docs: allow multiple passkey credentials#479
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
|
Preview deployment for your docs. Learn more about Mintlify Previews.
|
|
Warning This pull request is not mergeable via GitHub because a downstack PR is open. Once all requirements are satisfied, merge this PR as a stack on Graphite.
This stack of pull requests is managed by Graphite. Learn more about stacking. |
✱ Stainless preview builds for gridThis PR will update the cli csharp go kotlin openapi php python ruby typescript Edit this comment to update them. They will appear in their respective SDK's changelogs. ✅ grid-openapi studio · code · diff
✅ grid-ruby studio · code · diff
✅ grid-go studio · code · diff
✅ grid-typescript studio · code · diff
✅ grid-kotlin studio · code · diff
✅ grid-python studio · code · diff
✅ grid-csharp studio · code · diff
✅ grid-php studio · code · diff
✅ grid-cli studio · code · diff
This comment is auto-generated by GitHub Actions and is automatically kept up to date as you push. |
Greptile SummaryThis PR updates the authentication credential documentation to reflect that multiple distinct
Confidence Score: 5/5Documentation-only change with no application logic; all updated descriptions are consistent across source and bundled files. All five changed files are documentation or generated spec bundles. The credential-limit semantics are updated consistently in the source YAML, the bundled root spec, the Mintlify bundle, and the MDX snippet. No logic, migrations, or API behaviour is altered. No files require special attention.
|
| Filename | Overview |
|---|---|
| openapi/paths/auth/auth_credentials.yaml | Endpoint description updated to allow multiple distinct PASSKEY credentials; 400 response description updated to clarify per-credentialId uniqueness constraint. |
| openapi/components/schemas/errors/Error400.yaml | Updated PASSKEY_CREDENTIAL_ALREADY_EXISTS description to reflect WebAuthn credentialId-scoped uniqueness; EMAIL_OTP entry unchanged. |
| mintlify/snippets/global-accounts/authentication.mdx | Updated credential multiplicity docs: one EMAIL_OTP, multiple distinct PASSKEYs, OAUTH per provider; backup credential guidance now recommends adding a second passkey. |
| openapi.yaml | Bundled root spec regenerated from source; changes are identical to source files. |
| mintlify/openapi.yaml | Bundled Mintlify spec regenerated from source; changes are identical to source files. |
Flowchart
%%{init: {'theme': 'neutral'}}%%
flowchart TD
A[POST /auth/credentials] --> B{Credential type?}
B --> |EMAIL_OTP| C{EMAIL_OTP already exists?}
B --> |PASSKEY| D{Same WebAuthn credentialId already registered?}
B --> |OAUTH| E[Add credential for provider identity]
C --> |Yes| F[400 EMAIL_OTP_CREDENTIAL_ALREADY_EXISTS]
C --> |No| G[202 → signed retry → 201 Created]
D --> |Yes| H[400 PASSKEY_CREDENTIAL_ALREADY_EXISTS]
D --> |No| I[202 → signed retry → 201 Created - Multiple distinct PASSKEYs allowed]
E --> J[202 → signed retry → 201 Created]
Reviews (4): Last reviewed commit: "docs: allow multiple passkey credentials" | Re-trigger Greptile
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
| | **`EMAIL_OTP`** | Lowest-friction option. Works on any device with email access — no biometric hardware, identity provider, or client SDK required beyond the code entry field. | | ||
|
|
||
| A single internal account can hold one credential of each type concurrently. Only one `PASSKEY` and one `EMAIL_OTP` per account in v1. | ||
| A single internal account can hold one `EMAIL_OTP` credential and multiple distinct `PASSKEY` credentials concurrently. `OAUTH` credentials can be added for each supported provider identity. |
There was a problem hiding this comment.
The new sentence — "OAUTH credentials can be added for each supported provider identity" — is a behavioral assertion that isn't corroborated by any change in the API error codes or the OpenAPI spec. The old text implied one credential of each type; this PR only updates the PASSKEY constraint with a matching PASSKEY_CREDENTIAL_ALREADY_EXISTS clarification. If the OAUTH limit is also provider-scoped (i.e., one per provider rather than one total), there should be a corresponding error-code description (or at least a note in the API spec) backing this claim. Without it, a developer who tries to register a second OAUTH credential and hits an undocumented error will be confused by the mismatch between docs and API behavior.
Prompt To Fix With AI
This is a comment left during a code review.
Path: mintlify/snippets/global-accounts/authentication.mdx
Line: 9
Comment:
**Unverified OAUTH multiplicity claim**
The new sentence — "OAUTH credentials can be added for each supported provider identity" — is a behavioral assertion that isn't corroborated by any change in the API error codes or the OpenAPI spec. The old text implied one credential of each type; this PR only updates the PASSKEY constraint with a matching `PASSKEY_CREDENTIAL_ALREADY_EXISTS` clarification. If the OAUTH limit is also provider-scoped (i.e., one per provider rather than one total), there should be a corresponding error-code description (or at least a note in the API spec) backing this claim. Without it, a developer who tries to register a second OAUTH credential and hits an undocumented error will be confused by the mismatch between docs and API behavior.
How can I resolve this? If you propose a fix, please make it concise.
There was a problem hiding this comment.
The new sentence is true
DhruvPareek
force-pushed
the
dp/grid-multiple-passkey-auth-docs
branch
from
399d0f1 to
e08f4d3
Compare
DhruvPareek
changed the base branch from
graphite-base/479
to
docs-auth-signed-retry-examples
DhruvPareek
force-pushed
the
docs-auth-signed-retry-examples
branch
from
9f62ede to
bd0067a
Compare
DhruvPareek
force-pushed
the
dp/grid-multiple-passkey-auth-docs
branch
from
e08f4d3 to
bd061b8
Compare
Summary: - Update auth credential OpenAPI source to describe one EMAIL_OTP credential and multiple distinct PASSKEY credentials. - Update PASSKEY_CREDENTIAL_ALREADY_EXISTS docs to mean duplicate WebAuthn credentialId rather than one-passkey-per-account. - Update Global Accounts authentication docs to recommend backup credentials including additional passkeys. - Rebuild bundled openapi.yaml and mintlify/openapi.yaml. Test Plan: - make build - make lint - git diff --check
DhruvPareek
force-pushed
the
dp/grid-multiple-passkey-auth-docs
branch
from
bd061b8 to
573b869
Compare
DhruvPareek
force-pushed
the
docs-auth-signed-retry-examples
branch
from
bd0067a to
36bc92e
Compare
![restamp-bot[bot]](https://avatars.githubusercontent.com/u/103385173?s=60&v=4){kind=small}
2 participants
Summary
EMAIL_OTPcredential and multiple distinctPASSKEYcredentials.credentialId.Test Plan
make buildnpm run lintgit diff --check