diff --git a/docs/features/sso.md b/docs/features/sso.md
index 0c764e4..9f2a674 100644
--- a/docs/features/sso.md
+++ b/docs/features/sso.md
@@ -21,6 +21,7 @@ There are several global configuration options for OAuth:
 1. `ENABLE_OAUTH_SIGNUP` - if `true`, allows accounts to be created when logging in with OAuth. Distinct from `ENABLE_SIGNUP`.
 1. `OAUTH_MERGE_ACCOUNTS_BY_EMAIL` - allows logging into an account that matches the email address provided by the OAuth provider.
     - This is considered insecure as not all OAuth providers verify email addresses, and may allow accounts to be hijacked.
+1. `OAUTH_UPDATE_PICTURE_ON_LOGIN` - if `true`, users will have OAuth-provided profile pictures updated on login.
 
 ### Google
 
diff --git a/docs/getting-started/env-configuration.md b/docs/getting-started/env-configuration.md
index 961eb9d..2806409 100644
--- a/docs/getting-started/env-configuration.md
+++ b/docs/getting-started/env-configuration.md
@@ -2354,6 +2354,13 @@ address. This is considered unsafe as not all OAuth providers will verify email
 potential account takeovers.
 - Persistence: This environment variable is a `PersistentConfig` variable.
 
+#### `OAUTH_UPDATE_PICTURE_ON_LOGIN`
+
+- Type: `bool`
+- Default: `False`
+- Description: If enabled, updates the local user profile picture with the OAuth-provided picture on login.
+- Persistence: This environment variable is a `PersistentConfig` variable.
+
 #### `WEBUI_AUTH_TRUSTED_EMAIL_HEADER`
 
 - Type: `str`