diff --git a/website/integrations/services/apache-guacamole/index.mdx b/website/integrations/services/apache-guacamole/index.mdx
index 6b266099c..5faf25ca0 100644
--- a/website/integrations/services/apache-guacamole/index.mdx
+++ b/website/integrations/services/apache-guacamole/index.mdx
@@ -28,11 +28,14 @@ Create an OAuth2/OpenID provider with the following parameters:
 Under _Advanced protocol settings_, set the following:
 
 -   Token validity: Any value to configure how long the session should last. Guacamole will not accept any tokens valid longer than 300 Minutes.
+-   Signing Key: Set the key as `authentik Self-signed Certificate`
 
 Note the Client ID value. Create an application, using the provider you've created above.
 
 ## Guacamole
 
+It is recommended you configure an admin account in Guacamole before setting up SSO to make things easier. Create a user in Guacamole using the email address of your user in authentik and give them admin permissions. Without this you might loose access to the Guacamole admin settings and have to revert the settings below.
+
 import Tabs from "@theme/Tabs";
 import TabItem from "@theme/TabItem";