From 3d68875baf35c1ea7f603589f8ed565eb02e0fdc Mon Sep 17 00:00:00 2001 From: Mason Williams Date: Mon, 9 Feb 2026 02:27:02 -0500 Subject: [PATCH] Refactor credential handling in documentation to clarify automatic saving during login. Updated examples to remove `save_credential_as` parameter, emphasizing that credentials are saved by default. Added instructions for opting out of credential saving. Enhanced sections on auto-reauthentication across multiple files for consistency and clarity. --- profiles/credentials.mdx | 33 +++++++++++++++++++------- profiles/managed-auth/hosted-ui.mdx | 21 +++------------- profiles/managed-auth/overview.mdx | 9 ++----- profiles/managed-auth/programmatic.mdx | 17 +------------ 4 files changed, 30 insertions(+), 50 deletions(-) diff --git a/profiles/credentials.mdx b/profiles/credentials.mdx index 13a15e3..be1feec 100644 --- a/profiles/credentials.mdx +++ b/profiles/credentials.mdx @@ -16,25 +16,40 @@ Credentials are the automation layer for Managed Auth. Store login information s ## Save credentials during login -Add `save_credential_as` when starting a login flow. The credentials entered during login are securely stored: +By default, credentials entered during login are automatically saved for re-authentication. No extra parameters are needed: ```typescript TypeScript -const login = await kernel.auth.connections.login(auth.id, { - save_credential_as: 'my-login', -}); +const login = await kernel.auth.connections.login(auth.id); ``` ```python Python -login = await kernel.auth.connections.login( - auth.id, - save_credential_as="my-login", -) +login = await kernel.auth.connections.login(auth.id) ``` Once saved, the profile stays authenticated automatically. When the session expires, Kernel re-authenticates using the stored credentials—no user interaction needed. +To opt out of credential saving, set `save_credentials: false` when creating the connection: + + +```typescript TypeScript +const auth = await kernel.auth.connections.create({ + domain: 'example.com', + profile_name: 'my-profile', + save_credentials: false, +}); +``` + +```python Python +auth = await kernel.auth.connections.create( + domain="example.com", + profile_name="my-profile", + save_credentials=False, +) +``` + + ## Pre-store credentials For fully automated flows where no user is involved, create credentials upfront: @@ -237,7 +252,7 @@ while state.flow_status == "IN_PROGRESS": This is useful when you want to: - Store TOTP secrets but have users enter their password each time - Pre-fill username/email but collect password at runtime -- Merge user-provided values into an existing credential using `save_credential_as` +- Merge user-provided values into an existing credential automatically on successful login ## Security diff --git a/profiles/managed-auth/hosted-ui.mdx b/profiles/managed-auth/hosted-ui.mdx index df71542..c764473 100644 --- a/profiles/managed-auth/hosted-ui.mdx +++ b/profiles/managed-auth/hosted-ui.mdx @@ -208,26 +208,11 @@ if state.status == "AUTHENTICATED": The basic flow above gets you started. Add these features as needed: -### Save Credentials for Auto-Reauth +### Credentials and Auto-Reauth -Capture the user's credentials during login so future sessions can re-authenticate automatically when the session expires: +Credentials are saved automatically on successful login, enabling automatic re-authentication when the session expires—no user interaction needed. - -```typescript TypeScript -const login = await kernel.auth.connections.login(auth.id, { - save_credential_as: 'my-saved-creds', -}); -``` - -```python Python -login = await kernel.auth.connections.login( - auth.id, - save_credential_as="my-saved-creds", -) -``` - - -After successful login, future login sessions for this connection will automatically use the saved credentials—no user interaction needed. See [Credentials](/profiles/credentials) for more on automated authentication. +To opt out of credential saving, set `save_credentials: false` when creating the connection. See [Credentials](/profiles/credentials) for more on automated authentication. ### Custom Login URL diff --git a/profiles/managed-auth/overview.mdx b/profiles/managed-auth/overview.mdx index ca9b18f..4113e31 100644 --- a/profiles/managed-auth/overview.mdx +++ b/profiles/managed-auth/overview.mdx @@ -36,9 +36,7 @@ auth = await kernel.auth.connections.create( ```typescript TypeScript -const login = await kernel.auth.connections.login(auth.id, { - save_credential_as: 'my-netflix-creds', // Optional: save for auto-reauth -}); +const login = await kernel.auth.connections.login(auth.id); // Send user to login page console.log('Login URL:', login.hosted_url); @@ -56,10 +54,7 @@ if (state.status === 'AUTHENTICATED') { ``` ```python Python -login = await kernel.auth.connections.login( - auth.id, - save_credential_as="my-netflix-creds", # Optional: save for auto-reauth -) +login = await kernel.auth.connections.login(auth.id) # Send user to login page print(f"Login URL: {login.hosted_url}") diff --git a/profiles/managed-auth/programmatic.mdx b/profiles/managed-auth/programmatic.mdx index b2c98ba..c9204e1 100644 --- a/profiles/managed-auth/programmatic.mdx +++ b/profiles/managed-auth/programmatic.mdx @@ -56,22 +56,7 @@ login = await kernel.auth.connections.login(auth.id) ``` -To save credentials for automatic re-authentication: - - -```typescript TypeScript -const login = await kernel.auth.connections.login(auth.id, { - save_credential_as: 'my-saved-creds', -}); -``` - -```python Python -login = await kernel.auth.connections.login( - auth.id, - save_credential_as="my-saved-creds", -) -``` - +Credentials are saved automatically on successful login, enabling automatic re-authentication when the session expires. ### 3. Poll and Submit Credentials