diff --git a/documentation/docs/40-best-practices/03-auth.md b/documentation/docs/40-best-practices/03-auth.md
index 40ceb28acdbb..349548fdf1e3 100644
--- a/documentation/docs/40-best-practices/03-auth.md
+++ b/documentation/docs/40-best-practices/03-auth.md
@@ -14,7 +14,7 @@ In contrast, JWT generally are not checked against a datastore, which means they
 
 ## Integration points
 
-Auth [cookies](@sveltejs-kit#Cookies) can be checked inside [server hooks](hooks#Server-hooks). If a user is found matching the provided credentials, the user information can be stored in [`locals`](hooks#Server-hooks-handle).
+Auth [cookies](@sveltejs-kit#Cookies) can be checked inside [server hooks](hooks#Server-hooks). If a user is found matching the provided credentials, the user information can be stored in [`locals`](hooks#Server-hooks-locals).
 
 ## Guides