diff --git a/docs/enterprise/console-settings.yaml b/docs/enterprise/console-settings.yaml
index 835bd8638..d8f1c6912 100644
--- a/docs/enterprise/console-settings.yaml
+++ b/docs/enterprise/console-settings.yaml
@@ -165,7 +165,7 @@ settings:
           ### Overrides
 
           - **Any Authenticated User**: This setting will allow access to a route with this policy attached to any user who can authenticate to your Identity Provider (**IdP**).
-          - **CORS Preflight**:
+          - **CORS Preflight**: Allow unauthenticated HTTP OPTIONS requests as per the CORS spec.
           - **Public Access**: This setting allows complete, unrestricted access to an associated route. Use this setting with caution.
       - name: "Certificates"
   - name: "Configure"
diff --git a/docs/enterprise/reference/manage.md b/docs/enterprise/reference/manage.md
index 35f29e303..840396691 100644
--- a/docs/enterprise/reference/manage.md
+++ b/docs/enterprise/reference/manage.md
@@ -356,7 +356,7 @@ A policy can only support PPL or Rego. Once one is set, the other tab is disable
 ### Overrides
 
 - **Any Authenticated User**: This setting will allow access to a route with this policy attached to any user who can authenticate to your Identity Provider (**IdP**).
-- **CORS Preflight**:
+- **CORS Preflight**: Allow unauthenticated HTTP OPTIONS requests as per the CORS spec.
 - **Public Access**: This setting allows complete, unrestricted access to an associated route. Use this setting with caution.