From 02987e342d75fc874d0c57ecfa8c4eabf0f5b313 Mon Sep 17 00:00:00 2001
From: Simon Willison <swillison@gmail.com>
Date: Mon, 9 Jan 2023 08:25:07 -0800
Subject: [PATCH] Explicitly explain allow_sql: false

---
 docs/authentication.rst | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/docs/authentication.rst b/docs/authentication.rst
index 87852555..37703307 100644
--- a/docs/authentication.rst
+++ b/docs/authentication.rst
@@ -315,6 +315,14 @@ The easiest way to disable arbitrary SQL queries is using the :ref:`default_allo
 
 You can alternatively use an ``"allow_sql"`` block to control who is allowed to execute arbitrary SQL queries.
 
+To prevent any user from executing arbitrary SQL queries, use this:
+
+.. code-block:: json
+
+    {
+        "allow_sql": false
+    }
+
 To enable just the :ref:`root user<authentication_root>` to execute SQL for all databases in your instance, use the following:
 
 .. code-block:: json