diff --git a/book/security.rst b/book/security.rst
index 7fc60e42cea..03aac0677f9 100644
--- a/book/security.rst
+++ b/book/security.rst
@@ -939,7 +939,7 @@ will match any ``ip``, ``host`` or ``method``:
 .....................
 
 Once Symfony has decided which ``access_control`` entry matches (if any),
-it then *enforces* access restrictions based on the ``roles`` and ``requires_channel``
+it then *enforces* access restrictions based on the ``roles``, ``allow_if`` and ``requires_channel``
 options:
 
 * ``role`` If the user does not have the given role(s), then access is denied