to overwrite the previous login.
+The CLI uses authentication to verify your identity. When you enter the correct email and password for your account, a token is generated and saved in your system Keyring to allow you to make future interactions with the CLI. 
+If you want to change where the login credentials are stored, visit the [vaults command](./vault)

docs/cli/commands/vault.mdx

@@ -0,0 +1,52 @@
+---
+title: "infisical vault"
+---
+
+<Tabs>
+  <Tab title="View current Vault">
+    ```bash
+    infisical vault 
+
+    # Example output
+    The following vaults are available on your system:
+    - keychain
+    - pass
+    - file
+
+    You are currently using [keychain] vault to store your login credentials
+    ```
+  </Tab>
+
+  <Tab title="Switch vault">
+    ```bash
+    infisical vault set <name-of-vault>
+
+    # Example 
+    infisical vault set keychain
+    ```
+  </Tab>
+</Tabs>
+
+
+## Description
+
+To ensure secure storage of your login credentials when using the CLI, Infisical saves them to a password manager if one is detected. 
+If a password manager is not available, your credentials are stored in an encrypted text file. 
+
+
+<Accordion title="Supported password managers" defaultOpen="true">
+  By default, the most appropriate password manager is chosen to store your login credentials. 
+  For example, if you are on macOS, KeyChain will be automatically selected.
+
+- [macOS Keychain](https://support.apple.com/en-au/guide/keychain-access/welcome/mac)
+- [Windows Credential Manager](https://support.microsoft.com/en-au/help/4026814/windows-accessing-credential-manager)
+- Secret Service ([Gnome Keyring](https://wiki.gnome.org/Projects/GnomeKeyring), [KWallet](https://kde.org/applications/system/org.kde.kwalletmanager5))
+- [KWallet](https://kde.org/applications/system/org.kde.kwalletmanager5)
+- [Pass](https://www.passwordstore.org/)
+- [KeyCtl]()
+- Encrypted file (JWT)
+</Accordion>
+
+<Tip>To avoid constantly entering your passphrase when using the `file` vault type, set the `INFISICAL_VAULT_FILE_PASSPHRASE` environment variable with your password in your shell</Tip>
+
+

docs/cli/usage.mdx

@@ -4,10 +4,27 @@ title: "Usage"
 
 Prerequisite: [Install the CLI](/cli/overview)
 
+## Authenticate
+<Tabs>
+  <Tab title="Local development">
+    To use the Infisical CLI in your development environment, you can run the command below.
+    This will allow you to access the features and functionality provided by the CLI.
+
+    ```bash 
+    infisical login 
+    ```
+  </Tab>
+
+  <Tab title="Infisical Token">
+    To use Infisical CLI in environments where you cannot run the `infisical login` command, you can authenticate via a
+    Infisical Token instead. Learn more about [Infisical Token](../getting-started/dashboard/token).
+  </Tab>
+</Tabs>
+
 ## Initialize Infisical for your project
 
 ```bash
-# move to your project
+# navigate to your project
 cd /path/to/project
 
 # initialize infisical

docs/getting-started/dashboard/token.mdx

@@ -11,6 +11,12 @@ To generate the the token, head over to your project settings as shown below.
 
 ![token add](../../images/project-token-add.png)
 
+## Feeding Infisical Token to the CLI
+
+The Infisical CLI checks for the presence of an environment variable called `INFISICAL_TOKEN`. 
+If it detects this variable in the terminal where it is being run, it will use it to authenticate and retrieve the environment variables that the token is authorized to access.
+This allows you to use the CLI in environments where you are unable to run the `infisical login` command.
+
 <Note>
   The token grants read-only access to a particular environment and project for
   a specified amount of time. Once the token is expired, the CLI using it will no longer be able to make

docs/mint.json

@@ -94,7 +94,8 @@
             "cli/commands/login",
             "cli/commands/init",
             "cli/commands/run",
-            "cli/commands/export"
+            "cli/commands/export",
+            "cli/commands/vault"
           ]
         }
       ]