diff --git a/docs/sources/auth/azuread.md b/docs/sources/auth/azuread.md
index 7fd8317d77f..fd5d604fd40 100644
--- a/docs/sources/auth/azuread.md
+++ b/docs/sources/auth/azuread.md
@@ -118,7 +118,7 @@ allowed_groups = 8bab1c86-8fba-33e5-2089-1d1c80ec267d
 You'll need to ensure that you've [enabled group attributes](https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-fed-group-claims#configure-the-azure-ad-application-registration-for-group-attributes) in your Azure AD Application Registration manifest file (Azure Portal -> Azure Active Directory -> Application Registrations -> Select Application -> Manifest)
 
 ```json
-"groupMembershipClaims": "ApplicationGroup"
+"groupMembershipClaims": "ApplicationGroup, SecurityGroup"
 ```
 
 The `allowed_domains` option limits access to the users belonging to the specific domains. Domains should be separated by space or comma.