Skip to content

Comments

feat: add guide for authenticating with a script#14

Merged
jeswr merged 6 commits intomainfrom
feat/script-authentication
Feb 21, 2026
Merged

feat: add guide for authenticating with a script#14
jeswr merged 6 commits intomainfrom
feat/script-authentication

Conversation

@jeswr
Copy link
Member

@jeswr jeswr commented Feb 15, 2026

Copilot AI review requested due to automatic review settings February 15, 2026 20:49
@jeswr jeswr requested a review from a team as a code owner February 15, 2026 20:49
@jeswr jeswr enabled auto-merge (squash) February 15, 2026 20:50
Copilot AI reviewed Feb 15, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds a comprehensive guide for authenticating Node.js scripts with Solid servers using Client Credentials. The guide addresses a common need for automated authentication in server-side scripts, bots, and CI/CD workflows where browser-based authentication isn't available.

Changes:

  • Updated the main documentation index with an improved welcome message and added the new authentication guide to the guide list
  • Added a complete step-by-step guide covering Client Credentials authentication for Node.js scripts
  • Documented both UI-based and API-based methods for generating credentials

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 3 comments.

File Description
docs/index.md Enhanced welcome text and added link to the new authentication guide
docs/guides/authenticating_with_a_script.md New comprehensive guide covering Client Credentials authentication for Node.js scripts

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@jeswr
Update docs/guides/authenticating_with_a_script.md
a3af9a0 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@jeswr
Copy link
Member Author

jeswr commented Feb 17, 2026

@langsamu could you please approve this.

langsamu
langsamu approved these changes Feb 18, 2026
View reviewed changes
@langsamu
Copy link
Contributor

langsamu commented Feb 18, 2026

@langsamu could you please approve this.

Two suggestions (2. more important) but good to publish in my opinion.

@jeswr
Copy link
Member Author

jeswr commented Feb 18, 2026

@copilot please implement the suggested changes made by Samu

Copilot AI mentioned this pull request Feb 18, 2026
Merged
Copy link
Contributor

Copilot AI commented Feb 18, 2026

@jeswr I've opened a new pull request, #15, to work on those changes. Once the pull request is ready, I'll request review from you.

@jeswr
feat: add guide for authenticating with a script (#15)
23adeec 
* Initial plan

* Address review feedback: load OIDC_ISSUER from env var, add cross-platform instructions

Co-authored-by: jeswr <63333554+jeswr@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: jeswr <63333554+jeswr@users.noreply.github.com>
@jeswr jeswr requested a review from langsamu February 18, 2026 21:42
langsamu
langsamu approved these changes Feb 19, 2026
View reviewed changes
Copy link
Contributor

@langsamu langsamu left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Again, good to publish in my opinion.
Followed instructions to the letter and got expected result.

Did not try 2.B (get client creds programmatically).

A few suggestions below clarifying OIDC AS vs Solid URI.

A general observation:
Using the WebID profile document as the example of a resource to get using an authenticated fetch has some shortcomings.

  • The WebID profile resource is, by definition and necessity, a public one. Retrieving it with an authenticated request is a known anti-pattern.
  • The WebID profile resource is not defined to be a Solid resource. Indeed it is not a Solid resource in ESS.
  • While 'WebID' is an immediately recognisable term for those familiar with Solid, it might not be as well known for the novice targeted here.

jeswr and others added 2 commits February 21, 2026 18:18
@jeswr @langsamu
Apply suggestions from code review
aa18836 
Co-authored-by: Samu Lang <langsamu@users.noreply.github.com>
@jeswr @langsamu
Update docs/guides/authenticating_with_a_script.md
7259b99 
Co-authored-by: Samu Lang <langsamu@users.noreply.github.com>
@jeswr
Copy link
Member Author

jeswr commented Feb 21, 2026

@copilot please fix #14 (review) by providing an optional URL input of the protected resource they wish to fetch.

Copilot AI mentioned this pull request Feb 21, 2026
Merged
Copy link
Contributor

Copilot AI commented Feb 21, 2026

@jeswr I've opened a new pull request, #16, to work on those changes. Once the pull request is ready, I'll request review from you.

@jeswr
fix: use optional SOLID_RESOURCE_URL for authenticated fetch example (#…
bef5a91 
…16)

* Initial plan

* fix: add optional SOLID_RESOURCE_URL env var for the resource to fetch

Co-authored-by: jeswr <63333554+jeswr@users.noreply.github.com>

* Apply suggestions from code review

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: jeswr <63333554+jeswr@users.noreply.github.com>
@jeswr jeswr disabled auto-merge February 21, 2026 21:53
@jeswr jeswr merged commit e1f8c32 into main Feb 21, 2026
1 check passed
@jeswr jeswr deleted the feat/script-authentication branch February 21, 2026 21:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@langsamu langsamu langsamu approved these changes

@matthieubosquet matthieubosquet Awaiting requested review from matthieubosquet

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jeswr @langsamu