diff --git a/docs/features/authentication-access/auth/sso/index.mdx b/docs/features/authentication-access/auth/sso/index.mdx
index d059cac92..aba738153 100644
--- a/docs/features/authentication-access/auth/sso/index.mdx
+++ b/docs/features/authentication-access/auth/sso/index.mdx
@@ -31,6 +31,7 @@ You cannot have Microsoft **and** Google as OIDC providers simultaneously.
 | `WEBUI_URL`                           | —                  | **Required.** Your public WebUI address, e.g., `http://localhost:8080`. |
 | `ENABLE_OAUTH_PERSISTENT_CONFIG`      | `true`             | Persist OAuth config to the database; set to `false` for stateless/containerized environments. |
 | `ENABLE_OAUTH_SIGNUP`                 | `false`            | Allows account creation upon OAuth login (separate from `ENABLE_SIGNUP`). |
+| `OAUTH_AUTO_REDIRECT`                 | `false`            | When `true` with exactly one OAuth provider configured, sends unauthenticated users from `/auth` straight to the provider, skipping the "Continue with" screen. Visit `/auth?form=true` to reach the local login form. |
 | `OAUTH_MERGE_ACCOUNTS_BY_EMAIL`       | `false`            | Merge OAuth logins based on matching email (caution: can be insecure if provider doesn't verify emails). |
 | `OAUTH_UPDATE_PICTURE_ON_LOGIN`       | `false`             | Update user profile pictures from OAuth provider with each login. |
 | `OAUTH_PICTURE_CLAIM`                 | `picture`          | Field in the claim containing the profile picture. Set to empty string to disable picture updates (users receive default icon).|
diff --git a/docs/reference/env-configuration.mdx b/docs/reference/env-configuration.mdx
index ed6ad2fc9..9b2e4bfb6 100644
--- a/docs/reference/env-configuration.mdx
+++ b/docs/reference/env-configuration.mdx
@@ -5050,6 +5050,19 @@ You can only configure one OAUTH provider at a time. You cannot have two or more
 
 :::
 
+#### `OAUTH_AUTO_REDIRECT`
+
+- Type: `bool`
+- Default: `False`
+- Description: When `True` and exactly one OAuth provider is configured, an unauthenticated visit to the `/auth` page is redirected straight to that provider's login, skipping the intermediate `Continue with <provider>` button. The redirect is suppressed when the local login form is explicitly requested (`/auth?form=true`), after a failed sign-in (`/auth?error=...`), for an already-authenticated session, during initial onboarding, and when trusted-header authentication is enabled. Has no effect when zero or multiple OAuth providers are configured.
+- Persistence: This environment variable is a `PersistentConfig` variable.
+
+:::tip
+
+Visit `/auth?form=true` to reach the local login form when `OAUTH_AUTO_REDIRECT` is enabled — useful for administrators who need password access if the OAuth provider is unavailable.
+
+:::
+
 #### `ENABLE_OAUTH_PERSISTENT_CONFIG`
 
 - Type: `bool`