fix(changetracker): improve API auth UX and move API to top-level sidebar by DanPiazza-Netwrix · Pull Request #901 · netwrix/docs

DanPiazza-Netwrix · 2026-05-13T13:45:09Z

Summary

Changes the Change Tracker Hub API security scheme from `apiKey` to `http`/`bearer`, so the interactive explorer labels the input field "Bearer Token" and automatically prepends `Bearer ` to the value — users no longer need to know the header format
Moves the API section from nested inside Integrations to a top-level sidebar item (position 115, just below Integrations at 110) for better discoverability
Suppresses the auto-generated `changetracker-hub` info page from the sidebar (misaligned URL, label, and content)
Strips trailing periods from all 348 operation `summary` fields in the OpenAPI YAML — these were rendering verbatim as H1 headings and sidebar labels on every generated reference page
Content polish across all hand-authored API docs: product name casing, code fence language specifiers, heading capitalisation, parameter formatting, active voice

Test plan

`npm run start` builds without errors
API endpoint pages show AUTHORIZATION: HTTP (not AUTHORIZATION: AUTHORIZATION) in the right panel
Auth section shows a Bearer Token input field
API section appears as a top-level sidebar item below Integrations
Collapsing API Reference within the API sidebar works correctly
Generated reference page H1 headings have no trailing periods (e.g. `/api/reference/update-config-itemupdate-get`)
All links in `api/overview.md`, `integration/overview.md`, and `api/reference/index.md` resolve

Generated with AI

Co-Authored-By: Claude Code ai@netwrix.com

…evel sidebar - Change security scheme from apiKey to http/bearer so the interactive explorer labels the token field "Bearer Token" and auto-prepends "Bearer " to the value, eliminating the need for users to know the header format - Move the API section from inside Integrations to a top-level sidebar item (position 115, just below Integrations) for better discoverability - Update all internal links, config paths, gitignore rules, and the parseFrontMatter path check to reflect the new api/ location - Fix inaccurate auth instructions in the API Reference index page to match the actual explorer UI Generated with AI Co-Authored-By: Claude Code <ai@netwrix.com>

Adds orientation for the right-hand panel and clarifies that the Bearer Token is applied automatically, so readers don't expect a separate confirm/apply step. Generated with AI Co-Authored-By: Claude Code <ai@netwrix.com>

github-actions · 2026-05-13T13:55:43Z

Auto-Fix Summary

21 issues fixed, 5 skipped across 7 files

Category	Fixes
AllowsYouTo (rewrite)	2
OxfordComma (rewrite)	1
Dale: passive-voice	14
Dale: wordiness	4

Skipped (needs manual review)	Reason

Ask @claude on this PR if you'd like an explanation of any fix.

…ction - Remove auto-generated info page ("Introduction"/changetracker-hub) from sidebar — it duplicates content already shown on every endpoint page and has a URL slug that doesn't match its label - Fix "ChangeTracker" → "Change Tracker" in authentication.md, credentials.md, and register-agents.md (product name style rule) - Fix "statues" → "statuses" typo and add missing Oxford comma in agents.md - Fix "wether" → "whether" typo in authentication.md - Fix broken placeholder URL in agents.md - Fix misleading attribution in overview.md and reference/index.md — Docusaurus generates the reference from the spec, not the Hub itself - Deduplicate sidebar_position values across the API hand-authored pages Generated with AI Co-Authored-By: Claude Code <ai@netwrix.com>

github-actions · 2026-05-13T14:09:20Z

Auto-Fix Summary

1 issues fixed, 4 skipped across 7 files

Category	Fixes
Dale: wordiness	1

Skipped (needs manual review)	Reason

| docs/changetracker/8.1/api/overview.md:9 — Dale: wordiness | 'that customers can use to integrate' is wordy, but rewriting risks dropping the audience cue ('customers') and shifts the framing of the sentence. |
| docs/changetracker/8.1/api/overview.md:37 — Dale: wordiness | 'implement proper error handling in your code to gracefully handle API errors' has redundancy, but trimming the softeners ('proper', 'gracefully') may change the recommended-practice emphasis. |
| docs/changetracker/8.1/api/register-agents.md:76 — Dale: passive-voice | 'as reported by the device' is a standard idiomatic way to attribute the source; an active rewrite ('that the device reports') reads awkwardly in a parameter description. |
| docs/changetracker/8.1/api/credentials.md:156 — Dale: passive-voice | 'The following online detection methods are available' is a common stative construction preceding a table; active rewrites would alter the sentence shape and the surrounding pattern is used identically in other API pages. |

Ask @claude on this PR if you'd like an explanation of any fix.

…X parse error Generated with AI Co-Authored-By: Claude Code <ai@netwrix.com>

github-actions · 2026-05-13T14:13:52Z

Auto-Fix Summary

1 issues fixed, 4 skipped across 7 files

Category	Fixes
Dale: wordiness	1

Skipped (needs manual review)	Reason

| docs/changetracker/8.1/api/overview.md:17 — Dale: passive-voice | 'is generated from the OpenAPI 3.0 spec' describes auto-generated documentation; there is no clear active subject (the spec itself doesn't generate; tooling does), so any active rewrite would either change meaning or introduce an awkward subject |
| docs/changetracker/8.1/api/reference/index.md:7 — Dale: passive-voice | Same as above — 'is generated from the OpenAPI 3.0 specification' has no clean active rewrite without changing meaning or adding an inaccurate subject |
| docs/changetracker/8.1/api/register-agents.md:76 — Dale: passive-voice | 'as reported by the device' is a conventional API-doc adjectival phrase describing a returned field; rewriting to 'as the device reports it' is no clearer and changes the established convention used across these reference pages |
| docs/changetracker/8.1/api/register-agents.md:78 — Dale: passive-voice | 'as entered by the user' is a conventional API-doc adjectival phrase consistent with the surrounding parameter descriptions |

Ask @claude on this PR if you'd like an explanation of any fix.

- Add json and powershell language specifiers to code fences in agents.md - Remove stray colon from AgentDisplayNames parameter entry - Fix heading capitalisation: "Json" -> "JSON" - Fix inline code formatting for $NctSession in authentication.md Generated with AI Co-Authored-By: Claude Code <ai@netwrix.com>

github-actions · 2026-05-13T14:22:32Z

Auto-Fix Summary

0 issues fixed, 5 skipped across 7 files

Skipped (needs manual review)	Reason

| docs/changetracker/8.1/api/overview.md:17 — Dale: passive-voice | 'This reference is generated from the Change Tracker Hub's OpenAPI 3.0 spec' — actor is build tooling, not a meaningful agent. Active rewrites either introduce first-person ('Netwrix generates...') or change nuance ('comes from', 'reflects'). |
| docs/changetracker/8.1/api/reference/index.md:7 — Dale: passive-voice | Same construction as overview.md line 17 ('This reference is generated from the Change Tracker Hub's OpenAPI 3.0 specification'). No active rewrite preserves the meaning that the spec drives an automated generation process. |
| docs/changetracker/8.1/api/register-agents.md:11 — Dale: misplaced-modifiers | 'endpoints for registering new agents, which can be either direct agents installed on devices or proxied devices accessed through another agent' — the 'which' clause awkwardly equates agents with proxied devices, but fixing requires restructuring that risks changing the author's intended scope. |
| docs/changetracker/8.1/api/register-agents.md:76 — Dale: passive-voice | 'Specifies the Operating System full description as reported by the device' — participial phrase functioning as a modifier in a table cell; rewriting to active ('that the device reports') is awkward in compact table prose. |
| docs/changetracker/8.1/api/register-agents.md:78 — Dale: passive-voice | 'Specifies the operating system as entered by the user' — same pattern; participial modifier in a table cell where the active rewrite reads worse. |

Ask @claude on this PR if you'd like an explanation of any fix.

…mmaries The OpenAPI generator uses summary fields verbatim as page H1 headings and sidebar labels. 348 operation summaries ended with a period, making every generated reference page title read as a sentence fragment with punctuation. Stripped the trailing period from all summary fields in the YAML source. Generated with AI Co-Authored-By: Claude Code <ai@netwrix.com>

github-actions · 2026-05-13T14:49:19Z

Auto-Fix Summary

0 issues fixed, 4 skipped across 7 files

Skipped (needs manual review)	Reason

| docs/changetracker/8.1/api/overview.md:17 — Dale: passive-voice | 'This reference is generated from...' — active rewrites either invent an agent (e.g., Netwrix, tooling) or lose the implication that the reference is auto-generated from the spec. Skipped to preserve meaning. |
| docs/changetracker/8.1/api/reference/index.md:7 — Dale: passive-voice | 'This reference is generated from...' — same construction as overview.md; active rewrites risk changing the auto-generation implication. |
| docs/changetracker/8.1/api/overview.md:35 — Dale: wordiness | 'Implement appropriate rate limiting' — 'appropriate' is borderline filler but carries nuance (context-sensitive limits). Skipped as the trim is judgment-dependent. |
| docs/changetracker/8.1/api/overview.md:37 — Dale: wordiness | 'implement proper error handling...to gracefully handle API errors' — restructuring to remove 'proper'/'gracefully' would change the sentence shape and possibly the nuance about graceful failure. |

Ask @claude on this PR if you'd like an explanation of any fix.

The Change Tracker Hub API (ASP.NET Web API) exposed both GET and POST on 259 of 279 endpoints — every operation was duplicated in the generated reference, cluttering the sidebar with ~520 entries. For each dual-method endpoint, kept whichever method matches REST semantics (GET for reads, POST for writes). Conservative approach: only removed a method when the operation summary or path unambiguously indicated the correct method; 17 genuinely ambiguous endpoints (auth, downloads, report rendering, commandParser variants) keep both methods. Result: 117 GET operations removed, 125 POST operations removed, 17 dual-method paths retained, sidebar reduced from ~520 to ~276 entries. Generated with AI Co-Authored-By: Claude Code <ai@netwrix.com>

github-actions · 2026-05-13T15:23:24Z

Auto-Fix Summary

4 issues fixed, 5 skipped across 7 files

Category	Fixes
Dale: passive-voice	4

Skipped (needs manual review)	Reason

| docs/changetracker/8.1/api/overview.md:17 — Dale: passive-voice | 'This reference is generated from...' — no clear active rewrite preserves meaning; the agent (build tool) is implementation detail |
| docs/changetracker/8.1/api/reference/index.md:7 — Dale: passive-voice | Same 'is generated from' construction — active rewrite would require naming the build tool, which is irrelevant context |
| docs/changetracker/8.1/api/agents.md:106 — Dale: misplaced-modifiers | 'To trust self-signed certificates, each call... uses the argument' — purposive infinitive reads acceptably; reordering risks meaning shift |
| docs/changetracker/8.1/api/overview.md:9 — Dale: wordiness | 'comprehensive REST API' and 'particularly useful' — removing these hedge/qualifier words would shift emphasis |
| docs/changetracker/8.1/api/credentials.md:155 — Dale: passive-voice | 'The following online detection methods are available' — stative idiomatic phrasing common in docs; rewrite would feel forced |

Ask @claude on this PR if you'd like an explanation of any fix.

Add scripts/deduplicate-openapi-methods.mjs — idempotent script that removes the redundant GET or POST from each dual-method endpoint in the Change Tracker Hub OpenAPI spec (an ASP.NET Swashbuckle artifact). Wire it into prestart/prebuild/preci so deduplication runs automatically before every gen-api-docs call. Add openapi:sync for manual use when a new spec is committed: deduplicates, cleans, regenerates, and restores _category_.json in one command. Generated with AI Co-Authored-By: Claude Code <ai@netwrix.com>

github-actions · 2026-05-13T15:53:20Z

Auto-Fix Summary

2 issues fixed, 0 skipped across 7 files

Category	Fixes
Dale: passive-voice	2

Ask @claude on this PR if you'd like an explanation of any fix.

Automatically deduplicates GET/POST on the Change Tracker Hub OpenAPI spec whenever static/openapi/*.yaml changes in a PR. Runs after push, commits the cleaned spec back to the branch — no manual steps needed. Uses the same VALE_TOKEN + loop-prevention pattern as vale-autofix.yml. Generated with AI Co-Authored-By: Claude Code <ai@netwrix.com>

github-actions · 2026-05-13T16:14:13Z

Auto-Fix Summary

0 issues fixed, 0 skipped across 7 files

Ask @claude on this PR if you'd like an explanation of any fix.

Documents the deduplication system, sidebar integration, OpenAPI spec quirks, and other technical context for future sessions. Generated with AI Co-Authored-By: Claude Code <ai@netwrix.com>

github-actions · 2026-05-13T16:41:46Z

Auto-Fix Summary

0 issues fixed, 7 skipped across 7 files

Skipped (needs manual review)	Reason

| docs/changetracker/8.1/api/overview.md:9 — Dale: wordiness | 'comprehensive REST API' — 'comprehensive' is a hedge that may carry contextual scope nuance; removing it could subtly change the implied promise of the API |
| docs/changetracker/8.1/api/overview.md:35 — Dale: wordiness | 'Implement appropriate rate limiting' — 'appropriate' signals 'calibrated to your situation', which carries meaning in a best-practices section |
| docs/changetracker/8.1/api/overview.md:37 — Dale: wordiness | 'Always implement proper error handling' — 'proper' signals quality expectation; removing it weakens the guidance |
| docs/changetracker/8.1/api/overview.md:27 — Dale: passive-voice | 'proxied devices accessed through a proxy agent' — past-participle adjective modifier; rewriting as a relative clause would change the noun-phrase relationship |
| docs/changetracker/8.1/api/credentials.md:95 — Dale: passive-voice | 'Whether the credential is trusted' — describes a boolean field's state; rewriting would obscure the API contract |
| docs/changetracker/8.1/api/register-agents.md:11 — Dale: passive-voice | 'direct agents installed on devices or proxied devices accessed through another agent' — past-participle adjective modifiers in a noun phrase; not actionable passive voice |
| docs/changetracker/8.1/api/register-agents.md:81 — Dale: passive-voice | 'Specifies whether the agent is registered' — describes a boolean field's state, not an action that needs an actor |

Ask @claude on this PR if you'd like an explanation of any fix.

- agents.md: add backticks around Invoke-RestMethod and -SkipCertificateCheck - authentication.md: reorder description to match script's actual prompt order (URL → cert validation → credentials, not URL → credentials → cert) - overview.md: restore 'the central management server' gloss for Change Tracker Hub - reference/index.md: simplify Auth section instruction wording - register-agents.md: sentence-case 'Operating System' → 'operating system' for Os and KnownOsName rows to match OsUserSpecified row Generated with AI Co-Authored-By: Claude Code <ai@netwrix.com>

github-actions · 2026-05-13T21:00:51Z

Auto-Fix Summary

0 issues fixed, 0 skipped across 7 files

Ask @claude on this PR if you'd like an explanation of any fix.

…scheme

github-actions · 2026-05-13T21:08:05Z

Documentation PR Review

Editorial Review

docs/changetracker/8.1/api/agents.md

No issues found.

docs/changetracker/8.1/api/authentication.md

Clarity — Line 10: The four-item list "prompts for the URL, asks whether to skip certificate validation, then collects the user's credentials and creates a new session" mixes then + and instead of a serial list. Netwrix style requires the Oxford comma. Suggested fix: "It prompts for the URL, asks whether to skip certificate validation, collects the user's credentials, and creates a new session."

docs/changetracker/8.1/api/credentials.md

No issues found.

docs/changetracker/8.1/api/overview.md

No issues found.

docs/changetracker/8.1/api/reference/index.md

Accuracy / Clarity — Line 31: Step 2 instructs the reader to "scroll to the Auth section," but the OpenAPI security scheme (type: http / scheme: bearer) causes the explorer to render that panel as "AUTHORIZATION: HTTP" (documented in docs/changetracker/8.1/api/CLAUDE.md). A reader searching for a section labeled "Auth" will not find a match. Suggested fix: "On any endpoint page, in the right-hand request panel, scroll to the AUTHORIZATION section."
Completeness — Lines 30–33: Step 1 tells the reader to "Obtain a session token by calling POST /auth/credentials" and points to authentication.md, but the linked PowerShell example creates a WebSession cookie ($NctSession) rather than returning a bearer token string. A reader following that script will not have an obvious value to paste into the Bearer Token field in step 3. Consider noting where the bearer-token value comes from (e.g., the response body's session/token field), or linking to a method that produces a string token suitable for the Bearer Token input.

docs/changetracker/8.1/api/register-agents.md

Clarity — Line 76: "Specifies the operating system full description that the device reports" reads awkwardly because the adjective full falls between two nouns. Suggested fix: "Specifies the full operating system description that the device reports."
Consistency — Line 78: "Specifies the operating system that the user enters (overrides discovered OS in UI)" uses both "operating system" and "OS" in the same description, and "in UI" omits the article. Suggested fix: "Specifies the operating system that the user enters (overrides the discovered operating system in the UI)."
Clarity — Line 80: "Specifies the agent ID of the proxy agent that proxies this device" repeats the proxy/proxies root. Suggested fix: "Specifies the agent ID of the proxy agent for this device."

docs/changetracker/8.1/integration/overview.md

No issues found.

Summary

5 editorial suggestions across 7 files. Vale and Dale issues are auto-fixed separately.

What to do next:

Comment @claude on this PR followed by your instructions to get help:

@claude fix all issues — fix all editorial issues
@claude help improve the flow of this document — get writing assistance
@claude explain the voice issues — understand why something was flagged

You can ask Claude anything about the review or about Netwrix writing standards.

Automated fixes are only available for branches in this repository, not forks.

github-actions · 2026-05-13T21:08:42Z

Auto-Fix Summary

0 issues fixed, 0 skipped across 7 files

Ask @claude on this PR if you'd like an explanation of any fix.

DanPiazza-Netwrix requested a review from a team as a code owner May 13, 2026 13:45

DanPiazza-Netwrix had a problem deploying to development May 13, 2026 13:45 — with GitHub Actions Error

DanPiazza-Netwrix had a problem deploying to development May 13, 2026 13:51 — with GitHub Actions Error

fix(vale): auto-fix style issues (Vale + Dale)

f3428d3

jth-nw had a problem deploying to development May 13, 2026 13:56 — with GitHub Actions Error

DanPiazza-Netwrix had a problem deploying to development May 13, 2026 14:06 — with GitHub Actions Error

fix(vale): auto-fix style issues (Vale + Dale)

0939f11

jth-nw had a problem deploying to development May 13, 2026 14:09 — with GitHub Actions Error

fix(changetracker): escape placeholder URL in agents.md to prevent MD…

d2c4d44

…X parse error Generated with AI Co-Authored-By: Claude Code <ai@netwrix.com>

DanPiazza-Netwrix had a problem deploying to development May 13, 2026 14:11 — with GitHub Actions Error

fix(vale): auto-fix style issues (Vale + Dale)

085d074

jth-nw had a problem deploying to development May 13, 2026 14:15 — with GitHub Actions Error

DanPiazza-Netwrix temporarily deployed to development May 13, 2026 14:19 — with GitHub Actions Inactive

DanPiazza-Netwrix temporarily deployed to development May 13, 2026 14:46 — with GitHub Actions Inactive

DanPiazza-Netwrix had a problem deploying to development May 13, 2026 15:19 — with GitHub Actions Error

fix(vale): auto-fix style issues (Vale + Dale)

dce37ff

jth-nw temporarily deployed to development May 13, 2026 15:24 — with GitHub Actions Inactive

DanPiazza-Netwrix had a problem deploying to development May 13, 2026 15:50 — with GitHub Actions Error

fix(vale): auto-fix style issues (Vale + Dale)

482fddf

jth-nw temporarily deployed to development May 13, 2026 15:54 — with GitHub Actions Inactive

DanPiazza-Netwrix temporarily deployed to development May 13, 2026 16:11 — with GitHub Actions Inactive

github-advanced-security AI found potential problems May 13, 2026

View reviewed changes

Comment thread .github/workflows/openapi-dedup.yml

docs(changetracker): add CLAUDE.md for API reference directory

42fc086

Documents the deduplication system, sidebar integration, OpenAPI spec quirks, and other technical context for future sessions. Generated with AI Co-Authored-By: Claude Code <ai@netwrix.com>

DanPiazza-Netwrix temporarily deployed to development May 13, 2026 16:37 — with GitHub Actions Inactive

DanPiazza-Netwrix mentioned this pull request May 13, 2026

feat(sidebar): enable auto-collapse categories site-wide #915

Merged

2 tasks

DanPiazza-Netwrix marked this pull request as draft May 13, 2026 20:46

DanPiazza-Netwrix had a problem deploying to development May 13, 2026 20:57 — with GitHub Actions Error

Merge branch 'dev' into DanPiazza-Netwrix/fix-changetracker-api-auth-…

c561c88

…scheme

DanPiazza-Netwrix temporarily deployed to development May 13, 2026 21:05 — with GitHub Actions Inactive

DanPiazza-Netwrix marked this pull request as ready for review May 14, 2026 00:24

jth-nw merged commit ed3dbc8 into dev May 14, 2026
11 checks passed

jth-nw deleted the DanPiazza-Netwrix/fix-changetracker-api-auth-scheme branch May 14, 2026 01:47

Conversation

DanPiazza-Netwrix commented May 13, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Summary

Test plan

Uh oh!

github-actions Bot commented May 13, 2026

Auto-Fix Summary

Uh oh!

github-actions Bot commented May 13, 2026

Auto-Fix Summary

Uh oh!

github-actions Bot commented May 13, 2026

Auto-Fix Summary

Uh oh!

github-actions Bot commented May 13, 2026

Auto-Fix Summary

Uh oh!

github-actions Bot commented May 13, 2026

Auto-Fix Summary

Uh oh!

github-actions Bot commented May 13, 2026

Auto-Fix Summary

Uh oh!

github-actions Bot commented May 13, 2026

Auto-Fix Summary

Uh oh!

Uh oh!

github-actions Bot commented May 13, 2026

Auto-Fix Summary

Uh oh!

github-actions Bot commented May 13, 2026

Auto-Fix Summary

Uh oh!

github-actions Bot commented May 13, 2026

Auto-Fix Summary

Uh oh!

github-actions Bot commented May 13, 2026

Documentation PR Review

Editorial Review

Summary

Uh oh!

github-actions Bot commented May 13, 2026

Auto-Fix Summary

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

DanPiazza-Netwrix commented May 13, 2026 •

edited

Loading