auth: cover short-session reauth and multi-step login forms in FAQ

[masnwilliams]

Summary

The May 2026 managed-auth doc refresh missed two shipped behaviors. This PR adds them to auth/faq.mdx:

• Short-session site reauth — auto-reauth keeps running when a site's session TTL is shorter than the health-check interval. Each successful login resets the auto-reauth state, so the connection isn't given up on after consecutive "expired" health checks. Added an FAQ entry plus a pointer at the health_check_interval knob for users who want shorter detection windows.
• Multi-step login forms — the existing "What types of flows does Managed Auth support?" answer lumped "multi-step workflows" into the "use browser automation instead" bucket, which contradicts current behavior. Reworded to make clear that multi-step login forms (e.g. email on page 1, password revealed on page 2) are handled end-to-end, while post-login multi-step workflows still belong in browser automation.

Test plan

• Mintlify preview renders both FAQ entries
• Wording flows with the surrounding tone (short, direct, no marketing fluff)

---

Note

Low Risk
Low risk documentation-only change; no runtime or API behavior is modified.

Overview
Adds an FAQ entry explaining how automatic re-authentication behaves when a site's session TTL is shorter than the health_check_interval, including guidance on reducing the interval to avoid frequent NEEDS_AUTH states.

Rewords the "What types of flows does Managed Auth support?" answer to explicitly include multi-step login forms as supported, while still directing post-login workflows to browser automation.

^{Reviewed by Cursor Bugbot for commit aaf79ed. Bugbot is set up for automated code reviews on this repo. Configure here.}

[mintlify]

Preview deployment for your docs. Learn more about Mintlify Previews.

Project	Status	Preview	Updated (UTC)
Kernel	🟢 Ready	View Preview	May 13, 2026, 3:24 PM

💡 Tip: Enable Workflows to automatically generate PRs for you.

[firetiger-agent]

Firetiger deploy monitoring skipped

This PR didn't match the auto-monitor filter configured on your GitHub connection:

Any PR that changes the kernel API. Monitor changes to API endpoints (packages/api/cmd/api/) and Temporal workflows (packages/api/lib/temporal) in the kernel repo

Reason: This PR only modifies documentation (auth/faq.mdx) and does not change any API endpoints or Temporal workflows in the kernel repo.

To monitor this PR anyway, reply with @firetiger monitor this.

[cursor]

Risk assessment: Very Low.

This PR only changes auth/faq.mdx, adding one FAQ entry and updating one Managed Auth support answer. There are no codepath, configuration, infrastructure, schema, prompt, or navigation changes in the diff, and I found no CODEOWNERS file indicating code-owner review is required. No prior approval was present, so I’m approving.

  

_{Sent by Cursor Automation: Assign PR reviewers}