diff --git a/_security/access-control/api.md b/_security/access-control/api.md
index 9473c16c20..63717d621a 100644
--- a/_security/access-control/api.md
+++ b/_security/access-control/api.md
@@ -1011,6 +1011,98 @@ PATCH _plugins/_security/api/rolesmapping
 }
 ```
 
+---
+
+## Allowlist
+
+### Get allowlist
+
+Retrieves the current `allowlist` configuration.
+
+#### Request
+
+```json
+GET _plugins/_security/api/allowlist
+```
+{% include copy-curl.html %}
+
+#### Example response
+
+```json
+{
+  "config" : {
+    "enabled" : true,
+    "requests" : {
+      "/_cat/nodes" : [
+        "GET"
+      ],
+      "/_cat/indices" : [
+        "GET"
+      ],
+      "/_plugins/_security/whoami" : [
+        "GET"
+      ]
+    }
+  }
+}
+```
+
+### Create allowlist
+
+Creates an `allowlist` configuration.
+
+#### Request
+
+```json
+PUT _plugins/_security/api/allowlist
+{
+  "enabled": true,
+  "requests": {
+    "/_cat/nodes": ["GET"],
+    "/_cat/indices": ["GET"],
+    "/_plugins/_security/whoami": ["GET"]
+  }
+}
+```
+{% include copy-curl.html %}
+
+#### Example response
+
+```json
+{
+  "status":"OK",
+  "message":"'config' updated."
+}
+```
+
+### Update allowlist
+
+Updates an `allowlist` configuration.
+
+#### Request
+
+```json
+PATCH _plugins/_security/api/allowlist
+[
+  {
+    "op": "add",
+    "path": "/config/requests",
+    "value": {
+      "/_cat/nodes": ["POST"]
+    }
+  }
+]
+```
+{% include copy-curl.html %}
+
+#### Example response
+
+```json
+{
+  "status":"OK",
+  "message":"Resource updated."
+}
+```
 
 ---