diff --git a/core/configuration.md b/core/configuration.md
index d44afd18adf..bf22c6f94cd 100644
--- a/core/configuration.md
+++ b/core/configuration.md
@@ -147,6 +147,10 @@ api_platform:
             # Enabled by default with installed webonyx/graphql-php and Twig.
             enabled: false
 
+        introspection:
+            # Enabled by default with installed webonyx/graphql-php.
+            enabled: true
+
         # The nesting separator used in the filter names.
         nesting_separator: _
 
diff --git a/core/graphql.md b/core/graphql.md
index 883d3b1dd3f..c0dce11709e 100644
--- a/core/graphql.md
+++ b/core/graphql.md
@@ -116,6 +116,20 @@ api_platform:
 # ...
 ```
 
+## Disabling the Introspection Query
+
+For security reason, the introspection query should be disabled to not expose the GraphQL schema.
+
+If you need to disable it, it can be done in the configuration:
+
+```yaml
+# api/config/packages/api_platform.yaml
+api_platform:
+    graphql:
+        introspection: false
+# ...
+```
+
 ## Request with `application/graphql` Content-Type
 
 If you wish to send a [POST request using the `application/graphql` Content-Type](https://graphql.org/learn/serving-over-http/#post-request),