diff --git a/docs/self-managed/modeler/web-modeler/configuration/configuration.md b/docs/self-managed/modeler/web-modeler/configuration/configuration.md
index 7471048fc9..96d78a9cd1 100644
--- a/docs/self-managed/modeler/web-modeler/configuration/configuration.md
+++ b/docs/self-managed/modeler/web-modeler/configuration/configuration.md
@@ -114,13 +114,14 @@ Refer to the [advanced logging configuration guide](./logging.md#logging-configu
### Identity / Keycloak
-| Environment variable | Description | Example value | Default value |
-| ----------------------- | ------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------- | ------------- |
-| `OAUTH2_CLIENT_ID` | Client ID of the Web Modeler application configured in Identity;
_must be set to_ `web-modeler`. | `web-modeler` | - |
-| `OAUTH2_JWKS_URL` | [Internal](#notes-on-host-names-and-port-numbers) URL used to request Keycloak's JSON Web Key Set (for JWT verification). | `http://keycloak:8080/auth/realms/camunda-platform/protocol/openid-connect/certs` | - |
-| `OAUTH2_TOKEN_AUDIENCE` | Expected token audience (used for JWT validation);
_must be set to_ `web-modeler`. | `web-modeler` | - |
-| `OAUTH2_TOKEN_ISSUER` | URL of the token issuer (used for JWT validation). | `https://keycloak.example.com/auth/realms/camunda-platform` | - |
-| `IDENTITY_BASE_URL` | [Internal](#notes-on-host-names-and-port-numbers) base URL of the Identity API (used to fetch user data). | `http://identity:8080` | - |
+| Environment variable | Description | Example value | Default value |
+| ----------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------- | ------------- |
+| `OAUTH2_CLIENT_ID` | Client ID of the Web Modeler application configured in Identity;
_must be set to_ `web-modeler`. | `web-modeler` | - |
+| `OAUTH2_CLIENT_FETCH_REQUEST_CREDENTIALS` | [optional]
Configuration whether credentials should be sent along with requests to the OIDC provider, see [documentation](https://developer.mozilla.org/en-US/docs/Web/API/Request/credentials#value). Use this if you are using a proxy that requires cookies. | `include` | - |
+| `OAUTH2_JWKS_URL` | [Internal](#notes-on-host-names-and-port-numbers) URL used to request Keycloak's JSON Web Key Set (for JWT verification). | `http://keycloak:8080/auth/realms/camunda-platform/protocol/openid-connect/certs` | - |
+| `OAUTH2_TOKEN_AUDIENCE` | Expected token audience (used for JWT validation);
_must be set to_ `web-modeler`. | `web-modeler` | - |
+| `OAUTH2_TOKEN_ISSUER` | URL of the token issuer (used for JWT validation). | `https://keycloak.example.com/auth/realms/camunda-platform` | - |
+| `IDENTITY_BASE_URL` | [Internal](#notes-on-host-names-and-port-numbers) base URL of the Identity API (used to fetch user data). | `http://identity:8080` | - |
Refer to the [advanced Identity configuration guide](./identity.md) for additional details on how to set up secure connections to an external Identity instance or connect a custom OpenID Connect (OIDC) authentication provider.
diff --git a/versioned_docs/version-8.4/self-managed/modeler/web-modeler/configuration/configuration.md b/versioned_docs/version-8.4/self-managed/modeler/web-modeler/configuration/configuration.md
index 947ba11a1f..1f374a2abc 100644
--- a/versioned_docs/version-8.4/self-managed/modeler/web-modeler/configuration/configuration.md
+++ b/versioned_docs/version-8.4/self-managed/modeler/web-modeler/configuration/configuration.md
@@ -114,13 +114,14 @@ Refer to the [advanced logging configuration guide](./logging.md#logging-configu
### Identity / Keycloak
-| Environment variable | Description | Example value | Default value |
-| ----------------------- | ------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------- | ------------- |
-| `OAUTH2_CLIENT_ID` | Client ID of the Web Modeler application configured in Identity;
_must be set to_ `web-modeler`. | `web-modeler` | - |
-| `OAUTH2_JWKS_URL` | [Internal](#notes-on-host-names-and-port-numbers) URL used to request Keycloak's JSON Web Key Set (for JWT verification). | `http://keycloak:8080/auth/realms/camunda-platform/protocol/openid-connect/certs` | - |
-| `OAUTH2_TOKEN_AUDIENCE` | Expected token audience (used for JWT validation);
_must be set to_ `web-modeler`. | `web-modeler` | - |
-| `OAUTH2_TOKEN_ISSUER` | URL of the token issuer (used for JWT validation). | `https://keycloak.example.com/auth/realms/camunda-platform` | - |
-| `IDENTITY_BASE_URL` | [Internal](#notes-on-host-names-and-port-numbers) base URL of the Identity API (used to fetch user data). | `http://identity:8080` | - |
+| Environment variable | Description | Example value | Default value |
+| ----------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------- | ------------- |
+| `OAUTH2_CLIENT_ID` | Client ID of the Web Modeler application configured in Identity;
_must be set to_ `web-modeler`. | `web-modeler` | - |
+| `OAUTH2_CLIENT_FETCH_REQUEST_CREDENTIALS` | [optional]
Configuration whether credentials should be sent along with requests to the OIDC provider, see [documentation](https://developer.mozilla.org/en-US/docs/Web/API/Request/credentials#value). Use this if you are using a proxy that requires cookies. | `include` | - |
+| `OAUTH2_JWKS_URL` | [Internal](#notes-on-host-names-and-port-numbers) URL used to request Keycloak's JSON Web Key Set (for JWT verification). | `http://keycloak:8080/auth/realms/camunda-platform/protocol/openid-connect/certs` | - |
+| `OAUTH2_TOKEN_AUDIENCE` | Expected token audience (used for JWT validation);
_must be set to_ `web-modeler`. | `web-modeler` | - |
+| `OAUTH2_TOKEN_ISSUER` | URL of the token issuer (used for JWT validation). | `https://keycloak.example.com/auth/realms/camunda-platform` | - |
+| `IDENTITY_BASE_URL` | [Internal](#notes-on-host-names-and-port-numbers) base URL of the Identity API (used to fetch user data). | `http://identity:8080` | - |
Refer to the [advanced Identity configuration guide](./identity.md) for additional details on how to set up secure connections to an external Identity instance or connect a custom OpenID Connect (OIDC) authentication provider.
diff --git a/versioned_docs/version-8.5/self-managed/modeler/web-modeler/configuration/configuration.md b/versioned_docs/version-8.5/self-managed/modeler/web-modeler/configuration/configuration.md
index ad80fe4b8e..d4c99da2a4 100644
--- a/versioned_docs/version-8.5/self-managed/modeler/web-modeler/configuration/configuration.md
+++ b/versioned_docs/version-8.5/self-managed/modeler/web-modeler/configuration/configuration.md
@@ -114,13 +114,14 @@ Refer to the [advanced logging configuration guide](./logging.md#logging-configu
### Identity / Keycloak
-| Environment variable | Description | Example value | Default value |
-| ----------------------- | ------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------- | ------------- |
-| `OAUTH2_CLIENT_ID` | Client ID of the Web Modeler application configured in Identity;
_must be set to_ `web-modeler`. | `web-modeler` | - |
-| `OAUTH2_JWKS_URL` | [Internal](#notes-on-host-names-and-port-numbers) URL used to request Keycloak's JSON Web Key Set (for JWT verification). | `http://keycloak:8080/auth/realms/camunda-platform/protocol/openid-connect/certs` | - |
-| `OAUTH2_TOKEN_AUDIENCE` | Expected token audience (used for JWT validation);
_must be set to_ `web-modeler`. | `web-modeler` | - |
-| `OAUTH2_TOKEN_ISSUER` | URL of the token issuer (used for JWT validation). | `https://keycloak.example.com/auth/realms/camunda-platform` | - |
-| `IDENTITY_BASE_URL` | [Internal](#notes-on-host-names-and-port-numbers) base URL of the Identity API (used to fetch user data). | `http://identity:8080` | - |
+| Environment variable | Description | Example value | Default value |
+| ----------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------- | ------------- |
+| `OAUTH2_CLIENT_ID` | Client ID of the Web Modeler application configured in Identity;
_must be set to_ `web-modeler`. | `web-modeler` | - |
+| `OAUTH2_CLIENT_FETCH_REQUEST_CREDENTIALS` | [optional]
Configuration whether credentials should be sent along with requests to the OIDC provider, see [documentation](https://developer.mozilla.org/en-US/docs/Web/API/Request/credentials#value). Use this if you are using a proxy that requires cookies. | `include` | - |
+| `OAUTH2_JWKS_URL` | [Internal](#notes-on-host-names-and-port-numbers) URL used to request Keycloak's JSON Web Key Set (for JWT verification). | `http://keycloak:8080/auth/realms/camunda-platform/protocol/openid-connect/certs` | - |
+| `OAUTH2_TOKEN_AUDIENCE` | Expected token audience (used for JWT validation);
_must be set to_ `web-modeler`. | `web-modeler` | - |
+| `OAUTH2_TOKEN_ISSUER` | URL of the token issuer (used for JWT validation). | `https://keycloak.example.com/auth/realms/camunda-platform` | - |
+| `IDENTITY_BASE_URL` | [Internal](#notes-on-host-names-and-port-numbers) base URL of the Identity API (used to fetch user data). | `http://identity:8080` | - |
Refer to the [advanced Identity configuration guide](./identity.md) for additional details on how to set up secure connections to an external Identity instance or connect a custom OpenID Connect (OIDC) authentication provider.