diff --git a/docs-devsite/auth.md b/docs-devsite/auth.md
index 10f153f53fe..43d23dc8931 100644
--- a/docs-devsite/auth.md
+++ b/docs-devsite/auth.md
@@ -28,7 +28,7 @@ Firebase Authentication
| [confirmPasswordReset(auth, oobCode, newPassword)](./auth.md#confirmpasswordreset_749dad8) | Completes the password reset process, given a confirmation code and new password. |
| [connectAuthEmulator(auth, url, options)](./auth.md#connectauthemulator_657c7e5) | Changes the [Auth](./auth.auth.md#auth_interface) instance to communicate with the Firebase Auth Emulator, instead of production Firebase Auth services. |
| [createUserWithEmailAndPassword(auth, email, password)](./auth.md#createuserwithemailandpassword_21ad33b) | Creates a new user account associated with the specified email address and password. |
-| [fetchSignInMethodsForEmail(auth, email)](./auth.md#fetchsigninmethodsforemail_efb3887) | Gets the list of possible sign in methods for the given email address. This method returns an empty list when \[Email Enumeration Protection\](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled, irrespective of the number of authentication methods available for the given email. |
+| [fetchSignInMethodsForEmail(auth, email)](./auth.md#fetchsigninmethodsforemail_efb3887) | Gets the list of possible sign in methods for the given email address. This method returns an empty list when [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled, irrespective of the number of authentication methods available for the given email. |
| [getMultiFactorResolver(auth, error)](./auth.md#getmultifactorresolver_201ba61) | Provides a [MultiFactorResolver](./auth.multifactorresolver.md#multifactorresolver_interface) suitable for completion of a multi-factor flow. |
| [getRedirectResult(auth, resolver)](./auth.md#getredirectresult_c35dc1f) | Returns a [UserCredential](./auth.usercredential.md#usercredential_interface) from the redirect-based sign-in flow. |
| [initializeRecaptchaConfig(auth)](./auth.md#initializerecaptchaconfig_2a61ea7) | Loads the reCAPTCHA configuration into the Auth
instance. |
@@ -36,7 +36,7 @@ Firebase Authentication
| [onAuthStateChanged(auth, nextOrObserver, error, completed)](./auth.md#onauthstatechanged_b0d07ab) | Adds an observer for changes to the user's sign-in state. |
| [onIdTokenChanged(auth, nextOrObserver, error, completed)](./auth.md#onidtokenchanged_b0d07ab) | Adds an observer for changes to the signed-in user's ID token. |
| [revokeAccessToken(auth, token)](./auth.md#revokeaccesstoken_5556ad5) | Revokes the given access token. Currently only supports Apple OAuth access tokens. |
-| [sendPasswordResetEmail(auth, email, actionCodeSettings)](./auth.md#sendpasswordresetemail_95b079b) | Sends a password reset email to the given email address. This method does not throw an error when there's no user account with the given email address and \[Email Enumeration Protection\](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled. |
+| [sendPasswordResetEmail(auth, email, actionCodeSettings)](./auth.md#sendpasswordresetemail_95b079b) | Sends a password reset email to the given email address. This method does not throw an error when there's no user account with the given email address and [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled. |
| [sendSignInLinkToEmail(auth, email, actionCodeSettings)](./auth.md#sendsigninlinktoemail_95b079b) | Sends a sign-in email link to the user with the specified email. |
| [setPersistence(auth, persistence)](./auth.md#setpersistence_a3592ac) | Changes the type of persistence on the [Auth](./auth.auth.md#auth_interface) instance for the currently saved Auth
session and applies this type of persistence for future sign-in requests, including sign-in with redirect requests. |
| [signInAnonymously(auth)](./auth.md#signinanonymously_2a61ea7) | Asynchronously signs in as an anonymous user. |
@@ -136,7 +136,7 @@ Firebase Authentication
| [PhoneSingleFactorInfoOptions](./auth.phonesinglefactorinfooptions.md#phonesinglefactorinfooptions_interface) | Options used for single-factor sign-in. |
| [PopupRedirectResolver](./auth.popupredirectresolver.md#popupredirectresolver_interface) | A resolver used for handling DOM specific operations like [signInWithPopup()](./auth.md#signinwithpopup_770f816) or [signInWithRedirect()](./auth.md#signinwithredirect_770f816). |
| [ReactNativeAsyncStorage](./auth.reactnativeasyncstorage.md#reactnativeasyncstorage_interface) | Interface for a supplied AsyncStorage
. |
-| [RecaptchaParameters](./auth.recaptchaparameters.md#recaptchaparameters_interface) | Interface representing reCAPTCHA parameters.See the \[reCAPTCHA docs\](https://developers.google.com/recaptcha/docs/display\#render\_param) for the list of accepted parameters. All parameters are accepted except for sitekey
: Firebase Auth provisions a reCAPTCHA for each project and will configure the site key upon rendering.For an invisible reCAPTCHA, set the size
key to invisible
. |
+| [RecaptchaParameters](./auth.recaptchaparameters.md#recaptchaparameters_interface) | Interface representing reCAPTCHA parameters.See the [reCAPTCHA docs](https://developers.google.com/recaptcha/docs/display#render_param) for the list of accepted parameters. All parameters are accepted except for sitekey
: Firebase Auth provisions a reCAPTCHA for each project and will configure the site key upon rendering.For an invisible reCAPTCHA, set the size
key to invisible
. |
| [TotpMultiFactorAssertion](./auth.totpmultifactorassertion.md#totpmultifactorassertion_interface) | The class for asserting ownership of a TOTP second factor. Provided by [TotpMultiFactorGenerator.assertionForEnrollment()](./auth.totpmultifactorgenerator.md#totpmultifactorgeneratorassertionforenrollment) and [TotpMultiFactorGenerator.assertionForSignIn()](./auth.totpmultifactorgenerator.md#totpmultifactorgeneratorassertionforsignin). |
| [TotpMultiFactorInfo](./auth.totpmultifactorinfo.md#totpmultifactorinfo_interface) | The subclass of the [MultiFactorInfo](./auth.multifactorinfo.md#multifactorinfo_interface) interface for TOTP second factors. The factorId
of this second factor is [FactorId](./auth.md#factorid).TOTP. |
| [User](./auth.user.md#user_interface) | A user account. |
@@ -405,7 +405,7 @@ Promise<[UserCredential](./auth.usercredential.md#usercredential_interface).EMAIL\_PASSWORD and [SignInMethod](./auth.md#signinmethod).EMAIL\_LINK.
@@ -420,7 +420,7 @@ export declare function fetchSignInMethodsForEmail(auth: Auth, email: string): P
| Parameter | Type | Description |
| --- | --- | --- |
| auth | [Auth](./auth.auth.md#auth_interface) | The [Auth](./auth.auth.md#auth_interface) instance. |
-| email | string | The user's email address.Deprecated. Migrating off of this method is recommended as a security best-practice. Learn more in the Identity Platform documentation for \[Email Enumeration Protection\](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection). |
+| email | string | The user's email address.Deprecated. Migrating off of this method is recommended as a security best-practice. Learn more in the Identity Platform documentation for [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection). |
Returns:
@@ -630,7 +630,7 @@ Promise<void>
### sendPasswordResetEmail(auth, email, actionCodeSettings) {:#sendpasswordresetemail_95b079b}
-Sends a password reset email to the given email address. This method does not throw an error when there's no user account with the given email address and \[Email Enumeration Protection\](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled.
+Sends a password reset email to the given email address. This method does not throw an error when there's no user account with the given email address and [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled.
To complete the password reset, call [confirmPasswordReset()](./auth.md#confirmpasswordreset_749dad8) with the code supplied in the email sent to the user, along with the new password specified by the user.
@@ -839,7 +839,7 @@ Promise<[UserCredential](./auth.usercredential.md#usercredential_interface).
@@ -1663,7 +1663,7 @@ export declare function updateEmail(user: User, newEmail: string): Promise
| Parameter | Type | Description |
| --- | --- | --- |
| user | [User](./auth.user.md#user_interface) | The user. |
-| newEmail | string | The new email address.Throws "auth/operation-not-allowed" error when \[Email Enumeration Protection\](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled. Deprecated - Use [verifyBeforeUpdateEmail()](./auth.md#verifybeforeupdateemail_09d6f11) instead. |
+| newEmail | string | The new email address.Throws "auth/operation-not-allowed" error when [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled. Deprecated - Use [verifyBeforeUpdateEmail()](./auth.md#verifybeforeupdateemail_09d6f11) instead. |
Returns:
diff --git a/docs-devsite/auth.recaptchaparameters.md b/docs-devsite/auth.recaptchaparameters.md
index 5d70f1826eb..e817961ac9e 100644
--- a/docs-devsite/auth.recaptchaparameters.md
+++ b/docs-devsite/auth.recaptchaparameters.md
@@ -12,7 +12,7 @@ https://github.com/firebase/firebase-js-sdk
# RecaptchaParameters interface
Interface representing reCAPTCHA parameters.
-See the \[reCAPTCHA docs\](https://developers.google.com/recaptcha/docs/display\#render\_param) for the list of accepted parameters. All parameters are accepted except for `sitekey`: Firebase Auth provisions a reCAPTCHA for each project and will configure the site key upon rendering.
+See the [reCAPTCHA docs](https://developers.google.com/recaptcha/docs/display#render_param) for the list of accepted parameters. All parameters are accepted except for `sitekey`: Firebase Auth provisions a reCAPTCHA for each project and will configure the site key upon rendering.
For an invisible reCAPTCHA, set the `size` key to `invisible`.
diff --git a/packages/auth/src/core/strategies/email.ts b/packages/auth/src/core/strategies/email.ts
index 13fefda640d..5e872e3e1c7 100644
--- a/packages/auth/src/core/strategies/email.ts
+++ b/packages/auth/src/core/strategies/email.ts
@@ -34,8 +34,9 @@ import { getModularInstance } from '@firebase/util';
/**
* Gets the list of possible sign in methods for the given email address. This method returns an
- * empty list when [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled, irrespective of the number of
- * authentication methods available for the given email.
+ * empty list when
+ * {@link https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection | Email Enumeration Protection}
+ * is enabled, irrespective of the number of authentication methods available for the given email.
*
* @remarks
* This is useful to differentiate methods of sign-in for the same provider, eg.
@@ -47,7 +48,8 @@ import { getModularInstance } from '@firebase/util';
* @param email - The user's email address.
*
* Deprecated. Migrating off of this method is recommended as a security best-practice.
- * Learn more in the Identity Platform documentation for [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection).
+ * Learn more in the Identity Platform documentation for
+ * {@link https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection | Email Enumeration Protection}.
* @public
*/
export async function fetchSignInMethodsForEmail(
diff --git a/packages/auth/src/core/strategies/email_and_password.ts b/packages/auth/src/core/strategies/email_and_password.ts
index 473b3800eac..f98ef683a92 100644
--- a/packages/auth/src/core/strategies/email_and_password.ts
+++ b/packages/auth/src/core/strategies/email_and_password.ts
@@ -67,7 +67,8 @@ async function recachePasswordPolicy(auth: Auth): Promise {
/**
* Sends a password reset email to the given email address. This method does not throw an error when
* there's no user account with the given email address and
- * [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled.
+ * {@link https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection | Email Enumeration Protection}
+ * is enabled.
*
* @remarks
* To complete the password reset, call {@link confirmPasswordReset} with the code supplied in
@@ -316,9 +317,10 @@ export async function createUserWithEmailAndPassword(
* Asynchronously signs in using an email and password.
*
* @remarks
- * Fails with an error if the email address and password do not match.
- * When [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled,
- * this method fails with "auth/invalid-credential" in case of an invalid email/password.
+ * Fails with an error if the email address and password do not match. When
+ * {@link https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection | Email Enumeration Protection}
+ * is enabled, this method fails with "auth/invalid-credential" in case of an invalid
+ * email/password.
*
* This method is not supported on {@link Auth} instances created with a
* {@link @firebase/app#FirebaseServerApp}.
diff --git a/packages/auth/src/core/user/account_info.ts b/packages/auth/src/core/user/account_info.ts
index 72e2cbc7d2a..b06c97b9a0f 100644
--- a/packages/auth/src/core/user/account_info.ts
+++ b/packages/auth/src/core/user/account_info.ts
@@ -93,7 +93,9 @@ export async function updateProfile(
* @param user - The user.
* @param newEmail - The new email address.
*
- * Throws "auth/operation-not-allowed" error when [Email Enumeration Protection](https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection) is enabled.
+ * Throws "auth/operation-not-allowed" error when
+ * {@link https://cloud.google.com/identity-platform/docs/admin/email-enumeration-protection | Email Enumeration Protection}
+ * is enabled.
* Deprecated - Use {@link verifyBeforeUpdateEmail} instead.
*
* @public
diff --git a/packages/auth/src/model/public_types.ts b/packages/auth/src/model/public_types.ts
index ea9b9e0c213..07e56a6b9aa 100644
--- a/packages/auth/src/model/public_types.ts
+++ b/packages/auth/src/model/public_types.ts
@@ -70,7 +70,7 @@ export interface Config {
/**
* Interface representing reCAPTCHA parameters.
*
- * See the [reCAPTCHA docs](https://developers.google.com/recaptcha/docs/display#render_param)
+ * See the {@link https://developers.google.com/recaptcha/docs/display#render_param | reCAPTCHA docs}
* for the list of accepted parameters. All parameters are accepted except for `sitekey`: Firebase Auth
* provisions a reCAPTCHA for each project and will configure the site key upon rendering.
*