Document ID-JAG (XAA) and MCP enterprise-managed authorization#17786
Open
rafaeelaudibert wants to merge 3 commits into
Open
Document ID-JAG (XAA) and MCP enterprise-managed authorization#17786rafaeelaudibert wants to merge 3 commits into
rafaeelaudibert wants to merge 3 commits into
Conversation
Adds user-facing docs for ID-JAG (Identity Assertion JWT Authorization Grant, aka XAA) and how to use it to connect to the PostHog MCP server via the enterprise-managed authorization extension. - New general ID-JAG (XAA) auth page under settings, covering the grant, setup, token exchange, tokens, revocation, and troubleshooting - New MCP enterprise-managed authorization page covering the MCP-specific flow, discovery, and client setup - FAQ cross-link and nav entries (MCP section + settings section) Documents the feature added in PostHog/posthog#64747. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
rafaeelaudibert
requested review from
a team,
MattBro and
fercgomes
and removed request for
a team
Contributor
Deploy preview
|
Contributor
|
Vale prose linter → found 31 errors, 47 warnings, 7 suggestions in your markdown Full report → Copy the linter results into an LLM to batch-fix issues. Linter being weird? Update the rules!
|
| Line | Severity | Message | Rule |
|---|---|---|---|
| 10:242 | error | Hi, Andy here... use an en dash ( – ) with spaces. On Mac, holding down the Option and hyphen key will give you an en dash. | PostHogBase.EnDash |
| 10:265 | warning | 'Entra' is a possible misspelling. | PostHogBase.Spelling |
| 10:301 | error | Hi, Andy here... use an en dash ( – ) with spaces. On Mac, holding down the Option and hyphen key will give you an en dash. | PostHogBase.EnDash |
| 10:389 | warning | 'OAuthing' is a possible misspelling. | PostHogBase.Spelling |
| 12:107 | error | Hi, Andy here... use an en dash ( – ) with spaces. On Mac, holding down the Option and hyphen key will give you an en dash. | PostHogBase.EnDash |
| 12:112 | warning | 'OAuth' is a possible misspelling. | PostHogBase.Spelling |
| 26:180 | warning | 'OAuth' is a possible misspelling. | PostHogBase.Spelling |
| 30:24 | suggestion | Address the reader directly. Use 'you' instead of 'the user'. | PostHogDocs.DirectAddress |
| 59:38 | warning | 'OAuth' is a possible misspelling. | PostHogBase.Spelling |
| 59:70 | suggestion | Address the reader directly. Use 'you' instead of 'the user'. | PostHogDocs.DirectAddress |
| 63:137 | warning | 'OAuth' is a possible misspelling. | PostHogBase.Spelling |
| 89:48 | warning | 'OAuth' is a possible misspelling. | PostHogBase.Spelling |
| 90:122 | error | Hi, Andy here... use an en dash ( – ) with spaces. On Mac, holding down the Option and hyphen key will give you an en dash. | PostHogBase.EnDash |
| 98:119 | suggestion | Address the reader directly. Use 'you' instead of 'the user'. | PostHogDocs.DirectAddress |
| 106:35 | warning | 'IdP's' is a possible misspelling. | PostHogBase.Spelling |
| 108:48 | warning | 'OAuth' is a possible misspelling. | PostHogBase.Spelling |
| 110:43 | warning | 'IdP's' is a possible misspelling. | PostHogBase.Spelling |
| 116:15 | error | Hi, Andy here... use an en dash ( – ) with spaces. On Mac, holding down the Option and hyphen key will give you an en dash. | PostHogBase.EnDash |
| 117:42 | error | Hi, Andy here... use an en dash ( – ) with spaces. On Mac, holding down the Option and hyphen key will give you an en dash. | PostHogBase.EnDash |
| 117:96 | warning | 'orgs' is a possible misspelling. | PostHogBase.Spelling |
| 141:54 | error | Hi, Andy here... use an en dash ( – ) with spaces. On Mac, holding down the Option and hyphen key will give you an en dash. | PostHogBase.EnDash |
| 147:19 | error | Hi, Andy here... use an en dash ( – ) with spaces. On Mac, holding down the Option and hyphen key will give you an en dash. | PostHogBase.EnDash |
| 148:27 | error | Hi, Andy here... use an en dash ( – ) with spaces. On Mac, holding down the Option and hyphen key will give you an en dash. | PostHogBase.EnDash |
| 149:27 | error | Hi, Andy here... use an en dash ( – ) with spaces. On Mac, holding down the Option and hyphen key will give you an en dash. | PostHogBase.EnDash |
| 150:32 | error | Hi, Andy here... use an en dash ( – ) with spaces. On Mac, holding down the Option and hyphen key will give you an en dash. | PostHogBase.EnDash |
| 154:102 | error | Hi, Andy here... use an en dash ( – ) with spaces. On Mac, holding down the Option and hyphen key will give you an en dash. | PostHogBase.EnDash |
| 158:37 | warning | 'OAuth' is a possible misspelling. | PostHogBase.Spelling |
| 163:181 | suggestion | Address the reader directly. Use 'you' instead of 'the user'. | PostHogDocs.DirectAddress |
| 163:271 | error | Hi, Andy here... use an en dash ( – ) with spaces. On Mac, holding down the Option and hyphen key will give you an en dash. | PostHogBase.EnDash |
| 163:287 | warning | Capitalize 'Logs' for PostHog's product. Use 'logs' for the general industry concept. | PostHogBase.ProductNames |
contents/docs/model-context-protocol/faq.mdx — 5 errors, 22 warnings, 0 suggestions
| Line | Severity | Message | Rule |
|---|---|---|---|
| 10:71 | warning | 'untrusted' is a possible misspelling. | PostHogBase.Spelling |
| 16:150 | warning | Capitalize 'Feature Flags' for PostHog's product. Use 'feature flags' for the general industry concept. | PostHogBase.ProductNames |
| 16:165 | warning | Capitalize 'Product Analytics' for PostHog's product. Use 'product analytics' for the general industry concept. | PostHogBase.ProductNames |
| 16:184 | warning | Capitalize 'Error Tracking' for PostHog's product. Use 'error tracking' for the general industry concept. | PostHogBase.ProductNames |
| 16:200 | warning | Capitalize 'Experiments' for PostHog's product. Use 'experiments' for the general industry concept. | PostHogBase.ProductNames |
| 16:231 | warning | Capitalize 'Surveys' for PostHog's product. Use 'surveys' for the general industry concept. | PostHogBase.ProductNames |
| 30:111 | warning | Capitalize 'Endpoints' for PostHog's product. Use 'endpoints' for the general industry concept. | PostHogBase.ProductNames |
| 38:5 | warning | 'OAuth' is a possible misspelling. | PostHogBase.Spelling |
| 38:108 | warning | 'OAuth' is a possible misspelling. | PostHogBase.Spelling |
| 42:218 | warning | 'Entra' is a possible misspelling. | PostHogBase.Spelling |
| 42:254 | warning | 'OAuth' is a possible misspelling. | PostHogBase.Spelling |
| 50:69 | warning | 'untrusted' is a possible misspelling. | PostHogBase.Spelling |
| 54:5 | warning | 'Using an API key instead of OAuth' heading should be in sentence case, and product names should be capitalized. | PostHogBase.SentenceCase |
| 54:33 | warning | 'OAuth' is a possible misspelling. | PostHogBase.Spelling |
| 56:36 | warning | 'OAuth' is a possible misspelling. | PostHogBase.Spelling |
| 87:30 | error | Hi, Andy here... use an en dash ( – ) with spaces. On Mac, holding down the Option and hyphen key will give you an en dash. | PostHogBase.EnDash |
| 88:25 | error | Hi, Andy here... use an en dash ( – ) with spaces. On Mac, holding down the Option and hyphen key will give you an en dash. | PostHogBase.EnDash |
| 92:20 | error | Hi, Andy here... use an en dash ( – ) with spaces. On Mac, holding down the Option and hyphen key will give you an en dash. | PostHogBase.EnDash |
| 93:15 | error | Hi, Andy here... use an en dash ( – ) with spaces. On Mac, holding down the Option and hyphen key will give you an en dash. | PostHogBase.EnDash |
| 119:122 | warning | 'Cowork' is a possible misspelling. | PostHogBase.Spelling |
| 163:57 | warning | Use the Oxford comma before 'and' or 'or' in a list of three or more items. | PostHogBase.OxfordComma |
| 186:31 | warning | Capitalize 'Data Warehouse' for PostHog's product. Use 'Data warehouse' for the general industry concept. | PostHogBase.ProductNames |
| 192:43 | warning | Capitalize 'Experiments' for PostHog's product. Use 'experiments' for the general industry concept. | PostHogBase.ProductNames |
| 221:68 | error | Hi, Andy here... use an en dash ( – ) with spaces. On Mac, holding down the Option and hyphen key will give you an en dash. | PostHogBase.EnDash |
| 252:24 | warning | Use 'PostHog' instead of 'posthog'. | Vale.Terms |
| 253:26 | warning | Use 'PostHog' instead of 'posthog'. | Vale.Terms |
| 254:17 | warning | Use 'PostHog' instead of 'posthog'. | Vale.Terms |
contents/docs/settings/id-jag.mdx — 13 errors, 12 warnings, 3 suggestions
| Line | Severity | Message | Rule |
|---|---|---|---|
| 10:138 | error | Hi, Andy here... use an en dash ( – ) with spaces. On Mac, holding down the Option and hyphen key will give you an en dash. | PostHogBase.EnDash |
| 10:161 | warning | 'Entra' is a possible misspelling. | PostHogBase.Spelling |
| 10:197 | error | Hi, Andy here... use an en dash ( – ) with spaces. On Mac, holding down the Option and hyphen key will give you an en dash. | PostHogBase.EnDash |
| 10:359 | warning | 'OAuth' is a possible misspelling. | PostHogBase.Spelling |
| 26:110 | warning | 'OAuth' is a possible misspelling. | PostHogBase.Spelling |
| 28:38 | error | Hi, Andy here... use an en dash ( – ) with spaces. On Mac, holding down the Option and hyphen key will give you an en dash. | PostHogBase.EnDash |
| 29:26 | error | Hi, Andy here... use an en dash ( – ) with spaces. On Mac, holding down the Option and hyphen key will give you an en dash. | PostHogBase.EnDash |
| 30:30 | error | Hi, Andy here... use an en dash ( – ) with spaces. On Mac, holding down the Option and hyphen key will give you an en dash. | PostHogBase.EnDash |
| 31:21 | error | Hi, Andy here... use an en dash ( – ) with spaces. On Mac, holding down the Option and hyphen key will give you an en dash. | PostHogBase.EnDash |
| 63:51 | warning | 'IdP's' is a possible misspelling. | PostHogBase.Spelling |
| 63:169 | suggestion | Address the reader directly. Use 'you' instead of 'the user'. | PostHogDocs.DirectAddress |
| 77:119 | suggestion | Address the reader directly. Use 'you' instead of 'the user'. | PostHogDocs.DirectAddress |
| 85:35 | warning | 'IdP's' is a possible misspelling. | PostHogBase.Spelling |
| 87:48 | warning | 'OAuth' is a possible misspelling. | PostHogBase.Spelling |
| 89:43 | warning | 'IdP's' is a possible misspelling. | PostHogBase.Spelling |
| 97:4 | warning | 'Exchanging an ID-JAG for an access token' heading should be in sentence case, and product names should be capitalized. | PostHogBase.SentenceCase |
| 99:41 | warning | 'OAuth' is a possible misspelling. | PostHogBase.Spelling |
| 124:65 | error | Hi, Andy here... use an en dash ( – ) with spaces. On Mac, holding down the Option and hyphen key will give you an en dash. | PostHogBase.EnDash |
| 130:19 | error | Hi, Andy here... use an en dash ( – ) with spaces. On Mac, holding down the Option and hyphen key will give you an en dash. | PostHogBase.EnDash |
| 131:27 | error | Hi, Andy here... use an en dash ( – ) with spaces. On Mac, holding down the Option and hyphen key will give you an en dash. | PostHogBase.EnDash |
| 132:27 | error | Hi, Andy here... use an en dash ( – ) with spaces. On Mac, holding down the Option and hyphen key will give you an en dash. | PostHogBase.EnDash |
| 133:32 | error | Hi, Andy here... use an en dash ( – ) with spaces. On Mac, holding down the Option and hyphen key will give you an en dash. | PostHogBase.EnDash |
| 137:102 | error | Hi, Andy here... use an en dash ( – ) with spaces. On Mac, holding down the Option and hyphen key will give you an en dash. | PostHogBase.EnDash |
| 141:37 | warning | 'OAuth' is a possible misspelling. | PostHogBase.Spelling |
| 146:181 | suggestion | Address the reader directly. Use 'you' instead of 'the user'. | PostHogDocs.DirectAddress |
| 146:271 | error | Hi, Andy here... use an en dash ( – ) with spaces. On Mac, holding down the Option and hyphen key will give you an en dash. | PostHogBase.EnDash |
| 146:287 | warning | Capitalize 'Logs' for PostHog's product. Use 'logs' for the general industry concept. | PostHogBase.ProductNames |
| 157:4 | warning | 'OAuth' is a possible misspelling. | PostHogBase.Spelling |
The intro linked "OAuth" to the SSO page; point it to /docs/api/oauth and add the OAuth integration page to further reading. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
The same prompt appears in the Enterprise-plan callout and requirements. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Contributor
Bundle reportTotal JS (gzip)6.21 MiB (+0.1 KiB / +0.0%) Eager graph (static-import closure per entrypoint)
Largest modules in the
|
| Module | Size |
|---|---|
css ./node_modules/.pnpm/css-loader@5.2.7_webpack@5.101.3/node_modules/css-loader/dist/cjs.js??ruleSet[1].rules[8].oneOf[1].use[1]!./node_modules/.pnpm/postcss-loader@4.3.0_postcss@8.5.6_webpack@5.101.3/node_modules/postcss-loader/dist/cjs.js??ruleSet[1].rules[8].oneOf[1].use[2]!./src/styles/global.css |
709.9 KiB |
./src/components/Stickers/Stickers.tsx |
696.4 KiB |
./.cache/caches/gatsby-plugin-mdx/mdx-scopes-dir/31a094f140f119e73085d847ae81b99b.js + 2 modules |
507.6 KiB |
./node_modules/.pnpm/@radix-ui+react-icons@1.3.2_react@18.3.1/node_modules/@radix-ui/react-icons/dist/react-icons.esm.js |
481.4 KiB |
./node_modules/.pnpm/@codemirror+view@6.38.2/node_modules/@codemirror/view/dist/index.js |
458.1 KiB |
./node_modules/.pnpm/rehype-raw@7.0.0/node_modules/rehype-raw/lib/index.js + 29 modules |
395.1 KiB |
./node_modules/.pnpm/@posthog+icons@0.36.6_react-dom@18.3.1_react@18.3.1__react@18.3.1/node_modules/@posthog/icons/dist/posthog-icons.cjs.js |
364.8 KiB |
./node_modules/.pnpm/@posthog+icons@0.36.6_react-dom@18.3.1_react@18.3.1__react@18.3.1/node_modules/@posthog/icons/dist/posthog-icons.es.js |
354.8 KiB |
./src/hooks/useCustomers.tsx + 54 modules |
353.9 KiB |
./node_modules/.pnpm/react-markdown@8.0.7_@types+react@16.14.66_react@18.3.1/node_modules/react-markdown/lib/react-markdown.js + 88 modules |
351.4 KiB |
./node_modules/.pnpm/cloudinary-core@2.14.0_lodash@4.17.21/node_modules/cloudinary-core/cloudinary-core.js |
281.9 KiB |
./node_modules/.pnpm/@codesandbox+sandpack-react@2.20.0_react-dom@18.3.1_react@18.3.1__react@18.3.1/node_modules/@codesandbox/sandpack-react/dist/index.mjs |
266.6 KiB |
./src/components/ProductComparisonTable/index.tsx + 114 modules |
264.0 KiB |
./node_modules/.pnpm/d3@7.9.0/node_modules/d3/src/index.js + 208 modules |
247.4 KiB |
./src/components/Pricing/PricingSlider/Slider.tsx + 87 modules |
239.9 KiB |
Eager-graph budgets are report-only until a baseline is established. Sizes are gzip of public/**/*.js; eager size is webpack module source bytes.
fercgomes
approved these changes
Jun 19, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
Adds user-facing documentation for ID-JAG (Identity Assertion JWT Authorization Grant, aka XAA) and how to use it to connect to the PostHog MCP server via the enterprise-managed authorization extension.
Documents the feature shipped in PostHog/posthog#64747 (
feat(oauth): support MCP enterprise-managed authorization (ID-JAG)).Changes
/docs/settings/id-jag(contents/docs/settings/id-jag.mdx): the general ID-JAG (XAA) auth grant — why use it, requirements, IdP setup, the token-exchange request, token properties, central revocation, and troubleshooting. Includes beta and Enterprise-plan callouts, and notes the feature isn't enabled for every Enterprise customer yet (points to TAM /<SmallTeam slug="platform-features" />)./docs/model-context-protocol/enterprise-managed-authorization(contents/docs/model-context-protocol/enterprise-managed-authorization.mdx): the MCP-specific flow — discovery (authorization_grant_profiles_supported), the ID-JAG → access-token exchange, client setup, and troubleshooting.contents/docs/model-context-protocol/faq.mdx): cross-link Q&A under the auth section.src/navs/index.js): entries under the MCP section and the settings/security section.Notes
posthog/api/id_jag.py,posthog/api/oauth/views.py, theConfigureIdJagModal) and the MCP extension spec.vercel.jsonredirect.🤖 Generated with Claude Code