diff --git a/docs/settings/SSO.md b/docs/settings/SSO.md
index 4637cd2..a3fc082 100644
--- a/docs/settings/SSO.md
+++ b/docs/settings/SSO.md
@@ -106,8 +106,9 @@ In the [settings screen](./global.md), navigate to the *Login Settings* panel. H
 | Setting | Description |
 | --- | --- |
 | Enable SSO | Enable this option to allow single sign on for user login |
-| Enable registration | Allow users to self-register |
+| Enable SSO registration | Allow users to self-register with SSO |
 | Auto-fill SSO users | Automatically fill out user account data with information provided by external SSO app |
+| Allowed domains | Optionally restrict signup to certain domains |
 
 ### Configure Email
 
diff --git a/docs/settings/global.md b/docs/settings/global.md
index d71aec2..00acaf8 100644
--- a/docs/settings/global.md
+++ b/docs/settings/global.md
@@ -36,12 +36,15 @@ Change how logins, password-forgot, signups are handled.
 | --- | --- | --- | --- |
 | Enable registration | Boolean | Enable self-registration for users on the login-pages | False |
 | Enable SSO | Boolean | Enable SSO on the login-pages | False |
+| Enable SSO registration | Boolean | Enable self-registration for users via SSO on the login-pages | False |
 | Enable password forgot | Boolean | Enable password forgot function on the login-pages.<br><br>This will let users reset their passwords on their own. For this feature to work you need to configure E-mail | True |
 | E-Mail required | Boolean | Require user to supply e-mail on signup.<br><br>Without a way (e-mail) to contact the user notifications and security features might not work! | False |
 | Enforce MFA | Boolean | Users must use multifactor security.<br><br>This forces each user to setup MFA and use it on each autentication | False |
 | Mail twice | Boolean | On signup ask users twice for their mail | False |
 | Password twice | Boolean | On signup ask users twice for their password | True |
 | Auto-fill SSO users | Boolean | Automatically fill out user-details from SSO account-data.<br><br>If this feature is enabled the user is only asked for their username, first- and surname if those values can not be gathered from their SSO profile. This might lead to unwanted usernames bleading over. | True |
+| Allowed domains | String | Restrict signup to certain domains (comma-separated, starting with @) |  |
+
 
 ### Barcodes