diff --git a/cloudflare/resource_cloudflare_access_group.go b/cloudflare/resource_cloudflare_access_group.go
index f7852286685..42cc90dd884 100644
--- a/cloudflare/resource_cloudflare_access_group.go
+++ b/cloudflare/resource_cloudflare_access_group.go
@@ -122,6 +122,13 @@ var AccessGroupOptionSchemaElement = &schema.Resource{
 				Type: schema.TypeString,
 			},
 		},
+		"login_method": {
+			Type:     schema.TypeList,
+			Optional: true,
+			Elem: &schema.Schema{
+				Type: schema.TypeString,
+			},
+		},
 		"gsuite": {
 			Type:     schema.TypeList,
 			Optional: true,
@@ -522,6 +529,10 @@ func BuildAccessGroupCondition(options map[string]interface{}) []interface{} {
 					group = append(group, cloudflare.AccessGroupGeo{Geo: struct {
 						CountryCode string `json:"country_code"`
 					}{CountryCode: value.(string)}})
+				case "login_method":
+					group = append(group, cloudflare.AccessGroupLoginMethod{LoginMethod: struct {
+						ID string `json:"id"`
+					}{ID: value.(string)}})
 				}
 			}
 		}
diff --git a/website/docs/r/access_group.html.markdown b/website/docs/r/access_group.html.markdown
index 01f55517c20..ec2e08ead25 100644
--- a/website/docs/r/access_group.html.markdown
+++ b/website/docs/r/access_group.html.markdown
@@ -80,8 +80,9 @@ conditions which can be applied. The conditions are:
 * `common_name` - (Optional) Use a certificate common name to authenticate with.
 * `auth_method` - (Optional) A string identifying the authentication
   method code. The list of codes are listed here: https://tools.ietf.org/html/rfc8176#section-2.
-  Custom values are also supported.
+  Custom values are also supported. Example: `auth_method = ["swk"]`
 * `geo` - (Optional) A list of country codes. Example: `geo = ["US"]`
+* `login_method` - (Optional) A list of identity provider ids. Example: `login_method = [cloudflare_access_identity_provider.my_idp.id]`
 * `gsuite` - (Optional) Use GSuite as the authentication mechanism. Example:
 
   ```hcl