Skip to content

docs(auth): expand auth reference — add CLI + full MCP + Console interactive sections#2717

Draft
DaveHanns wants to merge 1 commit into
masterfrom
docs-auth-reference-cli-mcp-console
Draft

docs(auth): expand auth reference — add CLI + full MCP + Console interactive sections#2717
DaveHanns wants to merge 1 commit into
masterfrom
docs-auth-reference-cli-mcp-console

Conversation

@DaveHanns

Copy link
Copy Markdown
Contributor

Summary

The current API integration page only describes REST-based authentication (HTTP header vs. token query param). Users who arrive via the CLI, the Apify MCP server, or the Console interactive login have no single reference explaining how their credential surface actually works.

This PR adds three subsections under the existing ## Authentication heading — CLI, MCP, and Console interactive — without touching existing prose.

Draft finding: F13 (auth reference gap) from an internal docs sweep. Related upstream conversations: apify-cli #1246 (APIFY_TOKEN interaction with ~/.apify/auth.json).

What changes

Single file: sources/platform/integrations/programming/api.md.

  • Adds a short curl example after the existing Authentication paragraph so the HTTP header form is concrete.
  • Adds ### Apify CLIapify login OAuth flow, ~/.apify/auth.json credentials file (macOS/Linux and Windows paths), non-interactive apify login --token, APIFY_TOKEN env var precedence.
  • Adds ### Apify MCP server — hosted mcp.apify.com (streamable HTTP + OAuth or bearer header), local stdio via @apify/actors-mcp-server, drop-in mcp.json snippets for Claude Code / Cursor / VS Code / Codex and for stdio-only clients (Claude Desktop), plus a note that scoped tokens transparently constrain MCP access.
  • Adds ### Apify Console (interactive login) — clarifies that browser sign-in yields a Console session cookie, not an API token, and walks through generating / scoping / rotating tokens on the Integrations settings page.

The new subsections cross-link to the existing #expiration, #rotation, #organization-accounts, and #api-tokens-with-limited-permissions sections so lifecycle information isn't duplicated.

Test plan

  • markdownlint --config .markdownlint.json sources/platform/integrations/programming/api.md passes (verified locally, exit 0).
  • pnpm start renders the page and the three new anchors show up in the TOC.
  • All fragment links in the new content resolve to existing headings on the same page.
  • Preview build has no console warnings about broken internal links.

The API integration page previously only documented REST-header and query-param
auth. This adds three sibling subsections under Authentication so readers can
find how their credential surface actually works: the CLI (apify login, the
~/.apify/auth.json credentials file, APIFY_TOKEN, and non-interactive
apify login --token), the MCP server (hosted streamable-HTTP transport with
OAuth or bearer header, local stdio @apify/actors-mcp-server, scope semantics,
and a drop-in mcp.json snippet), and Console interactive login (browser session
vs API token, plus where to generate, scope, rotate, and revoke tokens).

Existing content is unchanged; the additions slot in between the Authentication
section and Expiration section. Cross-references to #expiration, #rotation,
#organization-accounts, and #api-tokens-with-limited-permissions link readers
into the existing token lifecycle content.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
@apify-service-account

apify-service-account commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

✅ Preview for this PR (commit 7242749) is ready at https://pr-2717.preview.docs.apify.com (see action run).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants