diff --git a/README.md b/README.md
index 3ef8b38..5368467 100644
--- a/README.md
+++ b/README.md
@@ -10,6 +10,7 @@ A Spring Boot overlay server for Twitch broadcasters and their channel admins. B
 - In-memory channel directory optimized with lock-free collections for fast updates.
 - Optional SSL with local self-signed keystore support.
 - Dockerfile, Makefile, CI workflow, and Maven build.
+- OpenAPI/Swagger UI docs available at `/swagger-ui.html`.
 
 ## Getting started
 ### Prerequisites
diff --git a/pom.xml b/pom.xml
index cf82630..a35ac77 100644
--- a/pom.xml
+++ b/pom.xml
@@ -98,6 +98,12 @@
             <version>2.3.4</version>
         </dependency>
 
+        <dependency>
+            <groupId>org.springdoc</groupId>
+            <artifactId>springdoc-openapi-starter-webmvc-ui</artifactId>
+            <version>2.5.0</version>
+        </dependency>
+
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-test</artifactId>
diff --git a/src/main/java/com/imgfloat/app/config/OpenApiConfig.java b/src/main/java/com/imgfloat/app/config/OpenApiConfig.java
new file mode 100644
index 0000000..7a2da28
--- /dev/null
+++ b/src/main/java/com/imgfloat/app/config/OpenApiConfig.java
@@ -0,0 +1,19 @@
+package com.imgfloat.app.config;
+
+import io.swagger.v3.oas.models.OpenAPI;
+import io.swagger.v3.oas.models.info.Info;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+@Configuration
+public class OpenApiConfig {
+
+    @Bean
+    public OpenAPI imgfloatOpenAPI() {
+        return new OpenAPI()
+                .info(new Info()
+                        .title("Imgfloat API")
+                        .description("OpenAPI documentation for Imgfloat admin and broadcaster APIs.")
+                        .version("v1"));
+    }
+}
diff --git a/src/main/java/com/imgfloat/app/config/SecurityConfig.java b/src/main/java/com/imgfloat/app/config/SecurityConfig.java
index 6c9d910..8c326b8 100644
--- a/src/main/java/com/imgfloat/app/config/SecurityConfig.java
+++ b/src/main/java/com/imgfloat/app/config/SecurityConfig.java
@@ -20,7 +20,16 @@ public class SecurityConfig {
     SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
         http
                 .authorizeHttpRequests(auth -> auth
-                        .requestMatchers("/", "/css/**", "/js/**", "/webjars/**", "/actuator/health").permitAll()
+                        .requestMatchers(
+                                "/",
+                                "/css/**",
+                                "/js/**",
+                                "/webjars/**",
+                                "/actuator/health",
+                                "/v3/api-docs/**",
+                                "/swagger-ui.html",
+                                "/swagger-ui/**"
+                        ).permitAll()
                         .requestMatchers("/ws/**").permitAll()
                         .anyRequest().authenticated()
                 )