Skip to content

docs: document --auth-token flag, OAuth callback security note, and TUI notification UX#2932

Merged
dgageot merged 2 commits into
mainfrom
docs/auto-update
May 29, 2026
Merged

docs: document --auth-token flag, OAuth callback security note, and TUI notification UX#2932
dgageot merged 2 commits into
mainfrom
docs/auto-update

Conversation

@aheritier
Copy link
Copy Markdown
Contributor

@aheritier aheritier commented May 29, 2026
edited
Loading

Summary

Catch-up documentation updates for code changes merged in the last 36 hours.

Commits

docs: document --auth-token flag and add OAuth callback security note (refs #2921)

Files: docs/features/api-server/index.md, docs/features/cli/index.md, docs/features/remote-mcp/index.md

  • Added --auth-token to the docker agent serve api flags table in both the CLI reference and API server docs.
  • Added a security callout in the Remote MCP OAuth section recommending --auth-token when docker agent serve api listens on a non-localhost interface, explaining the threat model for POST /api/mcp-oauth/callback.

docs: document TUI notification UX improvements (refs #2931)

File: docs/features/tui/index.md

Added a ## Notifications section documenting the updated notification behaviour:

  • Notifications auto-dismiss unless the mouse hovers (hover pauses the timer)
  • Clicking a notification copies its text to the clipboard
  • The × close glyph turns red when hovered
  • Hint text in the notification border shows available actions at a glance

PRs covered

Source PR Title Doc impact
#2921 Address review feedback on #2896 --auth-token flag documented in API server + CLI reference; OAuth callback security callout added to Remote MCP docs
#2931 TUI - Improve notifications New Notifications section in TUI docs

PRs with no additional doc gaps

Source PR Title Reason
#2928 feat: add allow/block-list of servers to the mcp_catalog tool Docs included in the PR itself (docs/tools/mcp-catalog/index.md)
#2925 fix(mcpcatalog): tell the model to proceed after enabling an OAuth server Prompt-only fix, no user-facing feature to document
#2930 docs: update CHANGELOG.md for v1.70.0 Automated CHANGELOG update
#2918, #2926 chore: bump direct Go dependencies Dependency bumps, no docs needed

@aheritier aheritier requested a review from a team as a code owner May 29, 2026 13:01
@aheritier aheritier added kind/docs Documentation-only changes area/api For features/issues/fixes related to the usage of the cagent API area/cli CLI commands, flags, output formatting area/mcp MCP protocol, MCP tool servers, integration labels May 29, 2026
docker-agent
docker-agent reviewed May 29, 2026
View reviewed changes
Copy link
Copy Markdown

@docker-agent docker-agent left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Assessment: 🟢 APPROVE

Documentation PR adding --auth-token flag entries to two reference tables and a security callout to the Remote MCP OAuth section. The changes are factually sound and the security advice is appropriate. Two minor clarity/consistency notes are left as inline comments.

Comment thread docs/features/remote-mcp/index.md Outdated
Comment thread docs/features/api-server/index.md Outdated
@aheritier aheritier force-pushed the docs/auto-update branch 2 times, most recently from 24f07b3 to b2c1310 Compare May 29, 2026 13:05
@aheritier aheritier changed the title docs: document --auth-token flag and add OAuth callback security note docs: document --auth-token flag, OAuth callback security note, and TUI notification UX May 29, 2026
@dgageot dgageot merged commit 3fb5846 into main May 29, 2026
12 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@docker-agent docker-agent docker-agent left review comments

@dgageot dgageot dgageot approved these changes

@trungutt trungutt trungutt approved these changes

Assignees

No one assigned

Labels

area/api For features/issues/fixes related to the usage of the cagent API area/cli CLI commands, flags, output formatting area/mcp MCP protocol, MCP tool servers, integration kind/docs Documentation-only changes

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@aheritier @dgageot @trungutt @docker-agent