Update docs to hexclave naming#1355
Closed
madster456 wants to merge 1 commit intodevfrom
Closed
Conversation
…tc until that is changed
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
madster456
changed the title
Contributor
📝 WalkthroughWalkthroughComprehensive rebranding of the Mintlify documentation site from "Stack Auth" to "Hexclave" across 50+ files, including configuration, API documentation, guides, SDK references, and code snippets. All changes are text replacements; no functional code, endpoints, or control flow modifications are present. Changes
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~20 minutes Possibly related PRs
Suggested reviewers
Poem
🚥 Pre-merge checks | ✅ 2 | ❌ 1❌ Failed checks (1 inconclusive)
✅ Passed checks (2 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
|
Preview deployment for your docs. Learn more about Mintlify Previews.
💡 Tip: Enable Workflows to automatically generate PRs for you. |
Contributor
Greptile SummaryThis PR renames the product branding from "Stack Auth" to "Hexclave" across 58 documentation files, intentionally preserving code identifiers ( The replacements are consistent across the vast majority of files; a single missed instance of "Stack offers a REST API…" remains in Confidence Score: 5/5Safe to merge — docs-only branding rename with one minor missed substitution that can be fixed in a follow-up. All findings are P2 style suggestions (one stale "Stack" in a single sentence). No code, config, or API behaviour is changed. docs-mintlify/api/overview.mdx — one sentence still says "Stack offers" instead of "Hexclave offers". Important Files Changed
Flowchart%%{init: {'theme': 'neutral'}}%%
flowchart TD
A[58 docs-mintlify .mdx / .json / .jsx files] --> B{Content type}
B -->|Display text: 'Stack Auth'| C[Renamed → 'Hexclave']
B -->|Code identifiers e.g. StackProvider| D[Preserved as-is]
B -->|Env vars e.g. NEXT_PUBLIC_STACK_*| D
B -->|URLs e.g. api.stack-auth.com| D
C --> E[~300 substitutions across 58 files]
E --> F{Consistent?}
F -->|Mostly yes| G[Clean rename]
F -->|One miss| H["api/overview.mdx line 6<br>'Stack offers a REST API…'"]
Prompt To Fix All With AIThis is a comment left during a code review.
Path: docs-mintlify/api/overview.mdx
Line: 6
Comment:
**Missed "Stack" → "Hexclave" rename**
Line 6 still reads "Stack offers a REST API…" while all surrounding lines in this file were updated (e.g. line 10 now reads "Hexclave uses different authentication patterns…"). This is a stale branding reference that makes the paragraph inconsistent.
```suggestion
Hexclave offers a REST API for backends & frontends of any programming language or framework. This API is used to authenticate users, manage user data, and more.
```
How can I resolve this? If you propose a fix, please make it concise.Reviews (1): Last reviewed commit: "Update docs to hexclave naming while pre..." | Re-trigger Greptile |
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
| description: "Complete REST API documentation for Hexclave" | ||
| --- | ||
|
|
||
| Stack offers a REST API for backends & frontends of any programming language or framework. This API is used to authenticate users, manage user data, and more. |
Contributor
There was a problem hiding this comment.
Line 6 still reads "Stack offers a REST API…" while all surrounding lines in this file were updated (e.g. line 10 now reads "Hexclave uses different authentication patterns…"). This is a stale branding reference that makes the paragraph inconsistent.
Suggested change
| Stack offers a REST API for backends & frontends of any programming language or framework. This API is used to authenticate users, manage user data, and more. | |
| Hexclave offers a REST API for backends & frontends of any programming language or framework. This API is used to authenticate users, manage user data, and more. |
Prompt To Fix With AI
This is a comment left during a code review.
Path: docs-mintlify/api/overview.mdx
Line: 6
Comment:
**Missed "Stack" → "Hexclave" rename**
Line 6 still reads "Stack offers a REST API…" while all surrounding lines in this file were updated (e.g. line 10 now reads "Hexclave uses different authentication patterns…"). This is a stale branding reference that makes the paragraph inconsistent.
```suggestion
Hexclave offers a REST API for backends & frontends of any programming language or framework. This API is used to authenticate users, manage user data, and more.
```
How can I resolve this? If you propose a fix, please make it concise.
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Actionable comments posted: 11
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
docs-mintlify/sdk/types/user.mdx (1)
988-990:⚠️ Potential issue | 🟡 MinorMissed rebrand: "Stack dashboard" → "Hexclave dashboard".
Line 989 still reads "Stack dashboard" in the
createTeam<Info>block, which is inconsistent with the rebrand pattern applied elsewhere in the codebase (e.g., line 644 updated to "Hexclave API").✏️ Proposed fix
<Info> - If client-side team creation is disabled in the Stack dashboard, this will throw an error. + If client-side team creation is disabled in the Hexclave dashboard, this will throw an error. </Info>🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@docs-mintlify/sdk/types/user.mdx` around lines 988 - 990, The Info note inside the createTeam documentation still uses the old product name "Stack dashboard"; update that phrase to "Hexclave dashboard" to match the rebrand. Locate the createTeam Info block (the <Info> block describing client-side team creation) in docs-mintlify/sdk/types/user.mdx and replace "Stack dashboard" with "Hexclave dashboard" so the docs are consistent with other rebrand changes like the "Hexclave API" reference.
🧹 Nitpick comments (2)
docs-mintlify/guides/apps/authentication/cli-authentication.mdx (1)
6-6: Use “command-line” for compound adjective.Line 6 reads better as “command-line application” (hyphenated) in technical docs.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@docs-mintlify/guides/apps/authentication/cli-authentication.mdx` at line 6, Update the sentence "If you're building a command line application that runs in a terminal, you can use Hexclave to let your users log in to their accounts." to use the compound adjective form by replacing "command line application" with "command-line application" so the phrase reads "If you're building a command-line application..." throughout the documentation.docs-mintlify/sdk/objects/stack-app.mdx (1)
55-74: Consider also rebranding theStackClientApp/StackServerAppnarrative wording.Optional/nit: the rebrand is limited to references to "Stack Auth's backend/API" but the surrounding prose still talks heavily about
StackClientApp,StackServerApp, and "Stack App" as product concepts (e.g., "connectingStackClientAppto Hexclave's backend" reads a bit oddly since the class is still namedStack*). This is fine and expected given the PR's "preserve code identifiers until changed" stance — just flagging that if/when the SDK classes are renamed, this page will need another pass for naming coherence.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@docs-mintlify/sdk/objects/stack-app.mdx` around lines 55 - 74, The docs wording inconsistently mixes product names (Hexclave, Stack Auth) with code identifiers; update the prose to either consistently use the current class names or the product branding. Specifically, in this file adjust references around "StackClientApp", "StackServerApp", and "Stack App" so they match the chosen convention (e.g., keep class names as `StackClientApp`/`StackServerApp` while rephrasing sentences that say "connecting `StackClientApp` to Hexclave's backend" to something like "connecting the Stack client classes to Hexclave's backend" or vice versa), and add a short note that class names are preserved for now if you choose to prefer product branding. Ensure all occurrences of StackClientApp, StackServerApp, and "Stack App" on this page are harmonized.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@docs-mintlify/api/overview.mdx`:
- Line 10: The page contains mixed branding: some sentences use "Hexclave" while
other prose still references the generic "Stack" wording; update all remaining
occurrences of the generic "Stack" prose to use the Hexclave branding for
consistency (search for the phrase "Stack" and similar generic usages and
replace them with the appropriate Hexclave phrasing), ensuring the introductory
sentence "Hexclave uses different authentication patterns..." and any other
paragraphs that reference client/server auth use consistent Hexclave terminology
across the document (also fix the other instances flagged in the review that
mirror this mismatch).
In `@docs-mintlify/guides/apps/authentication/auth-providers/apple.mdx`:
- Around line 67-71: Update the wording under the "Enable Apple OAuth in
Hexclave" section so the Client Secret is attributed to the Apple secret
generated earlier in the guide rather than Supabase; specifically change the
step that reads "Client Secret (the generated secret from Supabase)" to indicate
"Client Secret (the secret generated in the previous Apple Developer/Supplied
step)" or similar, ensuring the phrase "Client Secret" references the secret
created earlier in this Apple setup steps.
In `@docs-mintlify/guides/apps/authentication/connected-accounts.mdx`:
- Line 8: Change the phrase "your users' access token" to use the plural "access
tokens" in the sentence that reads "Beyond using OAuth for signing in, Hexclave
can manage your users' access token..." so it becomes "your users' access
tokens" to correctly reflect multiple users; locate the exact string "your
users' access token" in the connected-accounts.mdx content and update it to
"your users' access tokens".
In `@docs-mintlify/guides/apps/launch-checklist/overview.mdx`:
- Around line 26-32: The wording is ambiguous about endpoints; update the copy
around the OAuth setup (the phrase "Hexclave callback URL" and the reference to
"Hexclave Development") to clarify that callback URLs still point to
api.stack-auth.com during the phased migration—either replace "Hexclave callback
URL" with a neutral "callback URL" or add a short info/admonition immediately
after the intro that explains the callback URLs shown (api.stack-auth.com) are
intentional during migration and will change later; ensure the note references
the exact phrases "Hexclave callback URL" and "Hexclave Development" so
reviewers can locate and confirm the change.
In `@docs-mintlify/guides/apps/rbac/overview.mdx`:
- Line 147: The page mixes "User Permissions" and "Project Permissions" terms;
choose one consistent term (e.g., "Project Permissions") and replace all
occurrences across the document: update headings, section titles, inline
references, example labels, navigation links, and any code/sample YAML or JSON
keys that refer to permissions so they match the chosen term; specifically
search for the strings "User Permissions" and "Project Permissions" and
normalize them in functions/sections such as the "Project Permissions" section
referenced in the diff, ensuring any explanatory sentences and cross-references
use the same vocabulary.
In `@docs-mintlify/guides/apps/teams/overview.mdx`:
- Line 88: Update the phrase "client side team creation" to the hyphenated
compound adjective "client-side team creation" in the sentence containing that
phrase (look for the string "client side team creation" in the
docs-mintlify/guides/apps/teams/overview.mdx content); ensure the hyphenated
form is used consistently in this sentence and any nearby occurrences to match
correct terminology and readability.
In `@docs-mintlify/guides/going-further/backend-integration.mdx`:
- Around line 92-98: The placeholder values for the headers reuse the same prose
and risk copy/paste errors; change the header values to distinct, explicit
placeholders (for example set 'x-stack-project-id' to something like
'<HEXCLAVE_PROJECT_ID>', 'x-stack-secret-server-key' to
'<HEXCLAVE_SECRET_SERVER_KEY>' and 'x-stack-access-token' to
'<HEXCLAVE_ACCESS_TOKEN>') and apply the same distinct placeholders in the other
occurrence (lines around the second block) so the header names
'x-stack-project-id', 'x-stack-secret-server-key', and 'x-stack-access-token'
each have unique, clear placeholder values.
In `@docs-mintlify/guides/integrations/supabase/overview.mdx`:
- Line 6: Change the phrase "Hexclave with Supabase row level security (RLS)" to
use the compound-adjective form "Hexclave with Supabase row-level security
(RLS)"; locate the exact string "Hexclave with Supabase row level security
(RLS)" in overview.mdx and replace it with "Hexclave with Supabase row-level
security (RLS)" to update the copy.
In `@docs-mintlify/guides/other/self-host.mdx`:
- Line 166: The docs state the internal project will be named "Hexclave
Dashboard" but the seeding code in apps/backend/prisma/seed.ts currently sets
display_name: 'Stack Dashboard', causing a mismatch; fix by making them
consistent—either update the seeded object in apps/backend/prisma/seed.ts to set
display_name: 'Hexclave Dashboard' (preferred) or change the sentence in
docs-mintlify/guides/other/self-host.mdx to say "Stack Dashboard" so the
documentation matches the existing seed; ensure you update the exact keyed
property display_name on the seeded internal project record in seed.ts if you
choose the code change.
In `@docs-mintlify/guides/other/tutorials/build-a-saas-with-stack-auth.mdx`:
- Line 288: Typo: the sentence contains "guides-no" without spacing; update the
text in the
docs-mintlify/guides/other/tutorials/build-a-saas-with-stack-auth.mdx so the
fragment reads "guides - no extra Hexclave APIs are required at this layer" (or
use an em dash "guides — no") replacing the contiguous "guides-no" token in that
sentence.
In `@docs-mintlify/guides/other/tutorials/build-a-team-based-app.mdx`:
- Line 370: The snippet uses (await stackServerApp.getUser()).getTeam(id) which
can null-dereference when unauthenticated; change usage of
stackServerApp.getUser to handle the unauthenticated case (e.g., call
stackServerApp.getUser({ or: "redirect" }) or assign to a const user and check
for null before calling user.getTeam) so getTeam(id) is only invoked on a
guaranteed non-null user; update occurrences of stackServerApp.getUser and
getTeam in this section to follow that safe pattern.
---
Outside diff comments:
In `@docs-mintlify/sdk/types/user.mdx`:
- Around line 988-990: The Info note inside the createTeam documentation still
uses the old product name "Stack dashboard"; update that phrase to "Hexclave
dashboard" to match the rebrand. Locate the createTeam Info block (the <Info>
block describing client-side team creation) in docs-mintlify/sdk/types/user.mdx
and replace "Stack dashboard" with "Hexclave dashboard" so the docs are
consistent with other rebrand changes like the "Hexclave API" reference.
---
Nitpick comments:
In `@docs-mintlify/guides/apps/authentication/cli-authentication.mdx`:
- Line 6: Update the sentence "If you're building a command line application
that runs in a terminal, you can use Hexclave to let your users log in to their
accounts." to use the compound adjective form by replacing "command line
application" with "command-line application" so the phrase reads "If you're
building a command-line application..." throughout the documentation.
In `@docs-mintlify/sdk/objects/stack-app.mdx`:
- Around line 55-74: The docs wording inconsistently mixes product names
(Hexclave, Stack Auth) with code identifiers; update the prose to either
consistently use the current class names or the product branding. Specifically,
in this file adjust references around "StackClientApp", "StackServerApp", and
"Stack App" so they match the chosen convention (e.g., keep class names as
`StackClientApp`/`StackServerApp` while rephrasing sentences that say
"connecting `StackClientApp` to Hexclave's backend" to something like
"connecting the Stack client classes to Hexclave's backend" or vice versa), and
add a short note that class names are preserved for now if you choose to prefer
product branding. Ensure all occurrences of StackClientApp, StackServerApp, and
"Stack App" on this page are harmonized.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro
Run ID: d6c78a95-edd5-4670-8202-6711ae6ffe33
📒 Files selected for processing (58)
docs-mintlify/api/overview.mdxdocs-mintlify/docs.jsondocs-mintlify/guides/apps/analytics/overview.mdxdocs-mintlify/guides/apps/api-keys/overview.mdxdocs-mintlify/guides/apps/authentication/auth-providers.mdxdocs-mintlify/guides/apps/authentication/auth-providers/apple.mdxdocs-mintlify/guides/apps/authentication/auth-providers/bitbucket.mdxdocs-mintlify/guides/apps/authentication/auth-providers/discord.mdxdocs-mintlify/guides/apps/authentication/auth-providers/facebook.mdxdocs-mintlify/guides/apps/authentication/auth-providers/github.mdxdocs-mintlify/guides/apps/authentication/auth-providers/gitlab.mdxdocs-mintlify/guides/apps/authentication/auth-providers/google.mdxdocs-mintlify/guides/apps/authentication/auth-providers/linkedin.mdxdocs-mintlify/guides/apps/authentication/auth-providers/microsoft.mdxdocs-mintlify/guides/apps/authentication/auth-providers/passkey.mdxdocs-mintlify/guides/apps/authentication/auth-providers/spotify.mdxdocs-mintlify/guides/apps/authentication/auth-providers/twitch.mdxdocs-mintlify/guides/apps/authentication/auth-providers/two-factor-auth.mdxdocs-mintlify/guides/apps/authentication/auth-providers/x-twitter.mdxdocs-mintlify/guides/apps/authentication/cli-authentication.mdxdocs-mintlify/guides/apps/authentication/connected-accounts.mdxdocs-mintlify/guides/apps/authentication/jwts.mdxdocs-mintlify/guides/apps/authentication/overview.mdxdocs-mintlify/guides/apps/authentication/sign-up-rules.mdxdocs-mintlify/guides/apps/data-vault/overview.mdxdocs-mintlify/guides/apps/emails/overview.mdxdocs-mintlify/guides/apps/launch-checklist/overview.mdxdocs-mintlify/guides/apps/payments/overview.mdxdocs-mintlify/guides/apps/rbac/overview.mdxdocs-mintlify/guides/apps/teams/overview.mdxdocs-mintlify/guides/apps/teams/team-selection.mdxdocs-mintlify/guides/apps/webhooks/overview.mdxdocs-mintlify/guides/faq.mdxdocs-mintlify/guides/getting-started/ai-integration.mdxdocs-mintlify/guides/getting-started/setup.mdxdocs-mintlify/guides/getting-started/user-fundamentals.mdxdocs-mintlify/guides/going-further/backend-integration.mdxdocs-mintlify/guides/going-further/local-development.mdxdocs-mintlify/guides/going-further/stack-app.mdxdocs-mintlify/guides/going-further/user-metadata.mdxdocs-mintlify/guides/integrations/convex/overview.mdxdocs-mintlify/guides/integrations/supabase/overview.mdxdocs-mintlify/guides/integrations/vercel/overview.mdxdocs-mintlify/guides/other/mcp-setup.mdxdocs-mintlify/guides/other/self-host.mdxdocs-mintlify/guides/other/showcase.mdxdocs-mintlify/guides/other/tutorials/build-a-saas-with-stack-auth.mdxdocs-mintlify/guides/other/tutorials/build-a-team-based-app.mdxdocs-mintlify/guides/other/tutorials/ship-production-ready-auth.mdxdocs-mintlify/index.mdxdocs-mintlify/sdk/objects/stack-app.mdxdocs-mintlify/sdk/overview.mdxdocs-mintlify/sdk/types/api-key.mdxdocs-mintlify/sdk/types/customer.mdxdocs-mintlify/sdk/types/email.mdxdocs-mintlify/sdk/types/item.mdxdocs-mintlify/sdk/types/user.mdxdocs-mintlify/snippets/home-prompt-island.jsx
| ## Authentication | ||
|
|
||
| Stack Auth uses different authentication patterns depending on whether you're making requests from client-side code (browser, mobile app) or server-side code (your backend). | ||
| Hexclave uses different authentication patterns depending on whether you're making requests from client-side code (browser, mobile app) or server-side code (your backend). |
Contributor
There was a problem hiding this comment.
Branding is partially updated within the same page.
These lines switch to Hexclave, but the page still has remaining general “Stack” prose (for example, Line 6 and Line 79). Please align the remaining non-identifier prose on this page to avoid mixed branding.
Also applies to: 101-101, 115-115, 126-126
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@docs-mintlify/api/overview.mdx` at line 10, The page contains mixed branding:
some sentences use "Hexclave" while other prose still references the generic
"Stack" wording; update all remaining occurrences of the generic "Stack" prose
to use the Hexclave branding for consistency (search for the phrase "Stack" and
similar generic usages and replace them with the appropriate Hexclave phrasing),
ensuring the introductory sentence "Hexclave uses different authentication
patterns..." and any other paragraphs that reference client/server auth use
consistent Hexclave terminology across the document (also fix the other
instances flagged in the review that mirror this mismatch).
Comment on lines
+67
to
71
| ### Enable Apple OAuth in Hexclave | ||
|
|
||
| 1. On the Stack Auth dashboard, select **Auth Methods** in the left sidebar. | ||
| 1. On the Hexclave dashboard, select **Auth Methods** in the left sidebar. | ||
| 2. Click **Add SSO Providers** and select **Apple** as the provider. | ||
| 3. Set the **Client ID** (your Service ID identifier), **Client Secret** (the generated secret from Supabase), and **Team ID** (your Apple Developer Team ID). |
Contributor
There was a problem hiding this comment.
Fix the source of the Apple client secret.
Line 71 says the client secret comes “from Supabase”, but this Apple guide generates it in the previous step.
📝 Proposed correction
- 3. Set the **Client ID** (your Service ID identifier), **Client Secret** (the generated secret from Supabase), and **Team ID** (your Apple Developer Team ID).
+ 3. Set the **Client ID** (your Service ID identifier), **Client Secret** (the generated secret from the previous step), and **Team ID** (your Apple Developer Team ID).📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
Suggested change
| ### Enable Apple OAuth in Hexclave | |
| 1. On the Stack Auth dashboard, select **Auth Methods** in the left sidebar. | |
| 1. On the Hexclave dashboard, select **Auth Methods** in the left sidebar. | |
| 2. Click **Add SSO Providers** and select **Apple** as the provider. | |
| 3. Set the **Client ID** (your Service ID identifier), **Client Secret** (the generated secret from Supabase), and **Team ID** (your Apple Developer Team ID). | |
| ### Enable Apple OAuth in Hexclave | |
| 1. On the Hexclave dashboard, select **Auth Methods** in the left sidebar. | |
| 2. Click **Add SSO Providers** and select **Apple** as the provider. | |
| 3. Set the **Client ID** (your Service ID identifier), **Client Secret** (the generated secret from the previous step), and **Team ID** (your Apple Developer Team ID). |
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@docs-mintlify/guides/apps/authentication/auth-providers/apple.mdx` around
lines 67 - 71, Update the wording under the "Enable Apple OAuth in Hexclave"
section so the Client Secret is attributed to the Apple secret generated earlier
in the guide rather than Supabase; specifically change the step that reads
"Client Secret (the generated secret from Supabase)" to indicate "Client Secret
(the secret generated in the previous Apple Developer/Supplied step)" or
similar, ensuring the phrase "Client Secret" references the secret created
earlier in this Apple setup steps.
| Hexclave has good support for working with OAuth and OIDC providers, such as Google, Facebook, Microsoft, and others. | ||
|
|
||
| Beyond using OAuth for signing in, Stack can manage your users' access token so you can invoke APIs on their behalf. For example, you can use this to send emails with Gmail, access repositories on GitHub, or access files on OneDrive. | ||
| Beyond using OAuth for signing in, Hexclave can manage your users' access token so you can invoke APIs on their behalf. For example, you can use this to send emails with Gmail, access repositories on GitHub, or access files on OneDrive. |
Contributor
There was a problem hiding this comment.
Use plural access tokens for multiple users.
Line 8 currently says Hexclave manages “your users' access token”; plural tokens reads correctly here.
✏️ Proposed copy fix
-Beyond using OAuth for signing in, Hexclave can manage your users' access token so you can invoke APIs on their behalf. For example, you can use this to send emails with Gmail, access repositories on GitHub, or access files on OneDrive.
+Beyond using OAuth for signing in, Hexclave can manage your users' access tokens so you can invoke APIs on their behalf. For example, you can use this to send emails with Gmail, access repositories on GitHub, or access files on OneDrive.📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
Suggested change
| Beyond using OAuth for signing in, Hexclave can manage your users' access token so you can invoke APIs on their behalf. For example, you can use this to send emails with Gmail, access repositories on GitHub, or access files on OneDrive. | |
| Beyond using OAuth for signing in, Hexclave can manage your users' access tokens so you can invoke APIs on their behalf. For example, you can use this to send emails with Gmail, access repositories on GitHub, or access files on OneDrive. |
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@docs-mintlify/guides/apps/authentication/connected-accounts.mdx` at line 8,
Change the phrase "your users' access token" to use the plural "access tokens"
in the sentence that reads "Beyond using OAuth for signing in, Hexclave can
manage your users' access token..." so it becomes "your users' access tokens" to
correctly reflect multiple users; locate the exact string "your users' access
token" in the connected-accounts.mdx content and update it to "your users'
access tokens".
Comment on lines
+26
to
+32
| Hexclave uses shared OAuth keys for development to simplify setup when using "Sign in with Google/GitHub/etc." However, this isn't secure for production as it displays "Hexclave Development" on the providers' consent screens, making it unclear to users if the OAuth request is genuinely from your site. Thus, you should configure your own OAuth keys with the providers and connect them to Hexclave. | ||
|
|
||
| To use your own OAuth provider setups in production, follow these steps for each provider you use: | ||
|
|
||
| <Steps> | ||
| <Step title="Create an OAuth App"> | ||
| On the provider's website, create an OAuth app and set the callback URL to the corresponding Stack callback URL. Copy the client ID and client secret. | ||
| On the provider's website, create an OAuth app and set the callback URL to the corresponding Hexclave callback URL. Copy the client ID and client secret. |
Contributor
There was a problem hiding this comment.
Consider clarifying the branding/endpoint mismatch.
The text references "Hexclave callback URL" (line 32) and "Hexclave Development" (line 26), but the actual callback URLs shown below (lines 41, 50, 59, etc.) still use api.stack-auth.com domains. While this is intentional per the PR's phased migration approach, it may confuse developers during OAuth setup.
Consider one of these approaches:
- Add a brief note explaining that callback URLs still reference
stack-auth.comduring the migration - Use neutral text like "callback URL" instead of "Hexclave callback URL" on line 32
- Add an admonition/info box clarifying the endpoint domain hasn't changed yet
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@docs-mintlify/guides/apps/launch-checklist/overview.mdx` around lines 26 -
32, The wording is ambiguous about endpoints; update the copy around the OAuth
setup (the phrase "Hexclave callback URL" and the reference to "Hexclave
Development") to clarify that callback URLs still point to api.stack-auth.com
during the phased migration—either replace "Hexclave callback URL" with a
neutral "callback URL" or add a short info/admonition immediately after the
intro that explains the callback URLs shown (api.stack-auth.com) are intentional
during migration and will change later; ensure the note references the exact
phrases "Hexclave callback URL" and "Hexclave Development" so reviewers can
locate and confirm the change.
| ### Creating a Project Permission | ||
|
|
||
| To create a new project permission, navigate to the `Project Permissions` section of the Stack dashboard. Similar to team permissions, you can select other permissions that the new permission will contain, creating a hierarchical structure. | ||
| To create a new project permission, navigate to the `Project Permissions` section of the Hexclave dashboard. Similar to team permissions, you can select other permissions that the new permission will contain, creating a hierarchical structure. |
Contributor
There was a problem hiding this comment.
Permission-type naming is inconsistent (User vs Project).
This page still mixes terms (“User Permissions” earlier vs “Project Permissions” here), which can confuse readers about whether these are the same scope. Please standardize the term across the page.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@docs-mintlify/guides/apps/rbac/overview.mdx` at line 147, The page mixes
"User Permissions" and "Project Permissions" terms; choose one consistent term
(e.g., "Project Permissions") and replace all occurrences across the document:
update headings, section titles, inline references, example labels, navigation
links, and any code/sample YAML or JSON keys that refer to permissions so they
match the chosen term; specifically search for the strings "User Permissions"
and "Project Permissions" and normalize them in functions/sections such as the
"Project Permissions" section referenced in the diff, ensuring any explanatory
sentences and cross-references use the same vocabulary.
Comment on lines
92
to
98
| const url = 'https://api.stack-auth.com/api/v1/users/me'; | ||
| const headers = { | ||
| 'x-stack-access-type': 'server', | ||
| 'x-stack-project-id': 'generated on the Stack Auth dashboard', | ||
| 'x-stack-secret-server-key': 'generated on the Stack Auth dashboard', | ||
| 'x-stack-project-id': 'generated on the Hexclave dashboard', | ||
| 'x-stack-secret-server-key': 'generated on the Hexclave dashboard', | ||
| 'x-stack-access-token': 'access token from the headers', | ||
| }; |
Contributor
There was a problem hiding this comment.
Use distinct placeholders for the two credentials.
Line 95/96 and Line 115/116 currently use the same prose value for both headers. Explicit placeholders reduce copy/paste mistakes while preserving the x-stack-* runtime header names.
📝 Proposed placeholder cleanup
const headers = {
'x-stack-access-type': 'server',
- 'x-stack-project-id': 'generated on the Hexclave dashboard',
- 'x-stack-secret-server-key': 'generated on the Hexclave dashboard',
+ 'x-stack-project-id': '<your-project-id>',
+ 'x-stack-secret-server-key': '<your-secret-server-key>',
'x-stack-access-token': 'access token from the headers',
}; headers = {
'x-stack-access-type': 'server',
- 'x-stack-project-id': 'generated on the Hexclave dashboard',
- 'x-stack-secret-server-key': 'generated on the Hexclave dashboard',
+ 'x-stack-project-id': '<your-project-id>',
+ 'x-stack-secret-server-key': '<your-secret-server-key>',
'x-stack-access-token': 'access token from the headers',
}Also applies to: 112-118
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@docs-mintlify/guides/going-further/backend-integration.mdx` around lines 92 -
98, The placeholder values for the headers reuse the same prose and risk
copy/paste errors; change the header values to distinct, explicit placeholders
(for example set 'x-stack-project-id' to something like '<HEXCLAVE_PROJECT_ID>',
'x-stack-secret-server-key' to '<HEXCLAVE_SECRET_SERVER_KEY>' and
'x-stack-access-token' to '<HEXCLAVE_ACCESS_TOKEN>') and apply the same distinct
placeholders in the other occurrence (lines around the second block) so the
header names 'x-stack-project-id', 'x-stack-secret-server-key', and
'x-stack-access-token' each have unique, clear placeholder values.
| --- | ||
|
|
||
| This guide shows how to integrate Stack Auth with Supabase row level security (RLS). | ||
| This guide shows how to integrate Hexclave with Supabase row level security (RLS). |
Contributor
There was a problem hiding this comment.
Hyphenate “row-level security”.
Use the standard compound-adjective form here for polished docs copy.
📝 Proposed wording
-This guide shows how to integrate Hexclave with Supabase row level security (RLS).
+This guide shows how to integrate Hexclave with Supabase row-level security (RLS).📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
Suggested change
| This guide shows how to integrate Hexclave with Supabase row level security (RLS). | |
| This guide shows how to integrate Hexclave with Supabase row-level security (RLS). |
🧰 Tools
🪛 LanguageTool
[grammar] ~6-~6: Use a hyphen to join words.
Context: ... to integrate Hexclave with Supabase row level security (RLS). This guide...
(QB_NEW_EN_HYPHEN)
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@docs-mintlify/guides/integrations/supabase/overview.mdx` at line 6, Change
the phrase "Hexclave with Supabase row level security (RLS)" to use the
compound-adjective form "Hexclave with Supabase row-level security (RLS)";
locate the exact string "Hexclave with Supabase row level security (RLS)" in
overview.mdx and replace it with "Hexclave with Supabase row-level security
(RLS)" to update the copy.
| To manage your dashboard configs with this account, manually go into the database, find the user you just created, and add `{ managedProjectIds: ["internal"] }` to the `serverMetadata` jsonb column. | ||
|
|
||
| Go back to the dashboard, refresh the page, and you should see the "Stack Dashboard" project. We recommend disabling new user sign-ups to your internal project to avoid unauthorized account and project creations. | ||
| Go back to the dashboard, refresh the page, and you should see the "Hexclave Dashboard" project. We recommend disabling new user sign-ups to your internal project to avoid unauthorized account and project creations. |
Contributor
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
#!/bin/bash
# Find where the internal project display name is defined/seeded.
rg -nP -C2 '"Stack Dashboard"|\bStack Dashboard\b'
rg -nP -C2 '"Hexclave Dashboard"|\bHexclave Dashboard\b'
# Common seed/init locations
fd -i -t f 'seed|init|internal' | head -50Repository: stack-auth/stack-auth
Length of output: 12779
Update the seeded display name in code to match the docs, or revert the documentation to match the code.
The documentation at line 166 says users will see the "Hexclave Dashboard" project, but apps/backend/prisma/seed.ts:80 seeds the internal project with display_name: 'Stack Dashboard'. This mismatch will confuse self-hosters at the critical moment they set up their internal project—they will see "Stack Dashboard" in the UI, not "Hexclave Dashboard."
Either (a) update apps/backend/prisma/seed.ts:80 to use display_name: 'Hexclave Dashboard', or (b) revert line 166 to say "Stack Dashboard" to match what the seed actually creates.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@docs-mintlify/guides/other/self-host.mdx` at line 166, The docs state the
internal project will be named "Hexclave Dashboard" but the seeding code in
apps/backend/prisma/seed.ts currently sets display_name: 'Stack Dashboard',
causing a mismatch; fix by making them consistent—either update the seeded
object in apps/backend/prisma/seed.ts to set display_name: 'Hexclave Dashboard'
(preferred) or change the sentence in docs-mintlify/guides/other/self-host.mdx
to say "Stack Dashboard" so the documentation matches the existing seed; ensure
you update the exact keyed property display_name on the seeded internal project
record in seed.ts if you choose the code change.
| ## 4. Product polish: onboarding, email, and optional billing | ||
|
|
||
| Hook flows to the guides-no extra Stack APIs are required at this layer: | ||
| Hook flows to the guides-no extra Hexclave APIs are required at this layer: |
Contributor
There was a problem hiding this comment.
Fix the typo in this sentence.
Line 288 reads guides-no, which is visible in the rendered docs.
Proposed fix
-Hook flows to the guides-no extra Hexclave APIs are required at this layer:
+Hook flows to the guides—no extra Hexclave APIs are required at this layer:📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
Suggested change
| Hook flows to the guides-no extra Hexclave APIs are required at this layer: | |
| Hook flows to the guides—no extra Hexclave APIs are required at this layer: |
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@docs-mintlify/guides/other/tutorials/build-a-saas-with-stack-auth.mdx` at
line 288, Typo: the sentence contains "guides-no" without spacing; update the
text in the
docs-mintlify/guides/other/tutorials/build-a-saas-with-stack-auth.mdx so the
fragment reads "guides - no extra Hexclave APIs are required at this layer" (or
use an em dash "guides — no") replacing the contiguous "guides-no" token in that
sentence.
| <AccordionGroup> | ||
| <Accordion title="When should I use user.getTeam vs stackServerApp.getTeam?"> | ||
| For product pages and APIs acting as the signed-in user, use **`(await stackServerApp.getUser()).getTeam(id)`** so membership is enforced by Stack. Use **`stackServerApp.getTeam`** only when you intentionally need **project-wide** team lookup (for example internal admin tools), then apply your own authorization. | ||
| For product pages and APIs acting as the signed-in user, use **`(await stackServerApp.getUser()).getTeam(id)`** so membership is enforced by Hexclave. Use **`stackServerApp.getTeam`** only when you intentionally need **project-wide** team lookup (for example internal admin tools), then apply your own authorization. |
Contributor
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
#!/bin/bash
# Description: Find copy-pasteable docs snippets that call getTeam on a nullable getUser() result.
# Expectation: No matches after updating the FAQ wording.
rg -nP -C2 '\(await\s+stackServerApp\.getUser\(\)\)\.getTeam\(' --iglob '*.mdx'Repository: stack-auth/stack-auth
Length of output: 838
🏁 Script executed:
# Find examples of stackServerApp.getUser() usage in the codebase to understand proper patterns
rg -n 'stackServerApp\.getUser' --iglob '*.mdx' --iglob '*.ts' --iglob '*.tsx' -A 2 -B 1 | head -100Repository: stack-auth/stack-auth
Length of output: 9065
🏁 Script executed:
# Look for Stack SDK type definitions to understand getUser() options
fd -type f \( -name '*.d.ts' -o -name '*.ts' \) | xargs rg -l 'getUser.*or.*redirect|getUser.*throw' | head -20Repository: stack-auth/stack-auth
Length of output: 1463
🏁 Script executed:
# Check the actual Stack SDK code or types for getUser method signature
rg -n 'getUser\s*\(' --iglob '*.ts' --iglob '*.tsx' -B 2 -A 5 | grep -E '(getUser|or:|throw)' | head -60Repository: stack-auth/stack-auth
Length of output: 9373
Line 370 shows unsafe copy-pasteable code that can null dereference.
(await stackServerApp.getUser()).getTeam(id) must handle the unauthenticated case. Line 370 should show a safe pattern like const user = await stackServerApp.getUser({ or: "redirect" }); await user.getTeam(id); to match the correct usage demonstrated elsewhere in the same file (lines 50, 107, 234, 295).
Suggested fix
- For product pages and APIs acting as the signed-in user, use **`(await stackServerApp.getUser()).getTeam(id)`** so membership is enforced by Hexclave. Use **`stackServerApp.getTeam`** only when you intentionally need **project-wide** team lookup (for example internal admin tools), then apply your own authorization.
+ For product pages and APIs acting as the signed-in user, first ensure you have the current user (for example, **`const user = await stackServerApp.getUser({ or: "redirect" })`**), then call **`user.getTeam(id)`** so membership is enforced by Hexclave. Use **`stackServerApp.getTeam`** only when you intentionally need **project-wide** team lookup (for example internal admin tools), then apply your own authorization.📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
Suggested change
| For product pages and APIs acting as the signed-in user, use **`(await stackServerApp.getUser()).getTeam(id)`** so membership is enforced by Hexclave. Use **`stackServerApp.getTeam`** only when you intentionally need **project-wide** team lookup (for example internal admin tools), then apply your own authorization. | |
| For product pages and APIs acting as the signed-in user, first ensure you have the current user (for example, **`const user = await stackServerApp.getUser({ or: "redirect" })`**), then call **`user.getTeam(id)`** so membership is enforced by Hexclave. Use **`stackServerApp.getTeam`** only when you intentionally need **project-wide** team lookup (for example internal admin tools), then apply your own authorization. |
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@docs-mintlify/guides/other/tutorials/build-a-team-based-app.mdx` at line 370,
The snippet uses (await stackServerApp.getUser()).getTeam(id) which can
null-dereference when unauthenticated; change usage of stackServerApp.getUser to
handle the unauthenticated case (e.g., call stackServerApp.getUser({ or:
"redirect" }) or assign to a const user and check for null before calling
user.getTeam) so getTeam(id) is only invoked on a guaranteed non-null user;
update occurrences of stackServerApp.getUser and getTeam in this section to
follow that safe pattern.
![vercel[bot]](https://avatars.githubusercontent.com/in/8329?s=60&v=4){kind=small}
| --- | ||
| title: "Overview" | ||
| description: "Complete REST API documentation for Stack Auth" | ||
| description: "Complete REST API documentation for Hexclave" |
There was a problem hiding this comment.
Inconsistent branding where line 6 says "Stack offers a REST API" while the rest of the document uses "Hexclave" branding.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Updated docs to reflect new naming convention for Hexclave, preserving code examples, env vars, snippets, etc.
Summary by CodeRabbit
Documentation