diff --git a/doc/user/project/pages/pages_access_control.md b/doc/user/project/pages/pages_access_control.md
index 386ef824dfb0d29cba3745f71b48f479914d4e9f..e1efcfbb60a61f4cb7fa834a40fa78752d707605 100644
--- a/doc/user/project/pages/pages_access_control.md
+++ b/doc/user/project/pages/pages_access_control.md
@@ -76,6 +76,32 @@ To do this:
 
 GitLab Pages uses a cache for efficiency. Changes to access settings typically take effect within one minute when the cache updates.
 
+## Authenticate with an access token
+
+{{< history >}}
+
+- [Introduced](https://gitlab.com/gitlab-org/gitlab-pages/-/issues/388) in GitLab 17.10.
+
+{{< /history >}}
+
+To authenticate against a restricted GitLab Pages site, you can provide the `Authorization` header with an access token.
+
+Prerequisites:
+
+- You must have one of the following access tokens with the `read_api` scope:
+  - [Personal access token](../../profile/personal_access_tokens.md#create-a-personal-access-token)
+  - [Project access token](../settings/project_access_tokens.md#create-a-project-access-token)
+  - [Group access token](../../group/settings/group_access_tokens.md#create-a-group-access-token)
+  - [OAuth 2.0 token](../../../api/oauth2.md)
+
+For example, to use an access token with OAuth-compliant headers:
+
+```shell
+curl --header "Authorization: Bearer <your_access_token>" <published_pages_url>
+```
+
+For invalid or unauthorized access tokens, returns [`404`](../../../api/rest/troubleshooting.md#status-codes).
+
 ## Terminating a Pages session
 
 To sign out of your GitLab Pages website, revoke the application access token