From 50fbfabe2dfab17071fbc04ba3d51dd99ad01937 Mon Sep 17 00:00:00 2001
From: Jan Larwig <jan@larwig.com>
Date: Sun, 27 Aug 2023 12:12:52 +0200
Subject: [PATCH] add documentation

---
 docs/docs/configuration/auth.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/docs/configuration/auth.md b/docs/docs/configuration/auth.md
index d219a14079..b562db5bd3 100644
--- a/docs/docs/configuration/auth.md
+++ b/docs/docs/configuration/auth.md
@@ -137,7 +137,7 @@ Note: When using the ADFS Auth provider with nginx and the cookie session store
 1.  Create a new project: https://github.com/settings/developers
 2.  Under `Authorization callback URL` enter the correct url ie `https://internal.yourcompany.com/oauth2/callback`
 
-The GitHub auth provider supports two additional ways to restrict authentication to either organization and optional team level access, or to collaborators of a repository. Restricting by these options is normally accompanied with `--email-domain=*`
+The GitHub auth provider supports two additional ways to restrict authentication to either organization and optional team level access, or to collaborators of a repository. Restricting by these options is normally accompanied with `--email-domain=*`. Additionally, all the organizations and teams a user belongs to are set as part of the `X-Forwarded-Groups` header. e.g. `org1:team1,org1:team2,org2:team1`
 
 NOTE: When `--github-user` is set, the specified users are allowed to login even if they do not belong to the specified org and team or collaborators.