diff --git a/docs/docs/30-administration/90-prometheus.md b/docs/docs/30-administration/90-prometheus.md
index 75702dc8d0..f7fe55fba0 100644
--- a/docs/docs/30-administration/90-prometheus.md
+++ b/docs/docs/30-administration/90-prometheus.md
@@ -1,6 +1,6 @@
 # Prometheus
 
-Woodpecker is compatible with Prometheus and exposes a `/metrics` endpoint. Please note that access to the metrics endpoint is restricted and requires an authorization token with administrative privileges.
+Woodpecker is compatible with Prometheus and exposes a `/metrics` endpoint if the environment variable `WOODPECKER_PROMETHEUS_AUTH_TOKEN` is set. Please note that access to the metrics endpoint is restricted and requires the authorization token from the environment variable mentioned above.
 
 ```yaml
 global:
@@ -30,6 +30,20 @@ scrape_configs:
        - targets: ['woodpecker.domain.com']
 ```
 
+As an alternative, the token can also be read from a file:
+
+```diff
+global:
+  scrape_interval: 60s
+
+scrape_configs:
+  - job_name: 'woodpecker'
++   bearer_token_file: /etc/secrets/woodpecker-monitoring-token
+
+    static_configs:
+       - targets: ['woodpecker.domain.com']
+```
+
 ## Unauthenticated Access
 
 Alternatively, the unprotected `/metrics` endpoint might be exposed on the internal port. (Port is configurable via the `WOODPECKER_METRICS_SERVER_ADDR` environment variable, e.g. `:9001`.)