diff --git a/source/connect/advanced-connection-options/authentication-connection.txt b/source/connect/advanced-connection-options/authentication-connection.txt
index 2326bd9b4..d2ba1cc21 100644
--- a/source/connect/advanced-connection-options/authentication-connection.txt
+++ b/source/connect/advanced-connection-options/authentication-connection.txt
@@ -133,6 +133,13 @@ Procedure
              settings, |compass-short| uses the same proxy to connect to both 
              the cluster and identity provider.
 
+         * - Send a nonce in the Auth Code Request
+           - Optional. Includes a random nonce as a part of the auth code 
+             request to prevent replay attacks. Enabled by default.
+
+             The nonce is an important security component. Only disable this
+             setting if it is not supported by your OIDC provider.
+
       .. _x509:
 
       X.509