docs(review): address Greptile review feedback across the stack

[rodrigopavezi]

Applies 16 of 18 Greptile review comments from PRs #88-95. Skipped:

• PR docs(nav): restructure navigation, remove legacy pages, retire Portal #88 forward-links comment (resolved by Phase B in docs(content): add use-case pages, Dashboard + Secure Payment tools pages #90 — pages now
  exist)
• PR docs(scripts): add Playwright screenshot capture scaffolding #91 lockfile exclusion (P2 opinion; team has chosen to gitignore)

PR #88

• getting-started.mdx: replaced the "API Key Generation" steps with the
  Client ID flow on the Dashboard.

PR #89

• secure-payment-supported-networks-and-currencies.mdx: qualified the
  cross-chain note — Tron payments are same-chain; Li.Fi swap-to-pay
  is EVM-source only.
• release-notes/request-api.mdx: distinguished the four "2026-Q1"
  Update blocks with topical sub-labels (Payouts, Tron, Accounting,
  Calldata).

PR #90

• docs.json: removed the duplicate tools/dashboard entry from the API
  Setup group. The Tools group in Resources is the canonical home.
• programmatic-payment-links.mdx: TS/Python/cURL switched from
  to per AGENTS.md style. Other Tabs blocks (EVM-vs-Tron
  variants) stay as Tabs since they are alternative content.
• programmatic-payment-links.mdx: fixed the timingSafeEqual signature
  check to compare decoded buffer lengths instead of raw hex string
  lengths.

PR #91

• package.json: dropped @playwright/test (only playwright is used).
• scripts/capture-screenshots.ts: switched waitUntil from "networkidle"
  to "load". Vite HMR keeps a persistent WebSocket open so networkidle
  always timed out against dev servers.

PR #92

• integration-tutorial.mdx: changed the webhook-section .env placeholder
  from <YOUR_API_KEY> to <YOUR_CLIENT_ID> for consistency.

PR #93

• secure-payments.mdx: rewrote the redirectUrl description to remove
  the self-contradiction ("redirected" vs "no auto-redirect").
• programmatic-payment-links.mdx: the "send back to your site" code
  example now captures the response and uses securePaymentUrl.

PR #94

• payee-destinations.mdx: accessPolicy sub-fields restructured from a
  Markdown table to with nested entries.
• compliance-gated-payments.mdx: "How it works" numbered list switched
  to with components.

PR #95

• multi-chain-checkout.mdx: "you decide of the destination" →
  "you decide on the destination" (grammar).
• batch-payouts.mdx: removed the duplicate "hosted" in the Mode 1
  description.
• welcome.mdx: dropped the SDK framing — the Dashboard and Secure
  Payment Page are no-code hosted tools, not SDK consumers.

[rodrigopavezi]

Warning

This pull request is not mergeable via GitHub because a downstack PR is open. Once all requirements are satisfied, merge this PR as a stack on Graphite.
Learn more

• docs(review): apply Tristan's two must-fix items from the final review #97
• docs(review): address Greptile review feedback across the stack #96 👈 (View in Graphite)
• docs(feedback): apply Tristan's revisions from RequestNetwork/request-api#806 #95
• docs(kyt): document KYT-screened payments as a use case + payee-destination field #94
• docs(secure-payments): document redirectUrl + redirectLabel #93
• docs(verify): fix broken cross-refs surfaced by mintlify broken-links #92
• docs(scripts): add Playwright screenshot capture scaffolding #91
• docs(content): add use-case pages, Dashboard + Secure Payment tools pages #90
• docs(content): refresh Tron coverage, batch-payment EVM scope, webhook 12-event list #89
• docs(nav): restructure navigation, remove legacy pages, retire Portal #88
• docs: fix broken links and clarify edge cases #87
• docs: add missing feature documentation for recent API changes #86
• docs: fix implementation discrepancies across API docs #85
• docs: remove beta banner and legacy SDK tab #78
• Remove AI-generated content warnings and update internal links #77
• docs(lifecycle): replace external image with local asset and remove AI-generated warning #76
• docs: remove AI-generated content warnings and simplify Request Scan page #75
• docs(resources): remove community page from navigation #74
• docs(supported-chains): add Tron network support and enhance currency documentation #73
• docs(supported-chains): streamline supported chains and currencies documentation #72
• docs(api-reference): add v2 endpoints overview and switch docs OpenAPI to v2-only spec Improve API Reference navigation by introducing a dedicated Endpoints Overview page in docs and wiring Mintlify OpenAPI rendering to a local v2-only spec. - add `api-re #71
• docs(authentication): simplify auth guide with API key vs Client ID methods and remove AI-generated content #70
• docs(fee-breakdowns): rewrite to focus on API response locations and reconciliation usage #69
• docs(protocol-fees): add protocol fees documentation and navigation #68
• docs(platform-fees): simplify configuration guide and remove AI-generated content warning #67
• docs(query-payments): rewrite with practical implementation focus and remove AI warning #66
• docs(query-requests): simplify and refactor query requests documentation for practical implementation #65
• docs(payment-detection): simplify content and remove AI warning #64
• docs(partial-payments): rewrite with step-by-step implementation guide and clarify API usage #63
• docs(standard-payments): remove AI warning, restructure content with step-by-step flow, and update API references #62
• docs(conversion-payments): rewrite with step-by-step implementation guide and remove AI-generated warning #61
• docs(payment-types): simplify overview and add payment type selection guidance #60
• docs(crypto-to-fiat): expand comprehensive guide with sandbox access, compliance flows, and implementation details #59
• docs(recurring-payments): rewrite with comprehensive workflow, security details, and practical implementation guide #58
• docs(batch-payments): add comprehensive implementation guide with examples, workflow diagrams, and demo videos #57
• docs(crosschain-payments): replace AI-generated content with comprehensive implementation guide #56
• docs(create-requests): rewrite with workflows, examples, and remove AI warning #55
• feat: add complete integration tutorial with Node.js backend and React frontend #54
• docs(getting-started): remove AI warning and refactor to focus on practical payment integration #53
• docs(api-portal): remove AI warning, add local screenshot, and update .gitignore #52
• docs: remove release notes section and streamline use cases to core features #51
• main

This stack of pull requests is managed by Graphite. Learn more about stacking.

[greptile-apps]

Greptile Summary

This PR applies 16 of 18 Greptile review comments from PRs #88–95, covering terminology updates (API Key → Client ID), component migrations (<Tabs> → <CodeGroup>, numbered list → <Steps>), endpoint path fixes (/v2/ prefix), and a timingSafeEqual buffer-length correctness fix.

• Auth terminology sweep: x-api-key / RN_API_KEY replaced with x-client-id / RN_CLIENT_ID across getting-started.mdx, integration-tutorial.mdx, create-requests.mdx, batch-payments.mdx, and payouts.mdx; the Mermaid sequence diagram in create-requests.mdx still annotates auth as {apiKey} while the code examples below it use x-client-id.
• Component and phrasing fixes: payee-destinations.mdx moves accessPolicy sub-fields from a Markdown table to <Expandable> + nested <ParamField>; compliance-gated-payments.mdx converts a conditional numbered list to <Steps>, but steps 3 and 4 describe mutually exclusive screening outcomes rather than sequential actions.
• Script and config fixes: capture-screenshots.ts switches waitUntil from "networkidle" to "load" to avoid HMR WebSocket timeouts; docs.json removes the duplicate tools/dashboard nav entry; package.json drops the unused @playwright/test dev dependency.

Confidence Score: 5/5

Safe to merge — all changes are documentation and tooling; no runtime logic is altered.

Every change is confined to MDX documentation content, a JSON nav config, a dev script, and a package.json update. None of the edits touch production code paths. The two open observations (a stale {apiKey} annotation in a Mermaid diagram and mutually exclusive outcomes rendered as sequential Steps) are editorial issues that do not block a reader from using the API correctly.

The Mermaid diagram in api-features/create-requests.mdx (auth annotation) and the Steps block in use-cases/compliance-gated-payments.mdx (branching outcomes) are worth a second editorial look, but neither blocks merging.

Important Files Changed

Filename	Overview
use-cases/programmatic-payment-links.mdx	Tabs → CodeGroup migration, timingSafeEqual buffer-length fix, and response capture for redirectUrl example — all correct.
api-features/create-requests.mdx	Code examples correctly updated to x-client-id / RN_CLIENT_ID, but the Mermaid sequence diagram still annotates auth as {apiKey}, creating a terminology mismatch within the same file.
use-cases/compliance-gated-payments.mdx	Numbered list converted to Steps; steps 3 and 4 are mutually exclusive outcomes, not sequential actions, which the Steps component implies.
api-features/crypto-to-fiat-payments.mdx	All three payer endpoints now consistently include the /v2/ prefix in both diagram and bullet list; Mermaid participant alias fixed for Payee Bank.
api-setup/integration-tutorial.mdx	RN_API_KEY renamed to RN_CLIENT_ID throughout; eq import from drizzle-orm added (used at lines 282 and 587); typo succesfully fixed.
api-features/payee-destinations.mdx	accessPolicy sub-fields correctly migrated from Markdown table to Expandable + nested ParamField per AGENTS.md style guide.
scripts/capture-screenshots.ts	waitUntil changed from networkidle to load with a clear comment explaining the Vite HMR WebSocket reason; correct fix.
docs.json	Duplicate tools/dashboard entry removed from API Setup group; Tools group in Resources remains the canonical location.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[PR #96: Address Greptile Review Feedback] --> B[Auth Terminology]
    A --> C[Component Migrations]
    A --> D[Endpoint Fixes]
    A --> E[Script & Config]

    B --> B1["x-api-key → x-client-id\n(getting-started, integration-tutorial,\ncreate-requests, batch-payments, payouts)"]
    B --> B2["RN_API_KEY → RN_CLIENT_ID\n(env var rename across docs)"]

    C --> C1["Tabs → CodeGroup\n(programmatic-payment-links)"]
    C --> C2["Numbered list → Steps\n(compliance-gated-payments)"]
    C --> C3["Markdown table → Expandable + ParamField\n(payee-destinations)"]

    D --> D1["/v2/ prefix added\n(crypto-to-fiat, query-payments)"]
    D --> D2["paymentReference → requestId\n(create-requests)"]
    D --> D3["timingSafeEqual buffer-length fix\n(programmatic-payment-links)"]

    E --> E1["waitUntil: networkidle → load\n(capture-screenshots.ts)"]
    E --> E2["Remove duplicate nav entry\n(docs.json)"]
    E --> E3["Drop @playwright/test\n(package.json)"]

Loading

_{Reviews (3): Last reviewed commit: "docs(review): finish /v2/ prefix consist..." | Re-trigger Greptile}

[MantisClone]

Reviewed the cumulative 40-PR stack against 6 source repos (request-api, request-auth-api, request-secure-payment, request-dashboard, request-token-list, request-infrastructure) plus the live preview at requestnetwork-docs-revamp-greptile-fixes.mintlify.app.

Two must-fix items below. Non-blocking observations will be filed as separate issues after deploy.

Must-fix #1 — SIWE example doesn't match server output

File: api-reference/wallet-authentication.mdx:35 (not in this PR's specific diff, so flagging here instead of inline)

The current message example shows a Chain ID: 1 line, omits an Expiration Time: line, and is missing the period after Sign in to Request Network. The actual server template at request-auth-api/src/auth/auth.service.ts:187-196 emits no Chain ID, always emits Expiration Time: (5 min after Issued At), and ends Sign in to Request Network. with a period.

Three edits:

• Drop the Chain ID: 1 line
• Add Expiration Time: <iso8601> (5 minutes after Issued At)
• Add the period: Sign in to Request Network.

Corrected example:

auth.request.network wants you to sign in with your Ethereum account:
0x6923831ACf5c327260D7ac7C9DfF5b1c3cB3C7D7

Sign in to Request Network.

URI: https://auth.request.network
Version: 1
Nonce: a1b2c3d4e5f6
Issued At: 2026-03-15T10:00:00.000Z
Expiration Time: 2026-03-15T10:05:00.000Z

Why it matters: signature verification is byte-exact. Anyone typing the example verbatim to test will get Invalid challenge and have no way to figure out why.

Must-fix #2 — Client ID Generation flow doesn't match Dashboard UI

See inline comment on api-setup/getting-started.mdx.

---

Already handled

• bassgeta's CHANGES_REQUESTED on #54 has been dismissed
• Code Sandbox link drop on api-setup/integration-tutorial.mdx:8 is in Rodrigo's queue (the workspaceId query parameter is user-scoped, so the link doesn't work for any non-author reader)

[MantisClone]

Must-fix items from prior review have been addressed in PR #97 (now sitting on top of this PR). SIWE message in wallet-authentication.mdx and Client ID Generation flow in getting-started.mdx both fixed correctly. Approving #96 to clear the review record — the stack is ready to ship.