diff --git a/examples/python/data_transmission/alts_client.py b/examples/python/data_transmission/alts_client.py
index e3ddb281930..0bfcede9465 100644
--- a/examples/python/data_transmission/alts_client.py
+++ b/examples/python/data_transmission/alts_client.py
@@ -11,7 +11,9 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
-"""The example of using ALTS credentials to setup gRPC client."""
+"""The example of using ALTS credentials to setup gRPC client.
+
+The example would only successfully run in GCP environment."""
 
 import grpc
 
diff --git a/examples/python/data_transmission/alts_server.py b/examples/python/data_transmission/alts_server.py
index e91a1545377..4f7b84d9ca6 100644
--- a/examples/python/data_transmission/alts_server.py
+++ b/examples/python/data_transmission/alts_server.py
@@ -11,7 +11,9 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
-"""The example of using ALTS credentials to setup gRPC server in python."""
+"""The example of using ALTS credentials to setup gRPC server in python.
+
+The example would only successfully run in GCP environment."""
 
 from concurrent import futures
 
diff --git a/src/python/grpcio/grpc/__init__.py b/src/python/grpcio/grpc/__init__.py
index ac17c53d6e9..7d5d85f26ef 100644
--- a/src/python/grpcio/grpc/__init__.py
+++ b/src/python/grpcio/grpc/__init__.py
@@ -1837,9 +1837,16 @@ def alts_channel_credentials(service_accounts=[]):
     """Creates a ChannelCredentials for use with an ALTS-enabled Channel.
 
     This is an EXPERIMENTAL API.
+    ALTS credentials API can only be used in GCP environment as it relies on
+    handshaker service being available. For more info about ALTS see
+    https://cloud.google.com/security/encryption-in-transit/application-layer-transport-security
 
     Args:
-      service_accounts: list of strings, target service accounts
+      service_accounts: A list of server identities accepted by the client.
+        If target service accounts are provided and none of them matches the
+        peer identity of the server, handshake will fail. The arg can be empty
+        if the client does not have any information about trusted server
+        identity.
     Returns:
       A ChannelCredentials for use with an ALTS-enabled Channel
     """
@@ -1847,9 +1854,12 @@ def alts_channel_credentials(service_accounts=[]):
 
 
 def alts_server_credentials():
-    """Creates a ServerCredentials for use with an ALTS-enabled connections.
+    """Creates a ServerCredentials for use with an ALTS-enabled connection.
 
     This is an EXPERIMENTAL API.
+    ALTS credentials API can only be used in GCP environment as it relies on
+    handshaker service being available. For more info about ALTS see
+    https://cloud.google.com/security/encryption-in-transit/application-layer-transport-security
  
     Returns:
       A ServerCredentials for use with an ALTS-enabled Server