diff --git a/README.md b/README.md
index 253c68a..5dff5aa 100644
--- a/README.md
+++ b/README.md
@@ -110,7 +110,7 @@ For the full capability breakdown — revocation infrastructure (CRL + OCSP), po
 | SSH (Agentless) | Beta | `SSH` |
 | Windows Cert Store | Implemented | `WinCertStore` |
 | Java Keystore | Implemented | `JavaKeystore` |
-| Kubernetes Secrets | Beta | `KubernetesSecrets` |
+| Kubernetes Secrets | Coming in 2.1 | `KubernetesSecrets` |
 
 ### Notifiers
 | Notifier | Status | Type |
diff --git a/docs/connectors.md b/docs/connectors.md
index 8511fc7..9670067 100644
--- a/docs/connectors.md
+++ b/docs/connectors.md
@@ -962,7 +962,9 @@ The Java Keystore connector deploys certificates to JKS or PKCS#12 keystores via
 
 Location: `internal/connector/target/javakeystore/javakeystore.go`
 
-### Kubernetes Secrets
+### Kubernetes Secrets (Coming in 2.1)
+
+> **Status:** Config validation, tests, UI, and Helm RBAC are implemented. The Kubernetes API client (`k8s.io/client-go`) integration is not yet wired — runtime deployment will be available in v2.1.0.
 
 The Kubernetes Secrets connector deploys certificates as `kubernetes.io/tls` Secrets, compatible with Ingress controllers (nginx-ingress, Traefik, HAProxy), service meshes (Istio, Linkerd), and any Kubernetes workload that reads TLS Secrets.
 
diff --git a/web/src/api/client.ts b/web/src/api/client.ts
index 84b124b..60d5862 100644
--- a/web/src/api/client.ts
+++ b/web/src/api/client.ts
@@ -177,7 +177,7 @@ export const markNotificationRead = (id: string) =>
 
 // Audit
 export const getAuditEvents = (params: Record<string, string> = {}) => {
-  const qs = new URLSearchParams({ page: '1', per_page: '50', ...params }).toString();
+  const qs = new URLSearchParams({ page: '1', per_page: '200', ...params }).toString();
   return fetchJSON<PaginatedResponse<AuditEvent>>(`${BASE}/audit?${qs}`);
 };