docs: add authentication page for self-hosted documentation #3556
Conversation
Co-Authored-By: Sandeep Dinesh <sandeep@buildwithfern.com>
🤖 Devin AI EngineerI'll be helping with this pull request! Here's what you should know: ✅ I will automatically:
Note: I can only respond to comments from users who have write access to this repository. ⚙️ Control Options:
|
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
|
|
||
| Replace `<YOUR PASSWORD>` with the password users will enter to access the docs. | ||
|
|
||
| When a user visits the documentation, they are redirected to a login page where they must enter the password. After entering the correct password, they can browse the docs freely. |
There was a problem hiding this comment.
🚫 [vale] reported by reviewdog 🐶
[Microsoft.Contractions] Use 'they're' instead of 'they are'.
|
|
||
| Replace `<YOUR PASSWORD>` with the password users will enter to access the docs. | ||
|
|
||
| When a user visits the documentation, they are redirected to a login page where they must enter the password. After entering the correct password, they can browse the docs freely. |
There was a problem hiding this comment.
📝 [vale] reported by reviewdog 🐶
[FernStyles.Adverbs] Remove 'freely' if it's not important to the meaning of the statement.
| ``` | ||
|
|
||
| <Warning> | ||
| The `FERN_AUTH_SECRET` in your login server must exactly match the secret set in the Dockerfile. If they differ, JWT verification will fail and users will not be able to log in. |
There was a problem hiding this comment.
🚫 [vale] reported by reviewdog 🐶
[Microsoft.Contractions] Use 'won't' instead of 'will not'.
| Setting `FERN_AUTH_TEST_LOGIN="true"` enables the `/__test-login` endpoint on the container. When `FERN_AUTH_REDIRECT` points to this endpoint, unauthenticated users see a test login page with a single "Login with Test" button. Clicking the button mints a valid JWT and completes the authentication flow. | ||
|
|
||
| <Warning> | ||
| The test login page is intended for development and testing only. Do not enable `FERN_AUTH_TEST_LOGIN` in production environments. |
There was a problem hiding this comment.
🚫 [vale] reported by reviewdog 🐶
[Microsoft.Contractions] Use 'don't' instead of 'Do not'.
|
🌿 Preview your docs: https://fern-preview-7a2d775b-48a6-423a-80ba-a8b6dff2fd5f.docs.buildwithfern.com/learn Here are the markdown pages you've updated: |
2 participants
docs: add authentication page for self-hosted documentation
Summary
Adds a new "Authentication" page under the Self-hosted docs section, covering two auth modes introduced in fern-platform#6928:
FERN_AUTH_TYPE="password"andFERN_AUTH_SECRET./__test-logintest endpoint.The page is inserted in the sidebar between "Set up" and "Health check endpoints" at slug
/learn/docs/self-hosted/authentication.Review & Testing Checklist for Human
FERN_AUTH_TYPE,FERN_AUTH_SECRET,FERN_AUTH_ISSUER,FERN_AUTH_REDIRECT,FERN_AUTH_TEST_LOGIN, and JWT claimsfern,iss,iat,exp. Confirm these match the actual code merged in fern-platform#6928./api/fern-docs/auth/jwt/callbackwithfern_tokenandstatequery params. Thestateparam name may actually depend onFERN_AUTH_RETURN_TO_QUERY_PARAM(defaulting tostate) — decide if that nuance should be documented.<Warning>callouts,<Markdown>snippet inclusion).mintTestFernJWTfromcache-proxy.jsbut is a standalone example. Verify it would actually produce a valid token accepted by the container.Notes
Link to Devin run: https://app.devin.ai/sessions/13d0733d42bc4f8bacb714ee8a466a56
Requested by: @thesandlord