diff --git a/doc/configuration.md b/doc/configuration.md
new file mode 100644
index 0000000..b3448a8
--- /dev/null
+++ b/doc/configuration.md
@@ -0,0 +1,30 @@
+| Variable | Description |
+| --- | --- |
+| ```APPCONTEXT``` | Url of the website for password reset emails. e.g. https://study.com/ (must have "/" at the end) |
+| ```DRIVER``` | Driver to manage triple stores |
+| ```EMAIL_BCC``` |  |
+| ```EMAIL_CC``` |  |
+| ```EMAIL_DISPLAYNAME``` | Email display name |
+| ```EMAIL_FROM``` | if email.from is not entered, smtp.user is used instead |
+| ```EMAIL_INVITATIONCONTENT``` | UserInvite email html content, variables: username, link, name, appContext |
+| ```EMAIL_INVITATIONSUBJECT``` | serInvite email subject |
+| ```EMAIL_PASSWORDCHANGECONTENT``` | PasswordReset email html content, variables: username, appContext |
+| ```EMAIL_PASSWORDCHANGESUBJECT``` | Password change email |
+| ```EMAIL_PASSWORDRESETCONTENT``` | PasswordReset email html content, variables: username, link, appContext |
+| ```EMAIL_PASSWORDRESETSUBJECT``` | You can use variables in email contents by using {{variable}}, available variables are listed before email content property<br>Password Reset email subject |
+| ```EMAIL_PROFILEUPDATECONTENT``` | PasswordReset email html content, variables: username, appContext |
+| ```EMAIL_PROFILEUPDATESUBJECT``` | Profile update email |
+| ```EMAIL_REPLYTO``` | Email cc addresses where all invitations will be sent. For more use delimiter "," (can remain empty) |
+| ```FORMGENREPOSITORYURL``` | URL of repository where output and configuration of form-generator should be held |
+| ```FORMGENSERVICEURL``` | REST endpoint of form generator service |
+| ```RECORDS_ALLOWEDREJECTREASON``` | it indicates functionality allowing users to specify a reason for rejection is enabled. |
+| ```REPOSITORYURL``` | URL of repository that holds main data of the application |
+| ```SECURITY_CORD_ALLOWEDORIGINS``` | Configures allowed origins for CORS (e.g. http://localhost:3000). Use a comma to separate multiple values |
+| ```SECURITY_OIDC_ROLECLAIM``` | Claim containing user roles in the OIDC access token (applies only when 'oidc' security provider is selected). Use<br>dot notation for nested objects |
+| ```SECURITY_PROVIDER``` | Provider of application security. Possible values are 'internal' for internally stored users and 'oidc' for using an<br>OIDC-compatible authentication service. Its URL is configured via Spring Boot configuration parameters |
+| ```SECURITY_SAMESITE``` | Option to pass sameSite attribute for set-cookie headers. Possible values are None,Lax,Strict. In case of None value also attribute "Secure;" is added. |
+| ```SMTP_HOST``` | SMTP host |
+| ```SMTP_PASSWORD``` | SMTP password |
+| ```SMTP_PORT``` | SMTP port |
+| ```SMTP_USER``` | SMTP user |
+
diff --git a/pom.xml b/pom.xml
index 7b93388..dde1f22 100644
--- a/pom.xml
+++ b/pom.xml
@@ -162,7 +162,18 @@
                             <artifactId>mapstruct-processor</artifactId>
                             <version>${org.mapstruct.version}</version>
                         </path>
+                        <path>
+                            <groupId>cz.lukaskabc.cvut.processor</groupId>
+                            <artifactId>spring-boot-configuration-docgen-processor</artifactId>
+                            <version>1.0</version>
+                        </path>
                     </annotationProcessorPaths>
+                    <compilerArgs>
+                        <arg>-Aconfigurationdoc.output_file=./doc/configuration.md</arg>
+                        <arg>-Aconfigurationdoc.format=MD</arg>
+                        <arg>-Aconfigurationdoc.prepend_required=true</arg>
+                        <arg>-Aconfigurationdoc.configuration_package=cz.cvut.kbss.study</arg>
+                    </compilerArgs>
                 </configuration>
             </plugin>
             <plugin>