diff --git a/docs/simplesamlphp-authproc.md b/docs/simplesamlphp-authproc.md
index d082a8255c805ad2bce82db7880956b31b4f4f3e..f97086b3adddc65bfbc6500d2fafa4699588a5fd 100644
--- a/docs/simplesamlphp-authproc.md
+++ b/docs/simplesamlphp-authproc.md
@@ -145,6 +145,7 @@ The following filters are included in the SimpleSAMLphp distribution:
 - [`expirycheck:ExpiryDate`](./expirycheck:expirycheck): Block access to accounts that have expired.
 - [`preprodwarning:Warning`](./preprodwarning:warning): Warn the user about accessing a test IdP.
 - [`saml:AttributeNameID`](./saml:nameid): Generate custom NameID with the value of an attribute.
+- [`saml:AuthnContextClassRef`](./saml:authproc_authncontextclassref): Set the authentication context in the response.
 - [`saml:ExpectedAuthnContextClassRef`](./saml:authproc_expectedauthncontextclassref): Verify the user's authentication context.
 - [`saml:FilterScopes`](./saml:filterscopes): Filter attribute values with scopes forbidden for an IdP.
 - [`saml:NameIDAttribute`](./saml:nameidattribute): Create an attribute based on the NameID we receive from the IdP.
diff --git a/modules/saml/docs/authproc_authncontextclassref.md b/modules/saml/docs/authproc_authncontextclassref.md
new file mode 100644
index 0000000000000000000000000000000000000000..5e755a88b5d0aaa34de70f8c5f08463cb4d1b704
--- /dev/null
+++ b/modules/saml/docs/authproc_authncontextclassref.md
@@ -0,0 +1,14 @@
+`saml:AuthnContextClassRef`
+===========================
+
+IDP-side filter for setting the `AuthnContextClassRef` element in the authentication response.
+
+Examples
+--------
+
+    'authproc.idp' => array(
+      92 => array(
+        'class' => 'saml:AuthnContextClassRef',
+        'AuthnContextClassRef' => 'urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport',
+      ),
+    ),