Skip to content

docs: document OIDC auth for HTTP servers and advanced CLI flags#3017

Merged
lpcox merged 1 commit intomainfrom
docs/oidc-and-flags-2981
Apr 1, 2026
Merged

docs: document OIDC auth for HTTP servers and advanced CLI flags#3017
lpcox merged 1 commit intomainfrom
docs/oidc-and-flags-2981

Conversation

@lpcox
Copy link
Copy Markdown
Collaborator

@lpcox lpcox commented Apr 1, 2026

Summary

Addresses documentation gaps found by the Nightly Documentation Reconciler (#2981).

Changes

1. OIDC Authentication for HTTP Servers (docs/CONFIGURATION.md)

Documents the auth field for HTTP MCP backend servers:

  • type: "github-oidc" — obtains GitHub Actions OIDC tokens and attaches them as Bearer headers
  • audience — optional OIDC audience (defaults to server URL)
  • Notes that auth is only valid for HTTP servers and tokens are cached/refreshed automatically
  • Includes a JSON configuration example

2. OIDC Environment Variables (docs/ENVIRONMENT_VARIABLES.md)

Adds new "GitHub Actions OIDC Variables" section documenting:

  • ACTIONS_ID_TOKEN_REQUEST_URL — OIDC token endpoint (set by Actions runner)
  • ACTIONS_ID_TOKEN_REQUEST_TOKEN — bearer token for OIDC requests (set by Actions runner)

3. Advanced CLI Flags (CONTRIBUTING.md)

Adds an "Advanced Flags" subsection to "Running Locally" with examples for:

  • --log-dir, --env, -v, --payload-dir, --payload-size-threshold
  • Cross-reference to docs/ENVIRONMENT_VARIABLES.md for full list

Closes #2981

@lpcox
docs: document OIDC auth for HTTP servers and add CLI flags
f9b92c3 
- Add auth field documentation (github-oidc) to docs/CONFIGURATION.md
- Add OIDC environment variables section to docs/ENVIRONMENT_VARIABLES.md
- Add Advanced Flags subsection to CONTRIBUTING.md

Closes #2981

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Copilot AI review requested due to automatic review settings April 1, 2026 21:39
Copilot AI approved these changes Apr 1, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR closes the documentation gaps identified in #2981 by documenting the existing GitHub Actions OIDC auth support for HTTP MCP backends and by adding examples of advanced awmg CLI flags for local development workflows.

Changes:

  • Documented auth.type: "github-oidc" (and optional audience) for HTTP servers in docs/CONFIGURATION.md, including behavior notes and an example.
  • Added a new section describing ACTIONS_ID_TOKEN_REQUEST_URL and ACTIONS_ID_TOKEN_REQUEST_TOKEN in docs/ENVIRONMENT_VARIABLES.md.
  • Added an “Advanced Flags” subsection to CONTRIBUTING.md with practical examples for --log-dir, --env, -v, --payload-dir, and --payload-size-threshold.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated no comments.

File Description
docs/ENVIRONMENT_VARIABLES.md Adds GitHub Actions OIDC environment variables required by github-oidc HTTP server auth.
docs/CONFIGURATION.md Documents the auth server field for HTTP backends, including github-oidc semantics and example config.
CONTRIBUTING.md Adds examples for advanced runtime flags commonly used when running locally.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@lpcox lpcox merged commit 9f07d87 into main Apr 1, 2026
14 checks passed
@lpcox lpcox deleted the docs/oidc-and-flags-2981 branch April 1, 2026 21:41
This was referenced Apr 1, 2026
Closed
Closed
Closed
Copilot AI mentioned this pull request Apr 3, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

📚 Documentation Reconciliation Report - 2026-04-01

2 participants

@lpcox