After following setup instructions for a RHEL 8 tang/clevis infrastructure and everything was working (https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/system_design_guide/configuring-automated-unlocking-of-encrypted-volumes-using-policy-based-decryption_system-design-guide), I found that nearly all documentation for both tang and clevis is extremely bare-bones, only for initial setup, sometimes incorrect or vague, and doesn't every include how to verify settings. (Online and man pages and help texts.)
For example, once I've bound a luks volume to clevis using tang as a pin, there is no [easy] way to retrieve a human readable policy. (Answer the question: How many necessary and of what kind of pins can unlock this device? If it is a tang pin, then what URLs?) As such, I can show that the LUKS keyslots are in use and that those keyslots have clevis metadata, but I have no ability to decode the clevis metadata for inspection, though it must be accessible or clevis/jose would not know how to unlock the device.
Additionally, and maybe related since this all may be a documentation issue, the clevis and tang and jose man pages are woefully slim, do not define acronyms for new users ("JWE" and "PT", etc.), have actual errors in them (clevis-decrypt(1) even says that there are no parameters but the SYNOPSIS has a parameter and also references itself in the SEE ALSO section.), and are generally disorganized and have small typos. (jose-fmt(1) is nearly impossible to find parameters as they are neither alphabetized nor ordered within their [my assumption] grouped functionality, along with extra space(s) in the Overview, etc.) .