docs: improve docs for new config option

jasonraimondi · Aug 12, 2024 · f3f45c0 · f3f45c0
1 parent cf41704
commit f3f45c0
Show file tree

Hide file tree

Showing 6 changed files with 63 additions and 4 deletions.
diff --git a/docs/docs/endpoints/introspect.mdx b/docs/docs/endpoints/introspect.mdx
@@ -23,6 +23,19 @@ app.post("/token/introspect", async (req: Express.Request, res: Express.Response
 });
 ```
 
+### Configure
+
+Client credentials authentication is enabled by default. To disable, set `authenticateIntrospect` to `false`.
+
+```ts
+const authoriztionServer = new AuthorizationServer(
+  ...,
+  {
+    authenticateIntrospect: false,
+  }
+);
+```
+
 ### Request
 
 A complete token introspection request will include the following parameters:
@@ -61,6 +74,22 @@ You can authenticate by passing the `client_id` and `client_secret` as a query s
       ```
     </TabItem>
 
+    <TabItem value="authenticateIntrospect" label="authenticateIntrospect = false">
+      ```ts
+      new AuthorizationServer(..., {
+        authenticateIntrospect: false,
+      })
+      ```
+
+      ```http request []
+      POST /token/introspect HTTP/1.1
+      Host: example.com
+      Content-Type: application/x-www-form-urlencoded
+
+      token=xxxxxxxxxx
+      &token_type_hint=refresh_token
+      ```
+    </TabItem>
   </Tabs>
 </details>
 

diff --git a/docs/docs/endpoints/revoke.mdx b/docs/docs/endpoints/revoke.mdx
@@ -23,6 +23,19 @@ app.post("/token/revoke", async (req: Express.Request, res: Express.Response) =>
 });
 ```
 
+### Configure
+
+Client credentials authentication is enabled by default. To disable, set `authenticateRevoke` to `false`.
+
+```ts
+const authoriztionServer = new AuthorizationServer(
+  ...,
+  {
+    authenticateRevoke: false,
+  }
+);
+```
+
 ### Request
 
 A complete token revocation request will include the following parameters:
@@ -61,6 +74,23 @@ You can authenticate by passing the `client_id` and `client_secret` as a query s
       ```
     </TabItem>
 
+    <TabItem value="authenticateRevoke" label="authenticateRevoke = false">
+      ```ts
+      new AuthorizationServer(..., {
+        authenticateRevoke: false,
+      })
+      ```
+
+      ```http request []
+      POST /token/revoke HTTP/1.1
+      Host: example.com
+      Content-Type: application/x-www-form-urlencoded
+
+      token=xxxxxxxxxx
+      &token_type_hint=refresh_token
+      ```
+    </TabItem>
+
   </Tabs>
 </details>
 

diff --git a/docs/docs/grants/authorization_code.mdx b/docs/docs/grants/authorization_code.mdx
@@ -105,7 +105,7 @@ The authorization server will respond with the following response
 - **token_type** will always be `Bearer`
 - **expires_in** is the time the token will live in seconds
 - **access_token** is a JWT signed token and is used to authenticate into the resource server
-- **refresh_token** is a JWT signed token and can be used in with the [refresh grant](#refresh-token-grant)
+- **refresh_token** is a JWT signed token and can be used in with the [refresh grant](./refresh_token.mdx)
 - **scope** is a space delimited list of scopes the token has access to
 
 <details>

diff --git a/docs/docs/grants/password.mdx b/docs/docs/grants/password.mdx
@@ -70,7 +70,7 @@ The authorization server will respond with the following response
 - **token_type** will always be `Bearer`
 - **expires_in** is the time the token will live in seconds
 - **access_token** is a JWT signed token and is used to authenticate into the resource server
-- **refresh_token** is a JWT signed token and can be used in with the [refresh grant](#refresh-token-grant)
+- **refresh_token** is a JWT signed token and can be used in with the [refresh grant](./refresh_token.mdx)
 - **scope** is a space delimited list of scopes the token has access to
 
 <details>

diff --git a/docs/docs/grants/refresh_token.mdx b/docs/docs/grants/refresh_token.mdx
@@ -63,7 +63,7 @@ The authorization server will respond with the following response
 - **token_type** will always be `Bearer`
 - **expires_in** is the time the token will live in seconds
 - **access_token** is a JWT signed token and is used to authenticate into the resource server
-- **refresh_token** is a JWT signed token and can be used in with the [refresh grant](#refresh-token-grant)
+- **refresh_token** is a JWT signed token and can be used in with the refresh grant (this one)
 - **scope** is a space delimited list of scopes the token has access to
 
 <details>

diff --git a/docs/docs/upgrade_guide.md b/docs/docs/upgrade_guide.md
@@ -48,7 +48,7 @@ In v3, `enableGrantType` has been updated for the **"authorization_code"** and *
 
 #### Authorization Code Grant
 
-`AuthorizationCodeGrant` now requires a [AuthorizationCodeRepository](./getting_started/repositories.mdx#authorization-code-repository) and a [UserRepository](./getting_started/repositories.mdx#user-repository).
+`AuthorizationCodeGrant` now requires a [AuthorizationCodeRepository](./getting_started/repositories.mdx#auth-code-repository) and a [UserRepository](./getting_started/repositories.mdx#user-repository).
 
 **Before (v2.x):**