diff --git a/cookbook/security/api_key_authentication.rst b/cookbook/security/api_key_authentication.rst
index 41a4883ab77..f2e9fc7e824 100644
--- a/cookbook/security/api_key_authentication.rst
+++ b/cookbook/security/api_key_authentication.rst
@@ -634,7 +634,7 @@ current URL is before creating the token in ``createToken()``::
 This uses the handy :class:`Symfony\\Component\\Security\\Http\\HttpUtils`
 class to check if the current URL matches the URL you're looking for. In this
 case, the URL (``/login/check``) has been hardcoded in the class, but you
-could also inject it as the third constructor argument.
+could also inject it as the second constructor argument.
 
 Next, just update your service configuration to inject the ``security.http_utils``
 service: