diff --git a/modules/ROOT/pages/configuration/configuration-settings.adoc b/modules/ROOT/pages/configuration/configuration-settings.adoc
index e02670b35..eadd1e3ad 100644
--- a/modules/ROOT/pages/configuration/configuration-settings.adoc
+++ b/modules/ROOT/pages/configuration/configuration-settings.adoc
@@ -4716,6 +4716,20 @@ a|A boolean.
 m|+++false+++
 |===
 
+[role=label--enterprise-edition label--new-2025.10]
+[[config_dbms.security.allow_oidc_credential_forwarding_enabled]]
+=== `dbms.security.allow_oidc_credential_forwarding_enabled`
+
+.dbms.security.allow_oidc_credential_forwarding_enabled
+[frame="topbot", stripes=odd, grid="cols", cols="<1s,<4"]
+|===
+|Description
+a|When set to `true`, remote database aliases are allowed to forward OIDC credentials to authenticate on remote Neo4j DBMS. When set to `false`, OIDC credentials are not allowed to be forwarded to remote DBMS. Existing aliases that rely on this method remain defined but cannot be used to connect until this setting is enabled.
+|Valid values
+a|A boolean.
+|Default value
+m|+++false+++
+|===
 
 [[config_dbms.netty.ssl.provider]]
 === `dbms.netty.ssl.provider`