diff --git a/docs/authentication.rst b/docs/authentication.rst
index 85bbbbbd..8b24a44a 100644
--- a/docs/authentication.rst
+++ b/docs/authentication.rst
@@ -53,7 +53,7 @@ The URL on the first line includes a one-use token which can be used to sign in
 Permissions for canned queries
 ==============================
 
-Datasette's :ref:`canned_queries` default to allowing any user to execute them.
+Datasette's :ref:`canned queries <canned_queries>` default to allowing any user to execute them.
 
 You can limit who is allowed to execute a specific query with the ``"allow"`` key in the :ref:`metadata` configuration for that query.
 
diff --git a/docs/sql_queries.rst b/docs/sql_queries.rst
index aa1edc98..5df8bdb0 100644
--- a/docs/sql_queries.rst
+++ b/docs/sql_queries.rst
@@ -217,7 +217,7 @@ Writable canned queries
 
 Canned queries by default are read-only. You can use the ``"write": true`` key to indicate that a canned query can write to the database.
 
-You may wish to use this feature in conjunction with :ref:`authentication`.
+See :ref:`authentication_permissions_canned_queries` for details on how to add permission checks to canned queries, using the ``"allow"`` key.
 
 .. code-block:: json