diff --git a/src/Core/Auth/Entities/OpaqueKeyExchangeCredential.cs b/src/Core/Auth/Entities/OpaqueKeyExchangeCredential.cs
index 24a37d156b..e3268caad6 100644
--- a/src/Core/Auth/Entities/OpaqueKeyExchangeCredential.cs
+++ b/src/Core/Auth/Entities/OpaqueKeyExchangeCredential.cs
@@ -23,9 +23,22 @@ public class OpaqueKeyExchangeCredential : ITableObject<Guid>
     /// iterations of the specifics of the OPAQUE implementation.
     /// </summary>
     public string CredentialBlob { get; set; }
+
+    /// <summary>
+    /// User key encapsulated OPAQUE credential public key (used for user key rotation enablement).
+    /// </summary>
     public string EncryptedPublicKey { get; set; }
+
+    /// <summary>
+    ///  The OPAQUE clientside export key encapsulated OPAQUE credential private key.
+    /// The client uses the export key to decrypt the private key and then decrypt the user key.
+    /// </summary>
     public string EncryptedPrivateKey { get; set; }
 
+    /// <summary>
+    /// The OPAQUE Credential Public key encapsulated user key.
+    /// The client uses the private key to decrypt the user key.
+    /// </summary>
     public string EncryptedUserKey { get; set; }
     /// <summary>
     /// Date credential was created. When we update we are creating a new key set so in effect we are creating a new credential.