diff --git a/docs/ocis/identity-provider/_index.md b/docs/ocis/identity-provider/_index.md
index 8e8567e19..fa9733d1e 100644
--- a/docs/ocis/identity-provider/_index.md
+++ b/docs/ocis/identity-provider/_index.md
@@ -10,4 +10,4 @@ geekdocCollapseSection: true
 
 ## Overview
 
-oCIS provides an internal identity provider which can be configured via the [IDP service](../../services/idp/), or connect to an external identity provider like Keycloak or Microsoft Active Directory.
+oCIS provides out of the box a minimal OpenID Connect provider via the [IDP service](../../services/idp/) and a minimal LDAP service via the [IDM service](../../services/idm/). Both services are limited in the provided functionality, see the [admin documentation](https://doc.owncloud.com/ocis/next/deployment/services/s-list/idp.html) for details, and can be used for small environments like up to a few hundred users. For enterprise environments, it is highly recommended using enterprise grade external software like KeyCloak plus openLDAP or MS ADFS with Active Directory, which can be configured in the respective service. Entrada ID (formerly Azure AD) is in preparation, but not yet released or documented and might need some small fixes, and for certain functions a LDAP/AD connection.