diff --git a/docs/for-developers/configuration/frontend.md b/docs/for-developers/configuration/frontend.md
new file mode 100644
index 0000000000000000000000000000000000000000..15284e4c88878c4d77d40bbfd2355da91919414f
--- /dev/null
+++ b/docs/for-developers/configuration/frontend.md
@@ -0,0 +1,45 @@
+---
+description: >-
+ This page description all the possible configuration that can be made in the
+ Gateway.
+---
+
+# Frontend
+
+### :toolbox: Options
+
+#### General
+
+| name | type | default | description |
+| -------------------------- | ------------------- | ------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| VERSION | string | "DEV" | Portal frontend's version |
+| INSTANCE\_NAME | string | "HBP MIP" | Instance name of the MIP (visible in the header) |
+| ONTOLOGY\_URL | string \| undefined | undefined | Ontology's URL |
+| DATACATALOGUE\_SERVER | string \| undefined | undefined | Datacatalogue's URL |
+| CONTACT\_LINK | string | http://ebrains.eu/support | Contact URL (support) |
+| EXPERIMENTS\_LIST\_REFRESH | string | "300000" | Time to wait before refresh experiments list in `milliseconds` |
+| GATEWAY\_SERVER | string | none | Indicate the Gateway's endpoint. Used when the Gateway is behind the Frontend (reverse proxy) |
+| EXTERNAL\_MIP\_PROTOCOL | string | https | Indicate the protocol should be forwarded to the Gateway. |
+| ERROR\_LOG\_LEVEL | string | WARN | Level is the minimum level to emit, and is inclusive. Possible levels: DEBUG, INFO, WARN, ERROR, PANIC, and FATAL. See [Caddy logs level](https://caddyserver.com/docs/json/logging/logs/level/). |
+
+#### Matomo
+
+Matomo is an open source alternative to Google Analytics.
+
+| name | type | default | description |
+| ---------------- | ------------------- | --------- | --------------------------------------------------------------------------------------------------- |
+| MATOMO\_ENABLED | boolean | false | Enable or disable Matomo |
+| MATOMO\_URL | string \| undefined | undefined | Base url for matomo scripts and data reporting. This parameter is `required` if Matomo is `enabled` |
+| MATOMO\_SITE\_ID | string \| undefined | undefined | Matomo Website ID. This parameter is required if `Matomo` is `enabled`. |
+
+#### Caddyfile configuration
+
+The frontend container has a simple implementation of Caddyfile, located in `/etc/caddy/Caddyfile`. If you are using Docker compose you can easily overwrite by specifying a volume :
+
+{% code title="docker-compose.yml" %}
+```
+...
+ volumes:
+ - ./path/to/your/Caddyfile:/etc/caddy/Caddyfile
+```
+{% endcode %}
diff --git a/docs/for-developers/configuration/gateway.md b/docs/for-developers/configuration/gateway.md
index 7f879ca3369f383b0f2b26fbacc31d35d889258b..2b16dacfcbdfbc415f9091c3086a000032787d21 100644
--- a/docs/for-developers/configuration/gateway.md
+++ b/docs/for-developers/configuration/gateway.md
@@ -18,7 +18,6 @@ description: >-
| GATEWAY\_PORT | number | 8081 | Indicate the port that should be used by the gateway |
| NODE\_ENV | string | dev | Value can be `prod` or `dev` |
| BASE\_URL\_CONTEXT | string | null | Define context of the gateway. E.g. `api` if the api is under `http://127.0.0.1/api/` |
-| ONTOLOGY\_URL | string | null | Define ontology's url |
#### Authentication
diff --git a/docs/for-developers/gateway/authentication.md b/docs/for-developers/gateway/authentication.md
index 6c8a63fa9d5e7bf3a606cca9069b135d6301f6f9..7e6f9bbc908a578da5b9966ae2f8a406cd49add5 100644
--- a/docs/for-developers/gateway/authentication.md
+++ b/docs/for-developers/gateway/authentication.md
@@ -48,9 +48,9 @@ This field can be used by the connector to store information related to the user
The real login system is delegated to the connector by using the `login` method in the interface.
-{% code title="engine.interface.ts" %}
+{% code title="connector.interface.ts" %}
```typescript
-export interface IEngineService {
+export interface Connector {
// ...
/**
@@ -77,9 +77,9 @@ When the login is performed, this function should return a `User` object and can
The same mechanism is applied to the logout system using the method logout from the engine.
-{% code title="engine.interface.ts" %}
+{% code title="connector.interface.ts" %}
```typescript
-export interface IEngineService {
+export interface Connector {
// ...
logout?(req: Request
@@ -90,3 +90,37 @@ export interface IEngineService {
```
{% endcode %}
+#### Session validation
+
+Whenever a Frontend required a refreshToken, the gateway should tell if the user is still connected to the engine. For this, your connector should implements the function **isSessionValid**. 
+
+{% code title="connector.interface.ts" %}
+```typescript
+export interface Connector {
+ // ...
+
+ isSessionValid?(user: User): Promise<boolean>;
+
+ // ...
+}
+```
+{% endcode %}
+
+This function should ensure that the user can still access the engine with the current token.
+
+#### How to get the user 
+
+Whether you use the local login or a 3rd party system, there is a unique way to access the user inside the Gateway. This method through the request : 
+
+```typescript
+request.user
+```
+
+This request's attribute is feed by strategy policies defined in the Gateway. Currently the following strategies are applied 
+
+1. JWT cookies
+2. JWT bearer
+3. Engine (use the connector to retrieve the user)
+
+Even if the `AUTH_SKIP` is defined you should be able to retrieve the user through the request.
+