diff --git a/website/docs/kubernetes.md b/website/docs/kubernetes.md
index 33b5fa349..1e3fa5910 100644
--- a/website/docs/kubernetes.md
+++ b/website/docs/kubernetes.md
@@ -102,6 +102,19 @@ use:
 helm install npm --set existingConfigMap=verdaccio-config verdaccio/verdaccio
 ```
 
+### Authenticate with private upstreams using Helm
+
+As of version `4.8.0` of the helm chart, a new `secretEnvVars` field has been added.  
+This allows you to inject sensitive values to the container via a [Kubernetes Secret](https://kubernetes.io/docs/concepts/configuration/secret/).
+
+1. Update your Verdaccio config according to the [Uplinks](./uplinks.md#auth-property) documentation
+2. Pass the secret environment variable to your values file or via `--set secretEnvVars.FOO_TOKEN=superSecretBarToken`
+```yaml
+# values.yaml
+secretEnvVars:
+  FOO_TOKEN: superSecretBarToken
+```
+
 #### NGINX proxy body-size limit {#nginx-proxy-body-size-limit}
 
 The standard k8s NGINX ingress proxy allows for 1MB for body-size which can be increased
diff --git a/website/docs/uplinks.md b/website/docs/uplinks.md
index 03bc0c138..81dbcbd07 100644
--- a/website/docs/uplinks.md
+++ b/website/docs/uplinks.md
@@ -84,3 +84,4 @@ uplinks:
 * Setting `cache` to false will help to save space in your hard drive. This will avoid store `tarballs` but [it will keep metadata in folders](https://github.com/verdaccio/verdaccio/issues/391).
 * Exceed with multiple uplinks might slow down the lookup of your packages due for each request a npm client does, verdaccio does 1 call for each uplink.
 * The (timeout, maxage and fail_timeout) format follow the [NGINX measurement units](http://nginx.org/en/docs/syntax.html)
+* When using the [Helm Chart](https://github.com/verdaccio/charts), you can use `secretEnvVars` to inject sensitive environment variables, which can be used to configure private uplink auth.