diff --git a/proxy/pkg/command/server.go b/proxy/pkg/command/server.go
index f4dc963d84..bd196fd7d4 100644
--- a/proxy/pkg/command/server.go
+++ b/proxy/pkg/command/server.go
@@ -317,7 +317,7 @@ func loadMiddlewares(ctx context.Context, l log.Logger, cfg *config.Config) alic
 	)
 }
 
-// loadUserAgent reads the proxy-user-agent-whitelist, since it is a string flag, and attempts to construct a map of
+// loadUserAgent reads the proxy-user-agent-lock-in, since it is a string flag, and attempts to construct a map of
 // "user-agent":"challenge" locks in for Reva.
 // Modifies cfg. Spaces don't need to be trimmed as urfavecli takes care of it. User agents with spaces are valid. i.e:
 // Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:83.0) Gecko/20100101 Firefox/83.0
@@ -327,7 +327,7 @@ func loadMiddlewares(ctx context.Context, l log.Logger, cfg *config.Config) alic
 // in reverse for each individual part
 func loadUserAgent(c *cli.Context, cfg *config.Config) error {
 	cfg.Reva.Middleware.Auth.CredentialsByUserAgent = make(map[string]string, 0)
-	locks := c.StringSlice("proxy-user-agent-whitelist")
+	locks := c.StringSlice("proxy-user-agent-lock-in")
 
 	for _, v := range locks {
 		vv := conversions.Reverse(v)
diff --git a/proxy/pkg/flagset/flagset.go b/proxy/pkg/flagset/flagset.go
index b8ea4d252a..5356b5c6c4 100644
--- a/proxy/pkg/flagset/flagset.go
+++ b/proxy/pkg/flagset/flagset.go
@@ -251,8 +251,8 @@ func ServerWithConfig(cfg *config.Config) []cli.Flag {
 
 		// Reva Middlewares Config
 		&cli.StringSliceFlag{
-			Name:    "proxy-user-agent-whitelist",
-			Usage:   "--user-agent-whitelist=mirall:basic,foo:bearer Given a tuple of [UserAgent:challenge] it locks a given user agent to the authentication challenge. Particularly useful for old clients whose USer-Agent is known and only support one authentication challenge. When this flag is set in the proxy it configures the authentication middlewares.",
+			Name:    "proxy-user-agent-lock-in",
+			Usage:   "--user-agent-whitelist-lock-in=mirall:basic,foo:bearer Given a tuple of [UserAgent:challenge] it locks a given user agent to the authentication challenge. Particularly useful for old clients whose USer-Agent is known and only support one authentication challenge. When this flag is set in the proxy it configures the authentication middlewares.",
 			EnvVars: []string{"PROXY_MIDDLEWARE_AUTH_CREDENTIALS_BY_USER_AGENT"},
 		},
 	}
diff --git a/storage/pkg/command/frontend.go b/storage/pkg/command/frontend.go
index e67edd4423..ee50e1280d 100644
--- a/storage/pkg/command/frontend.go
+++ b/storage/pkg/command/frontend.go
@@ -302,7 +302,7 @@ func Frontend(cfg *config.Config) *cli.Command {
 	}
 }
 
-// loadUserAgent reads the user-agent-whitelist, since it is a string flag, and attempts to construct a map of
+// loadUserAgent reads the user-agent-whitelist-lock-in, since it is a string flag, and attempts to construct a map of
 // "user-agent":"challenge" locks in for Reva.
 // Modifies cfg. Spaces don't need to be trimmed as urfavecli takes care of it. User agents with spaces are valid. i.e:
 // Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:83.0) Gecko/20100101 Firefox/83.0
@@ -312,7 +312,7 @@ func Frontend(cfg *config.Config) *cli.Command {
 // in reverse for each individual part
 func loadUserAgent(c *cli.Context, cfg *config.Config) error {
 	cfg.Reva.Frontend.Middleware.Auth.CredentialsByUserAgent = make(map[string]string, 0)
-	locks := c.StringSlice("user-agent-whitelist")
+	locks := c.StringSlice("user-agent-whitelist-lock-in")
 
 	for _, v := range locks {
 		vv := conversions.Reverse(v)
diff --git a/storage/pkg/flagset/frontend.go b/storage/pkg/flagset/frontend.go
index 0a5bdb5651..a43f89be4f 100644
--- a/storage/pkg/flagset/frontend.go
+++ b/storage/pkg/flagset/frontend.go
@@ -136,8 +136,8 @@ func FrontendWithConfig(cfg *config.Config) []cli.Flag {
 
 		// Reva Middlewares Config
 		&cli.StringSliceFlag{
-			Name:    "user-agent-whitelist",
-			Usage:   "--user-agent-whitelist=mirall:basic,foo:bearer Given a tuple of comma separated [UserAgent:challenge] values, it locks a given user agent to the authentication challenge. Particularly useful for old clients whose USer-Agent is known and only support one authentication challenge. When this flag is set in the storage-frontend it configures Reva.",
+			Name:    "user-agent-whitelist-lock-in",
+			Usage:   "--user-agent-whitelist-lock-in=mirall:basic,foo:bearer Given a tuple of comma separated [UserAgent:challenge] values, it locks a given user agent to the authentication challenge. Particularly useful for old clients whose USer-Agent is known and only support one authentication challenge. When this flag is set in the storage-frontend it configures Reva.",
 			EnvVars: []string{"STORAGE_FRONTEND_MIDDLEWARE_AUTH_CREDENTIALS_BY_USER_AGENT"},
 		},
 	}