You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Refreshes the managed auth docs to reflect everything that's shipped since the docs were last touched in early April. Goal: docs match current behavior.
New
auth/react.mdx — full integration guide for @onkernel/managed-auth-react: install, Next.js example, same-origin proxying, appearance API (variables / elements / layout / theme), localization, props, and headless step exports. Added to the Auth → Integration Types nav alongside Hosted UI and Programmatic. Overview page now shows a 3-card chooser.
Updated
auth/programmatic.mdx
MFA type enum updated to current SDK shape: sms, email, totp, push, call, password, switch (was: sms, email, totp, push, call, security_key). password and switch are new; security_key was never in the SDK enum.
Added a callout for switch (generic "Use another method" / "Try another way" links).
AWAITING_EXTERNAL_ACTION section now shows that mfa_options / pending_sso_buttons / sign_in_options can be populated alongside the external action message — submit one to switch verification methods, or keep polling. Added a code example for the push + "Try another way" fallback.
auth/profiles.mdx, browsers/extensions.mdx, reference/cli/extensions.mdx — name uniqueness scope corrected from org to project (matches DB constraint change).
Test plan
Mintlify preview renders the new auth/react page and the 3-card chooser on auth/overview
No broken internal links
Code samples in auth/programmatic.mdx match current SDK shape (verified MfaOption.type against kernel-node-sdk types)
Note
Low Risk
Low risk: documentation-only changes (new guide, nav updates, and behavior clarifications) with no runtime code modifications.
Overview
Adds a new auth/react guide documenting the @onkernel/managed-auth-react embedded login flow (installation, backend handoff, same-origin proxying, styling/localization, and headless exports) and surfaces it in navigation; auth/overview is updated to present Hosted UI/React/Programmatic as three integration options.
Updates Managed Auth docs to match current behavior: documents record_session replay recording on connections/logins (auth/hosted-ui, auth/faq, auth/programmatic), refreshes programmatic MFA option types (including password and switch) and clarifies fallback options during AWAITING_EXTERNAL_ACTION, and corrects multiple places to state that profile/extension names are unique per project (not org).
Reviewed by Cursor Bugbot for commit ef1580c. Bugbot is set up for automated code reviews on this repo. Configure here.
…allbacks
- Add new auth/react.mdx for @onkernel/managed-auth-react drop-in component
- Add React Component card to auth overview integration types
- Document `switch` MFA option type for generic method-switcher links
- Document fallback mfa_options/sso_buttons/sign_in_options on AWAITING_EXTERNAL_ACTION
- Update MFA type enum to current SDK shape (drop security_key, add password/switch)
- Update profile/extension name uniqueness from org-scoped to project-scoped
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Adds docs for the new record_session flag — connection-wide default or
per-login override that captures a browser replay of every managed auth
login session. Surfaces it as a debugging tool in the FAQ and lists it
in the connection update field tables.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
The .login() response returns id and handoff_code as separate fields —
integrators using the React component pass those directly to the
frontend. hosted_url points at Kernel's hosted page and is only
relevant for the Hosted UI flow.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Connection-default record_session applies to every browser session tied
to the connection — initial logins, periodic health checks, and
automatic re-authentications. Per-login override only records that one
login attempt.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This PR didn't match the auto-monitor filter configured on your GitHub connection:
Any PR that changes the kernel API. Monitor changes to API endpoints (packages/api/cmd/api/) and Temporal workflows (packages/api/lib/temporal) in the kernel repo
Reason: PR only updates documentation files (*.mdx); it does not change any API endpoints in packages/api/cmd/api/ or Temporal workflows in packages/api/lib/temporal.
To monitor this PR anyway, reply with @firetiger monitor this.
The reason will be displayed to describe this comment to others. Learn more.
Stale comment
Risk assessment: Very Low.
Re-evaluated the current diff after the synchronize event. The changes are limited to MDX documentation pages and one docs.json navigation entry for the new React auth page. I didn't find any production codepaths, infrastructure, schema, auth/permission enforcement logic, or model prompt files modified, and there is no CODEOWNERS file in the repo.
git diff --check passed. The PR is already approved at the current head commit, so I did not submit another approval.
The reason will be displayed to describe this comment to others. Learn more.
Stale comment
Risk assessment: Very Low.
I re-evaluated the current head diff (0f356960e0e9be32645eed84c8d3f8ea023d8426). The PR only changes MDX documentation pages and adds one docs.json navigation entry for the new auth React component page. There are no production codepaths, infrastructure files, schema changes, auth/permission logic, or prompt/instruction files modified. The changes since the prior approval are limited to small wording clarifications about record_session behavior in auth docs, so the risk has not increased.
The PR is already approved, so I’m not posting another approval.
The reason will be displayed to describe this comment to others. Learn more.
Stale comment
Risk assessment: Very Low.
I based this on the actual diff: the PR only changes documentation pages (auth/*.mdx, browser/CLI docs), adds a new auth/react.mdx documentation page, and adds one docs.json navigation entry. I didn't find production codepaths, infrastructure, schema changes, auth/permission enforcement logic, or model prompt files modified. I also didn't find a CODEOWNERS file requiring code owner review.
git diff --check passed. GitHub already reports the PR as approved, so I did not submit another approval.
The reason will be displayed to describe this comment to others. Learn more.
Stale comment
Risk assessment: Very Low.
I assessed the current diff directly. The changes are limited to Mintlify documentation content (auth/*.mdx, browser/CLI docs), a new auth/react.mdx guide, and a single docs.json navigation entry. I didn't find production codepaths, infrastructure files, schema changes, auth or permission enforcement logic, or model prompt/instruction files modified.
git diff --check passed. I also didn't find a CODEOWNERS file in the repo. GitHub already reports this PR as approved, so I did not submit another approval; the latest changes do not increase the risk level.
The reason will be displayed to describe this comment to others. Learn more.
Risk assessment: Very Low.
I assessed the current diff directly. The changes are limited to Mintlify documentation content (auth/*.mdx, browser/CLI docs), a new auth/react.mdx guide, and a single docs.json navigation entry. I didn't find production codepaths, infrastructure files, schema changes, auth or permission enforcement logic, or model prompt/instruction files modified.
git diff --check passed. I also didn't find a CODEOWNERS file or pending review requests. The PR already has an approval, so I did not submit another approval; the synchronized changes do not increase the risk level.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
Summary
Refreshes the managed auth docs to reflect everything that's shipped since the docs were last touched in early April. Goal: docs match current behavior.
New
auth/react.mdx— full integration guide for@onkernel/managed-auth-react: install, Next.js example, same-origin proxying, appearance API (variables / elements / layout / theme), localization, props, and headless step exports. Added to the Auth → Integration Types nav alongside Hosted UI and Programmatic. Overview page now shows a 3-card chooser.Updated
auth/programmatic.mdxsms, email, totp, push, call, password, switch(was:sms, email, totp, push, call, security_key).passwordandswitchare new;security_keywas never in the SDK enum.switch(generic "Use another method" / "Try another way" links).AWAITING_EXTERNAL_ACTIONsection now shows thatmfa_options/pending_sso_buttons/sign_in_optionscan be populated alongside the external action message — submit one to switch verification methods, or keep polling. Added a code example for the push + "Try another way" fallback.auth/profiles.mdx,browsers/extensions.mdx,reference/cli/extensions.mdx— name uniqueness scope corrected from org to project (matches DB constraint change).Test plan
auth/reactpage and the 3-card chooser onauth/overviewauth/programmatic.mdxmatch current SDK shape (verifiedMfaOption.typeagainstkernel-node-sdktypes)Note
Low Risk
Low risk: documentation-only changes (new guide, nav updates, and behavior clarifications) with no runtime code modifications.
Overview
Adds a new
auth/reactguide documenting the@onkernel/managed-auth-reactembedded login flow (installation, backend handoff, same-origin proxying, styling/localization, and headless exports) and surfaces it in navigation;auth/overviewis updated to present Hosted UI/React/Programmatic as three integration options.Updates Managed Auth docs to match current behavior: documents
record_sessionreplay recording on connections/logins (auth/hosted-ui,auth/faq,auth/programmatic), refreshes programmatic MFA option types (includingpasswordandswitch) and clarifies fallback options duringAWAITING_EXTERNAL_ACTION, and corrects multiple places to state that profile/extension names are unique per project (not org).Reviewed by Cursor Bugbot for commit ef1580c. Bugbot is set up for automated code reviews on this repo. Configure here.