Add documentation for agents with user login and OAuth configuration

[ranuka-laksika]

This update adds comprehensive documentation for the new agent creation feature that allows users to enable user
login for agents. When enabled, the system automatically creates an OAuth/OIDC application to handle user
authentication flows.

Key changes:

• Add section explaining agent types (with and without user login)
• Document interactive vs background agent options
• Explain OAuth application auto-creation for agents with user login
• Add instructions for managing OAuth applications for these agents
• Update deletion warnings for agents with associated OAuth apps

This aligns with the agent creation wizard's "Allow users to log in to this agent" checkbox and supports both
interactive agents (authorization code flow) and background agents (CIBA flow).

[coderabbitai]

Warning

Rate limit exceeded

@ranuka-laksika has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 17 minutes and 24 seconds before requesting another review.

Your organization is not enrolled in usage-based pricing. Contact your admin to enable usage-based pricing to continue reviews beyond the rate limit, or try again in 17 minutes and 24 seconds.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yml

Review profile: CHILL

Plan: Pro

Run ID: 11d8f76f-c70d-43b5-a5f7-199ae6e6df39

📥 Commits

Reviewing files that changed from the base of the PR and between 0f8189d and 17da93d.

📒 Files selected for processing (1)

• en/includes/guides/agentic-ai/ai-agents/register-and-manage-agents.md

📝 Walkthrough

Walkthrough

Updated documentation for AI agent registration and management, adding sections that define agent types based on user login requirements, describe OAuth/OIDC application creation for user-login agents, explain agent-type-specific parameters and grant types, detail OAuth application management procedures, and update agent deletion guidance with implications for automatically created OAuth applications.

Changes

Cohort / File(s)

Summary

AI Agent Registration & Management Documentation en/includes/guides/agentic-ai/ai-agents/register-and-manage-agents.md

Added "Understanding agent types" section distinguishing agents with/without user login. Updated registration flow to optionally enable user login and collect type-specific parameters (callback URL for interactive agents, CIBA expiry and notification channels for background agents). Extended post-registration instructions to describe automatically created OAuth/OIDC application with agent-type-specific grant types. Added "Managing OAuth applications for agents with user login" section covering viewing and modifying OAuth settings and token configurations. Modified deletion section to clarify that deleting user-login agents also removes their OAuth application with access loss warning.

Suggested labels

Team/Authentication & registration, Team/API Access Mgt & Authorization

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The description provides a clear purpose and explains key changes, but lacks required sections from the template: Test environment and Security checks (all unchecked).	Add missing sections: test environment details (JDK versions, operating systems, databases, browsers) and complete the security checklist with appropriate selections or comments.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately summarizes the main change: adding documentation for agents with user login and OAuth configuration, which directly matches the primary focus of the changeset.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 4

🧹 Nitpick comments (1)

en/includes/guides/agentic-ai/ai-agents/register-and-manage-agents.md (1)

81-83: Document CIBA settings with defaults and allowed values.

These configuration bullets explain what the settings do, but they do not state defaults/constraints. Add defaults and valid values to reduce ambiguity at setup time (for example, expiry default and valid notification channels).

As per coding guidelines, “When documenting configuration, describe what the setting controls, state the default value, state constraints (type, valid range, allowed values), provide a minimal example, and explain when the user should change it.”

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@en/includes/guides/agentic-ai/ai-agents/register-and-manage-agents.md` around
lines 81 - 83, Update the two CIBA configuration bullets for "Authentication
Request Expiry Time" and "Notification Channels" to include default values,
types/constraints, allowed values and a minimal example: for Authentication
Request Expiry Time (mention the default seconds, type integer, allowed range
e.g., 60–86400 and when to change it) and for Notification Channels (list
allowed values: Email, SMS, Both, default value, type enum/string and an example
usage), and ensure the text follows the doc guideline to state what the setting
controls, default, constraints, example, and guidance on when to change it.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@en/includes/guides/agentic-ai/ai-agents/register-and-manage-agents.md`:
- Line 24: The Vale spell-check flags the term "Chatbots" in the sentence
"Chatbots that respond to user queries in real-time" (and the same term at line
78); either change the wording to use the accepted phrasing such as "chatbot" or
"chatbot agents" throughout the document (including that exact sentence and the
occurrence at line 78) or add "Chatbots/chatbots" (or your preferred casing) to
the repo vocabulary accept list in
.vale/styles/config/vocabularies/vocab/accept.txt so Vale stops flagging it;
update the two occurrences consistently and re-run Vale to confirm warnings are
resolved.
- Around line 87-90: Add blank lines before and after the grant-type bullet list
to satisfy MD032 and improve readability: insert an empty line above the line
that starts the list ("For agents with user login enabled...") or immediately
after that sentence, and another empty line after the last list item ("...grant
type") so the list is surrounded by blank lines; ensure the two list items
remain unchanged and keep parallel grammar for "Interactive agents" and
"Background agents".
- Around line 28-35: Revise the two flow descriptions to use shorter, clearer
sentences: in the Interactive agents line that mentions the OAuth
"authorization_code" grant with PKCE, replace "obtain access tokens" with a
shorter phrase like "get access tokens" and keep the sentence concise; for
Background agents (CIBA) split the long sentence into two and simplify the
verbage around starting auth and consent—e.g., state "Background agents use CIBA
(Client Initiated Backchannel Authentication). This lets an agent start
authentication out-of-band (e.g., email or SMS) and get user consent
asynchronously." Reference the existing terms "authorization_code", "PKCE", and
"CIBA" when updating the text.
- Around line 23-34: The markdown has lists that start immediately after
paragraph text causing markdownlint MD032; update the sections for "Interactive
agents" and "Background agents" so each bulleted list is preceded and followed
by a blank line (i.e., add an empty line before the "-" list items and an empty
line after the list blocks) to satisfy MD032; verify the bullets under the
"Interactive agents" and "Background agents" headings remain bulleted (not
numbered) per guidelines and re-run lint to confirm warnings are resolved.

---

Nitpick comments:
In `@en/includes/guides/agentic-ai/ai-agents/register-and-manage-agents.md`:
- Around line 81-83: Update the two CIBA configuration bullets for
"Authentication Request Expiry Time" and "Notification Channels" to include
default values, types/constraints, allowed values and a minimal example: for
Authentication Request Expiry Time (mention the default seconds, type integer,
allowed range e.g., 60–86400 and when to change it) and for Notification
Channels (list allowed values: Email, SMS, Both, default value, type enum/string
and an example usage), and ensure the text follows the doc guideline to state
what the setting controls, default, constraints, example, and guidance on when
to change it.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yml

Review profile: CHILL

Plan: Pro

Run ID: 3c3b6b2c-f2a8-492b-a4fa-2140c00bceda

📥 Commits

Reviewing files that changed from the base of the PR and between 10206d6 and 0f8189d.

📒 Files selected for processing (1)

• en/includes/guides/agentic-ai/ai-agents/register-and-manage-agents.md

[pavinduLakshan]

Suggested change

	{{ product_name }} supports two categories of AI agents based on whether they require user authentication:
	{{ product_name }} supports two categories of AI agents based on whether they require user authentication.

[pavinduLakshan]

should be a list item.

[pavinduLakshan]

should be a list item.

[pavinduLakshan]

shall we add a screenshot of the "success screen"?