fix user not found error

[omar-inkeep]

bug fix:

• user is only needed for user-scoped credentials. so check should only be in place if this scope is selected. changed code to address this.
• disabled user-scoped option if auth is disabled
  • added a note/description for this
• tested that project-scoped works if auth is disabled

[changeset-bot]

🦋 Changeset detected

Latest commit: 2d4a528

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 9 packages

Name	Type
@inkeep/agents-manage-ui	Patch
@inkeep/agents-manage-api	Patch
@inkeep/agents-run-api	Patch
@inkeep/agents-cli	Patch
@inkeep/agents-core	Patch
@inkeep/agents-manage-mcp	Patch
@inkeep/agents-sdk	Patch
@inkeep/ai-sdk-provider	Patch
@inkeep/create-agents	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Review	Updated (UTC)
agents-docs	Ready	Preview, Comment	Jan 2, 2026 1:54am
agents-manage-api	Ready	Preview, Comment	Jan 2, 2026 1:54am
agents-manage-ui	Ready	Preview, Comment	Jan 2, 2026 1:54am
agents-run-api	Ready	Preview, Comment	Jan 2, 2026 1:54am

[claude]

Claude finished @omar-inkeep's task —— View job

---

TypeScript Staff Engineer Review

Reviewing this PR for code quality, architecture, and system design considerations.

Todo List

• Analyze the changeset and overall PR scope
• Review OAuth login hook changes (use-oauth-login.ts)
• Review UI component changes (scope-selection-dialog.tsx)
• Check .env.example changes
• Evaluate fix for user not found error logic
• Assess architectural and system design implications
• Provide comprehensive feedback and recommendations

---

Summary

This PR fixes a "user not found" error by properly scoping user validation to only when user-scoped credentials are selected, and improves the UX by disabling user-scoped options when authentication is disabled.

✅ What's Done Well

Logical Fix: The core fix correctly moves user validation inside the isUserScoped condition (lines 167-172 in use-oauth-login.ts), preventing the error when using project-scoped credentials.

UX Consistency: The UI properly disables user-scoped options when auth is disabled, providing clear visual feedback and an explanatory alert.

Type Safety: Maintains proper TypeScript typing with the conditional userId assignment.

🔍 Areas for Consideration

1. State Management & Edge Cases (Medium Priority)

Issue: selectedScope state could become inconsistent if user-scoped is selected, then auth is disabled dynamically.

// Current: no state reset when isUserScopeDisabled changes
const [selectedScope, setSelectedScope] = useState<CredentialScope>(CredentialScopeEnum.project);

Recommendation: Add a useEffect to reset to project scope when user scope becomes disabled:

useEffect(() => {
  if (isUserScopeDisabled && selectedScope === CredentialScopeEnum.user) {
    setSelectedScope(CredentialScopeEnum.project);
  }
}, [isUserScopeDisabled, selectedScope]);

2. Authentication Context & Error Handling (Medium Priority)

Issue: The current fix assumes user is null when auth is disabled, but this creates an implicit dependency on authentication implementation details.

Recommendations:

• Consider explicitly checking PUBLIC_DISABLE_AUTH in the hook for clarity
• Add logging to distinguish between "auth disabled" vs "user not authenticated" scenarios:

if (isUserScoped) {
  if (isAuthDisabled) {
    throw new Error('User-scoped credentials require authentication to be enabled');
  }
  if (!user) {
    throw new Error('User not authenticated');
  }
  userId = user.id;
}

3. Configuration Consistency (Low Priority)

Issue: Adding PUBLIC_DISABLE_AUTH to .env.example but this creates potential configuration drift - both DISABLE_AUTH and PUBLIC_DISABLE_AUTH exist.

Consideration: Document the relationship between these two variables or consider consolidating them if they serve the same purpose.

4. Component Accessibility (Low Priority)

Enhancement: The disabled button could benefit from an aria-describedby attribute linking to the alert:

<button
  // ... other props
  aria-describedby={isUserScopeDisabled ? "user-scope-disabled-alert" : undefined}
  disabled={isUserScopeDisabled}
>
  {/* button content */}
</button>

{isUserScopeDisabled && (
  <Alert id="user-scope-disabled-alert" variant="default" className="bg-muted/50">
    {/* alert content */}
  </Alert>
)}

🏗️ Architecture Assessment

Separation of Concerns: ✅ Good separation between UI state management and business logic

Error Boundaries: ✅ Appropriate error handling with user-friendly messages

Extensibility: ✅ The credential scope pattern is well-designed for future scope types

Performance: ✅ No performance concerns; state updates are minimal and appropriate

🧪 Testing Considerations

Consider adding test cases for:

1. User-scoped selection when auth is disabled (should show alert)
2. State reset when scope becomes unavailable
3. Error handling in OAuth flow for both scoped scenarios

Overall Assessment

This is a solid, well-targeted fix that addresses the core issue without over-engineering. The changes are minimal, focused, and maintain existing patterns. The main suggestions are defensive programming improvements rather than critical issues.

Approval Recommendation: ✅ Approve with minor suggestions

The fix correctly addresses the user not found error and improves UX. The suggested enhancements are optimizations that could be addressed in follow-up work if desired.