diff --git a/docs/adguard-for-ios/features/dns-protection.md b/docs/adguard-for-ios/features/dns-protection.md
index 1ed42e1c112..650cbf9910b 100644
--- a/docs/adguard-for-ios/features/dns-protection.md
+++ b/docs/adguard-for-ios/features/dns-protection.md
@@ -35,6 +35,20 @@ Servers differ by their speed, employed protocol, trustworthiness, logging polic
 
 In addition, at the bottom of the screen there is an option to add a custom DNS server. It supports regular, DNSCrypt, DNS-over-HTTPS, DNS-over-TLS, and DNS-over-QUIC servers.
 
+#### HTTP basic authentication for DNS-over-HTTPS
+
+This feature brings the authentication capabilities of the HTTP protocol to DNS, which does not have built-in authentication. Authentication in DNS is useful if you want to restrict access to your custom DNS server to specific users.
+
+To enable this feature:
+
+1. In AdGuard DNS, go to *Server settings* → *Devices* → *Settings* and change the DNS server to the one with authentication. Clicking *Deny other protocols* will remove other protocol usage options, leaving only DNS-over-HTTPS authentication enabled and preventing its use by third parties. Copy the generated address.
+
+![DNS-over-HTTPS with authentication](https://cdn.adtidy.org/content/release_notes/dns/v2-7/http-auth/http-auth-en.png)
+
+1. In AdGuard for iOS, go to the *Protection tab* → *DNS protection* → *DNS server* and paste the generated address into the *Add a custom DNS server* field. Save and select the new configuration.
+
+To check if everything is set up correctly, visit our [diagnostics page](https://adguard.com/en/test.html).
+
 ### Network settings {#network-settings}
 
 ![Network settings screen *mobile_border](https://cdn.adtidy.org/public/Adguard/kb/iOS/features/network_settings_en.jpeg)