diff --git a/changelog/unreleased/rename-authprovider.md b/changelog/unreleased/rename-authprovider.md
new file mode 100644
index 00000000000..710f40079cd
--- /dev/null
+++ b/changelog/unreleased/rename-authprovider.md
@@ -0,0 +1,5 @@
+Enhancement: Rename AUTH_BASIC_AUTH_PROVIDER envvar
+
+Rename the `AUTH_BASIC_AUTH_PROVIDER` envvar to `AUTH_BASIC_AUTH_MANAGER`
+
+https://github.com/owncloud/ocis/pull/4966
diff --git a/services/auth-basic/README.md b/services/auth-basic/README.md
index 40f15af563e..87a2bafe3ad 100644
--- a/services/auth-basic/README.md
+++ b/services/auth-basic/README.md
@@ -4,7 +4,7 @@ The `auth-basic` service is responsible for validating authentication of incomin
 
 ## Auth Managers
 
-Since the `auth-basic` service does not do any validation itself, it needs to be configured with an authentication manager. One can use the `AUTH_BASIC_AUTH_PROVIDER` environment variable to configure this.
+Since the `auth-basic` service does not do any validation itself, it needs to be configured with an authentication manager. One can use the `AUTH_BASIC_AUTH_MANAGER` environment variable to configure this. Currently only one auth manager is supported: `"ldap"`
 
 ### LDAP Auth Manager
 
@@ -12,9 +12,9 @@ Setting `AUTH_BASIC_AUTH_PROVIDER` to `"ldap"` will configure the `auth-basic` s
 
 ### Other Auth Managers
 
-The possible auth mangers which can be selected are `"ldap"` and `"owncloudsql"`. Those are tested and usable though `"ldap"` is the recommend manager. Refer to the admin docs for additional information about those.
+oCIS currently supports no other auth manager
 
 ## Scalability
 
-Scalability, just like memory and CPU consumption, are highly dependent on the configured auth manager. When using the recommended one which is `"ldap"`, there is no persistance as requests will just be forwarded to the LDAP server. Therefore, multiple instances of the `auth-basic` service can be started without further configuration. Be aware, that other auth managers might not allow that.
+When using `"ldap"` as auth manager, there is no persistance as requests will just be forwarded to the LDAP server. Therefore, multiple instances of the `auth-basic` service can be started without further configuration. Be aware, that other auth managers might not allow that.
 
diff --git a/services/auth-basic/pkg/config/config.go b/services/auth-basic/pkg/config/config.go
index e3c27744307..9e9a7caab08 100644
--- a/services/auth-basic/pkg/config/config.go
+++ b/services/auth-basic/pkg/config/config.go
@@ -19,7 +19,7 @@ type Config struct {
 	Reva         *shared.Reva  `yaml:"reva"`
 
 	SkipUserGroupsInToken bool          `yaml:"skip_user_groups_in_token" env:"AUTH_BASIC_SKIP_USER_GROUPS_IN_TOKEN" desc:"Disables the encoding of the user's group memberships in the reva access token. This reduces the token size, especially when users are members of a large number of groups."`
-	AuthProvider          string        `yaml:"auth_provider" env:"AUTH_BASIC_AUTH_PROVIDER" desc:"The authentication provider to check if credentials are valid. Supported values are 'ldap' and 'owncloudsql'."`
+	AuthProvider          string        `yaml:"auth_provider" env:"AUTH_BASIC_AUTH_MANAGER" desc:"The authentication provider to check if credentials are valid. Supported value is 'ldap'."`
 	AuthProviders         AuthProviders `yaml:"auth_providers"`
 
 	Supervised bool            `yaml:"-"`