1 files changed, 12 insertions, 2 deletions

diff --git a/doc/man-sections/server-options.rst b/doc/man-sections/server-options.rst
index 5a68945..ac0df55 100644
--- a/doc/man-sections/server-options.rst
+++ b/doc/man-sections/server-options.rst
@@ -487,11 +487,21 @@ fast hardware. SSL/TLS authentication must be used in this mode.
         The UI version of a UI if one is running, for example
         :code:`de.blinkt.openvpn 0.5.47` for the Android app.
 
+  :code:`IV_SSO=[crtext,][openurl,][proxy_url]`
+        Additional authentication methods supported by the client.
+        This may be set by the client UI/GUI using ``--setenv``
+
   When ``--push-peer-info`` is enabled the additional information consists
   of the following data:
 
-  :code:`IV_HWADDR=<mac address>`
-        The MAC address of clients default gateway
+  :code:`IV_HWADDR=<string>`
+        This is intended to be a unique and persistent ID of the client.
+        The string value can be any readable ASCII string up to 64 bytes.
+        OpenVPN 2.x and some other implementations use the MAC address of
+        the client's interface used to reach the default gateway. If this
+        string is generated by the client, it should be consistent and
+        preserved across independent session and preferably
+        re-installations and upgrades.
 
   :code:`IV_SSL=<version string>`
         The ssl version used by the client, e.g.