diff --git a/doc/api/users.md b/doc/api/users.md
index a22930902092b439cedab0e0a861b26b43e3941a..4d6bdb260201a99954eddfe3b509dbe2970ece6c 100644
--- a/doc/api/users.md
+++ b/doc/api/users.md
@@ -6,7 +6,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 # Users API **(FREE)**
 
-This documentation has information on API calls, parameters and responses for the Users API. 
+This documentation has information on API calls, parameters and responses for the Users API.
 
 For information on user activities that update the user event timestamps, see [get user activities](#get-user-activities).
 
@@ -875,7 +875,7 @@ Parameters:
 | :------------------------------- | :------- | :--------------------------------------------------------------------------- |
 | `view_diffs_file_by_file`        | Yes      | Flag indicating the user sees only one file diff per page.                   |
 | `show_whitespace_in_diffs`       | Yes      | Flag indicating the user sees whitespace changes in diffs.                   |
-| `pass_user_identities_to_ci_jwt` | Yes      | Flag indicating the user passes their external identities as CI information. This attribute does not contain enough information to identify or authorize the user in an external system. The attribute is internal to GitLab, and must not be passed to third-party services. |
+| `pass_user_identities_to_ci_jwt` | Yes      | Flag indicating the user passes their external identities as CI information. This attribute does not contain enough information to identify or authorize the user in an external system. The attribute is internal to GitLab, and must not be passed to third-party services. For more information and examples, see [Token Payload](../ci/secrets/id_token_authentication.md#token-payload). |
 
 ## User follow
 
diff --git a/doc/ci/secrets/id_token_authentication.md b/doc/ci/secrets/id_token_authentication.md
index 1ff2a6efbcf97deca27f7b032ba116853f96292a..12e0402be25373f40dacdbdfbd357051ce22c497 100644
--- a/doc/ci/secrets/id_token_authentication.md
+++ b/doc/ci/secrets/id_token_authentication.md
@@ -60,6 +60,7 @@ The token also includes custom claims provided by GitLab:
 | `user_id`               | Always                       | ID of the user executing the job. |
 | `user_login`            | Always                       | Username of the user executing the job. |
 | `user_email`            | Always                       | Email of the user executing the job. |
+| `user_identities`       | User Preference setting      | List of the user's external identities ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/387537) in GitLab 16.0). |
 | `pipeline_id`           | Always                       | ID of the pipeline. |
 | `pipeline_source`       | Always                       | [Pipeline source](../jobs/job_control.md#common-if-clauses-for-rules). |
 | `job_id`                | Always                       | ID of the job. |
@@ -83,6 +84,10 @@ The token also includes custom claims provided by GitLab:
   "user_id": "1",
   "user_login": "sample-user",
   "user_email": "sample-user@example.com",
+  "user_identities": [
+      {"provider": "github", "extern_uid": "2435223452345"},
+      {"provider": "bitbucket", "extern_uid": "john.smith"},
+  ],
   "pipeline_id": "574",
   "pipeline_source": "push",
   "job_id": "302",
diff --git a/doc/user/profile/preferences.md b/doc/user/profile/preferences.md
index da4d2da70fe0318d6d916b8ba79063d7bbb3cb18..e72113dc3210547dcb552cd941b8280c97a70138 100644
--- a/doc/user/profile/preferences.md
+++ b/doc/user/profile/preferences.md
@@ -182,6 +182,13 @@ NOTE:
 This feature is experimental, and choosing absolute times might break certain layouts.
 Open an issue if you notice that using absolute times breaks a layout.
 
+## User identities in CI job JSON web tokens
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/387537) in GitLab 16.0. False by default.
+
+You can select to include the list of your external identities in the JSON Web Token information that is generated for a CI job.
+For more information and examples, see [Token Payload](../../ci/secrets/id_token_authentication.md#token-payload).
+
 ## Integrations
 
 Configure your preferences with third-party services which provide enhancements to your GitLab experience.
diff --git a/lib/api/users.rb b/lib/api/users.rb
index 505fcb2b38e8ecd4f6d9d9dfd30fa1a79d16f91c..13378181f243e7714ab11ff35c0a43d4414d7d8f 100644
--- a/lib/api/users.rb
+++ b/lib/api/users.rb
@@ -1244,7 +1244,7 @@ def set_user_status(include_missing_params:)
       params do
         optional :view_diffs_file_by_file, type: Boolean, desc: 'Flag indicating the user sees only one file diff per page'
         optional :show_whitespace_in_diffs, type: Boolean, desc: 'Flag indicating the user sees whitespace changes in diffs'
-        optional :pass_user_identities_to_ci_jwt, type: Boolean, desc: 'Flag indicating the user passes their external identities as CI information'
+        optional :pass_user_identities_to_ci_jwt, type: Boolean, desc: 'Flag indicating the user passes their external identities to a CI job as part of a JSON web token.'
         at_least_one_of :view_diffs_file_by_file, :show_whitespace_in_diffs, :pass_user_identities_to_ci_jwt
       end
       put "preferences", feature_category: :user_profile, urgency: :high do