chore(other): add requiresLogin setting#10
Conversation
![redocly[bot]](https://avatars.githubusercontent.com/in/348054?s=60&v=4){kind=small}
There was a problem hiding this comment.
cafe AI Review: 🟢 Completed
Reunite Agent has reviewed your changes and found 2 potential issue(s).
Note
Low Risk
This is a minor configuration change for Redocly that introduces an access control setting for the documentation, with no direct impact on application code or runtime behavior.
Overview
Updates redocly.yaml to add an access block with requiresLogin: true, which enforces authentication for users attempting to view the hosted API documentation.
| @@ -1,3 +1,5 @@ | |||
| access: | |||
| requiresLogin: true | |||
There was a problem hiding this comment.
Severity: Medium
Requiring login defaults to permitting any Redocly or Google account if sso is not explicitly configured. Consider defining specific identity providers to restrict access to authorized users only.
| @@ -1,3 +1,5 @@ | |||
| access: | |||
| requiresLogin: true | |||
There was a problem hiding this comment.
Severity: Low
When requiresLogin is enabled, consider adding logoutReturnUrl to the access object to ensure users are redirected to a secure, known location after logging out.
2 participants
No description provided.