Add MCP Quick Start Documentation for both typeScript and python and Add Agent QuickStart doc to Identity Server 7.2.0 and next branch

[ranuka-laksika]

Fixed broken links in the MCP documentation's "What's Next?" section for Identity Server versions by adding missing quick-start wrapper files.

Problem

The MCP documentation (/guides/agentic-ai/mcp/) contains links to MCP quick-start guides:

• {{base_path}}/quick-starts/mcp-auth-server/ (TypeScript)
• {{base_path}}/quick-starts/mcp-auth-server-py/ (Python)

These links worked in Asgardeo but were broken in Identity Server (versions 7.2.0 and next) because the wrapper
files didn't exist.

Solution

Created 4 new quick-start wrapper files following the existing architecture pattern used for other quick-starts
(e.g., react.md):

Files added:

• en/identity-server/7.2.0/docs/quick-starts/mcp-auth-server.md
• en/identity-server/7.2.0/docs/quick-starts/mcp-auth-server-py.md
• en/identity-server/next/docs/quick-starts/mcp-auth-server.md
• en/identity-server/next/docs/quick-starts/mcp-auth-server-py.md

Fix Issue:- wso2/product-is#27478

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

📝 Walkthrough

Walkthrough

Added multiple quick-start documentation pages for MCP and agent authentication (TypeScript and Python) across identity-server (7.2.0 and next) and asgardeo locales, and updated shared include partials to add product-based conditional templating and a small text correction.

Changes

Cohort / File(s)	Summary
Quick-start pages (MCP & Agent) en/identity-server/7.2.0/docs/quick-starts/mcp-auth-server.md, en/identity-server/7.2.0/docs/quick-starts/mcp-auth-server-py.md, en/identity-server/7.2.0/docs/quick-starts/agent-auth-py.md, en/identity-server/7.2.0/docs/quick-starts/agent-auth-ts.md, en/identity-server/next/docs/quick-starts/mcp-auth-server.md, en/identity-server/next/docs/quick-starts/mcp-auth-server-py.md, en/identity-server/next/docs/quick-starts/agent-auth-py.md, en/identity-server/next/docs/quick-starts/agent-auth-ts.md	Added new quick-start pages using templates/quick-start.html; each defines inline meta (what_you_will_learn, prerequisites, source_code) and includes a shared quick-start partial.
Shared include partials (MCP) en/includes/quick-starts/mcp-auth-server.md, en/includes/quick-starts/mcp-auth-server-py.md	Added conditional templating for .env and console/tenant URL examples: use Asgardeo endpoints when product_name == "Asgardeo", otherwise use localhost/Identity Server URLs.
Shared include partials (Agent - Python) en/includes/quick-starts/agent-auth-py.md	Refactored Python examples to conditionally define ASGARDEO_CONFIG vs IDENTITY_SERVER_CONFIG, select the appropriate config for AgentAuthManager(...), split .env examples, and conditionally render console URL text (larger diff — review recommended).
Shared include partials (Agent - TypeScript) en/includes/quick-starts/agent-auth-ts.md	Updated TypeScript snippets to conditionally build Asgardeo vs Identity Server configs and instantiate the appropriate client across agent and OBO flows; split .env and important notes by product (larger diff — review recommended).
Navigation (MkDocs) en/identity-server/7.2.0/mkdocs.yml, en/identity-server/next/mkdocs.yml	Added navigation entries under “Get started” for “Secure MCP Servers” and “Secure Your AI Agents” linking to the new quick-start pages.
Asgardeo locale text fix en/asgardeo/docs/quick-starts/mcp-auth-server.md	Fixed a single string: “Typescript” → “TypeScript”.

Suggested labels

Team/Authentication & registration, Team/API Access Mgt & Authorization

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The description is incomplete. It omits required template sections: Purpose, Related PRs, Test environment, and Security checks. While it provides context about the fix, it doesn't follow the repository's required documentation structure.	Complete the PR description by adding all required template sections: Purpose (with linked issues), Related PRs, Test environment details, and Security checks with checkboxes marked.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately describes the main changes: adding MCP quick-start documentation for TypeScript and Python across Identity Server versions, plus agent quick-start documentation.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 8

🧹 Nitpick comments (4)

en/identity-server/7.2.0/docs/quick-starts/mcp-auth-server.md (1)

20-20: Add rel to external link with target='_blank'.

Line 20 should include rel='noopener noreferrer' for safer new-tab behavior.

Suggested edit

-    source_code: "<a href='https://github.com/wso2/iam-ai-samples/tree/main/mcp-auth/typescript' target='_blank' class='github-icon'>MCP-Auth Sample</a>"
+    source_code: "<a href='https://github.com/wso2/iam-ai-samples/tree/main/mcp-auth/typescript' target='_blank' rel='noopener noreferrer' class='github-icon'>MCP-Auth Sample</a>"

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@en/identity-server/7.2.0/docs/quick-starts/mcp-auth-server.md` at line 20,
The external anchor in the source_code string currently uses target='_blank'
without a rel attribute; update that anchor (the string "<a
href='https://github.com/wso2/iam-ai-samples/tree/main/mcp-auth/typescript'
target='_blank' class='github-icon'>MCP-Auth Sample</a>") to include
rel='noopener noreferrer' so it becomes safer when opened in a new tab.

en/identity-server/next/docs/quick-starts/mcp-auth-server-py.md (1)

19-19: Add rel='noopener noreferrer' to external new-tab link.

This aligns with safer link handling and with the npm link pattern used in related pages.

Suggested edit

-    source_code: "<a href='https://github.com/wso2/iam-ai-samples/tree/main/mcp-auth/python' target='_blank' class='github-icon'>MCP-Auth Python Sample</a>"
+    source_code: "<a href='https://github.com/wso2/iam-ai-samples/tree/main/mcp-auth/python' target='_blank' rel='noopener noreferrer' class='github-icon'>MCP-Auth Python Sample</a>"

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@en/identity-server/next/docs/quick-starts/mcp-auth-server-py.md` at line 19,
The external anchor in the source_code string ("<a
href='https://github.com/wso2/iam-ai-samples/tree/main/mcp-auth/python'
target='_blank' class='github-icon'>MCP-Auth Python Sample</a>") opens a new tab
but lacks rel='noopener noreferrer'; update that anchor to include rel='noopener
noreferrer' to mitigate reverse-tabnabbing and match the npm link pattern used
elsewhere, keeping the same href, target and class attributes and text
("MCP-Auth Python Sample").

en/identity-server/next/docs/quick-starts/mcp-auth-server.md (1)

20-20: Harden external link opened in a new tab.

Line 20 uses target='_blank' without rel='noopener noreferrer'. Add rel to avoid tabnabbing and align with Line 10.

Suggested edit

-    source_code: "<a href='https://github.com/wso2/iam-ai-samples/tree/main/mcp-auth/typescript' target='_blank' class='github-icon'>MCP-Auth Sample</a>"
+    source_code: "<a href='https://github.com/wso2/iam-ai-samples/tree/main/mcp-auth/typescript' target='_blank' rel='noopener noreferrer' class='github-icon'>MCP-Auth Sample</a>"

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@en/identity-server/next/docs/quick-starts/mcp-auth-server.md` at line 20, The
external anchor string in the variable/source entry "source_code" (the MCP-Auth
Sample anchor) uses target='_blank' without rel='noopener noreferrer'; update
that anchor string to include rel='noopener noreferrer' alongside
target='_blank' so the link is hardened against tabnabbing (match the pattern
used on Line 10).

en/identity-server/7.2.0/docs/quick-starts/mcp-auth-server-py.md (1)

19-19: Harden external source link opened in a new tab.

Add rel='noopener noreferrer' with target='_blank'.

Suggested edit

-    source_code: "<a href='https://github.com/wso2/iam-ai-samples/tree/main/mcp-auth/python' target='_blank' class='github-icon'>MCP-Auth Python Sample</a>"
+    source_code: "<a href='https://github.com/wso2/iam-ai-samples/tree/main/mcp-auth/python' target='_blank' rel='noopener noreferrer' class='github-icon'>MCP-Auth Python Sample</a>"

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@en/identity-server/7.2.0/docs/quick-starts/mcp-auth-server-py.md` at line 19,
The external link in the "source_code" field uses target='_blank' without the
recommended rel attributes; update the anchor in the source_code value (the
string containing "<a
href='https://github.com/wso2/iam-ai-samples/tree/main/mcp-auth/python'
target='_blank' class='github-icon'>MCP-Auth Python Sample</a>") to include
rel='noopener noreferrer' so the anchor becomes hardened when opened in a new
tab.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@en/identity-server/7.2.0/docs/quick-starts/mcp-auth-server-py.md`:
- Line 16: Rewrite the awkward prerequisite list item "Python package installer
like pip installed" to a clear, parallel imperative form; for example change it
to "Install pip (the Python package installer)" so it reads in plain language,
short sentence, and matches the surrounding imperative list items in the
quick-starts mcp-auth-server-py.md document.
- Line 14: The link label currently uses the hyphenated form "Set-up {{
product_name }}" — update the anchor text to the plain verb phrase "Set up {{
product_name }}" in the line containing "<a href='{{ base_path
}}/get-started/quick-set-up/'>Set-up {{ product_name }}</a>" so the label
follows the guideline to use plain language and short, precise phrasing.

In `@en/identity-server/7.2.0/docs/quick-starts/mcp-auth-server.md`:
- Line 15: The link text uses the hyphenated noun form "Set-up {{ product_name
}}" instead of the verb phrase; update the anchor text in the string "<a
href='{{ base_path }}/get-started/quick-set-up/'>Set-up {{ product_name }}</a>"
to use the verb form "Set up {{ product_name }}" (leave the href intact) so the
link reads "<a href='{{ base_path }}/get-started/quick-set-up/'>Set up {{
product_name }}</a>".
- Around line 8-10: Update the list to use the correct product casing and
parallel verbs: change "Typescript" to "TypeScript" in the first item and
convert the second item from "Defines an MCP tool that adds two numbers" to the
imperative "Define an MCP tool that adds two numbers" so all list entries use
consistent imperative phrasing (refer to the list items containing the strings
"Create a new MCP server in Typescript" and "Defines an MCP tool that adds two
numbers").

In `@en/identity-server/next/docs/quick-starts/mcp-auth-server-py.md`:
- Line 16: Reword the prerequisite list item that currently reads "Python
package installer like pip installed" to an imperative, parallel short sentence
— for example change the string to "Install a Python package installer (for
example, pip)" or "Install pip (Python package installer)"; update the list item
text in the document where that exact phrase appears so it matches the other
imperative-style prerequisites and uses plain, short language.
- Line 14: The link text currently uses the hyphenated noun form "Set-up {{
product_name }}" which should be the verb phrase "Set up {{ product_name }}";
update the string literal in the template (the entry containing "<a href='{{
base_path }}/get-started/quick-set-up/'>Set-up {{ product_name }}</a>") to read
"Set up {{ product_name }}" so the link text uses the verb form and follows the
plain-language guidelines.

In `@en/identity-server/next/docs/quick-starts/mcp-auth-server.md`:
- Line 15: The link text currently uses the incorrect hyphenated form "Set-up"
inside the string literal ("<a href='{{ base_path
}}/get-started/quick-set-up/'>Set-up {{ product_name }}</a>"); update that
displayed link text to the correct verb form "Set up {{ product_name }}"
(preserve the existing href and template interpolation) so the anchor becomes
"<a ...>Set up {{ product_name }}</a>".
- Around line 8-10: Update the list items to use the correct product casing and
parallel imperative phrasing: change "Create a new MCP server in Typescript" to
"Create a new MCP server in TypeScript" and change "Defines an MCP tool that
adds two numbers" to an imperative form like "Create an MCP tool that adds two
numbers" so all items (e.g., the strings shown: "Create a new MCP server in
Typescript" and "Defines an MCP tool that adds two numbers") follow consistent
grammar and official product naming while leaving the "Install <a ...>Asgardeo
MCP SDK</a>" item unchanged.

---

Nitpick comments:
In `@en/identity-server/7.2.0/docs/quick-starts/mcp-auth-server-py.md`:
- Line 19: The external link in the "source_code" field uses target='_blank'
without the recommended rel attributes; update the anchor in the source_code
value (the string containing "<a
href='https://github.com/wso2/iam-ai-samples/tree/main/mcp-auth/python'
target='_blank' class='github-icon'>MCP-Auth Python Sample</a>") to include
rel='noopener noreferrer' so the anchor becomes hardened when opened in a new
tab.

In `@en/identity-server/7.2.0/docs/quick-starts/mcp-auth-server.md`:
- Line 20: The external anchor in the source_code string currently uses
target='_blank' without a rel attribute; update that anchor (the string "<a
href='https://github.com/wso2/iam-ai-samples/tree/main/mcp-auth/typescript'
target='_blank' class='github-icon'>MCP-Auth Sample</a>") to include
rel='noopener noreferrer' so it becomes safer when opened in a new tab.

In `@en/identity-server/next/docs/quick-starts/mcp-auth-server-py.md`:
- Line 19: The external anchor in the source_code string ("<a
href='https://github.com/wso2/iam-ai-samples/tree/main/mcp-auth/python'
target='_blank' class='github-icon'>MCP-Auth Python Sample</a>") opens a new tab
but lacks rel='noopener noreferrer'; update that anchor to include rel='noopener
noreferrer' to mitigate reverse-tabnabbing and match the npm link pattern used
elsewhere, keeping the same href, target and class attributes and text
("MCP-Auth Python Sample").

In `@en/identity-server/next/docs/quick-starts/mcp-auth-server.md`:
- Line 20: The external anchor string in the variable/source entry "source_code"
(the MCP-Auth Sample anchor) uses target='_blank' without rel='noopener
noreferrer'; update that anchor string to include rel='noopener noreferrer'
alongside target='_blank' so the link is hardened against tabnabbing (match the
pattern used on Line 10).

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yml

Review profile: CHILL

Plan: Pro

Run ID: 15c75a6c-4a3e-4dc4-95ba-eaf97349e6aa

📥 Commits

Reviewing files that changed from the base of the PR and between eb57e20 and 60a1381.

📒 Files selected for processing (4)

• en/identity-server/7.2.0/docs/quick-starts/mcp-auth-server-py.md
• en/identity-server/7.2.0/docs/quick-starts/mcp-auth-server.md
• en/identity-server/next/docs/quick-starts/mcp-auth-server-py.md
• en/identity-server/next/docs/quick-starts/mcp-auth-server.md

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@en/includes/quick-starts/mcp-auth-server-py.md`:
- Around line 121-135: The fenced `.env` code blocks inside the Jinja
conditional need blank lines around them to satisfy MD031: add a blank line
immediately before the opening ```properties and immediately after the closing
``` in both the `{% if product_name == "Asgardeo" %}` branch and the `{% else
%}` branch, and ensure there is one blank line separating the first block's
closing fence and the `{% else %}` tag so both fenced blocks have blank lines
above and below.

In `@en/includes/quick-starts/mcp-auth-server.md`:
- Around line 231-241: The fenced ```env blocks are not separated by blank lines
from the surrounding Jinja tags ({% if product_name == "Asgardeo" %}, {% else
%}, {% endif %}), triggering MD031; fix by adding a blank line before the
opening ```env and a blank line after the closing ``` in both branches so each
fenced code block is surrounded by blank lines relative to the Jinja tags.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yml

Review profile: CHILL

Plan: Pro

Run ID: be1c7403-5bf3-4ef8-82ae-bb8c992fc16d

📥 Commits

Reviewing files that changed from the base of the PR and between 60a1381 and 755f8b9.

📒 Files selected for processing (3)

• en/identity-server/next/docs/quick-starts/mcp-auth-server.md
• en/includes/quick-starts/mcp-auth-server-py.md
• en/includes/quick-starts/mcp-auth-server.md

✅ Files skipped from review due to trivial changes (1)

• en/identity-server/next/docs/quick-starts/mcp-auth-server.md

[coderabbitai]

Actionable comments posted: 3

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (3)

en/includes/quick-starts/agent-auth-ts.md (2)

52-53: ⚠️ Potential issue | 🟡 Minor

Replace hardcoded product name with template variable.

Line 52 hardcodes "Asgardeo" but this include file is now shared between Asgardeo and Identity Server. The text should use {{ product_name }} for cross-product compatibility.

🔧 Proposed fix

 !!! Info
-    The **authorized redirect URL** defines the location Asgardeo sends users to after a successful login, typically the address of the client application that connects to the MCP server.
+    The **authorized redirect URL** defines the location {{ product_name }} sends users to after a successful login, typically the address of the client application that connects to the MCP server.
     In this guide, the AI agent behaves as the client, which consists of a lightweight OAuth 2.1 callback server running at `http://localhost:3001/callback` to capture the authorization code. So, we will use this URL as the authorized redirect for this guide.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@en/includes/quick-starts/agent-auth-ts.md` around lines 52 - 53, Replace the
hardcoded product name "Asgardeo" with the template variable {{ product_name }}
in the authorized redirect URL paragraph (the sentence that begins "The
**authorized redirect URL** defines the location Asgardeo sends users...").
Update that occurrence so the text reads "...the location {{ product_name }}
sends users to after a successful login..." to make the include file
product-agnostic.

---

1120-1122: ⚠️ Potential issue | 🔴 Critical

Add missing conditional logic for cross-product support.

Line 1122 always uses asgardeoJavaScriptClient but should conditionally select between asgardeoJavaScriptClient and identityServerJavaScriptClient based on product_name, consistent with the pattern in the LangChain and Google ADK sections.

🔧 Proposed fix

         authCodeResponse = await authCodePromise;
     
+    {% if product_name == "Asgardeo" %}
         const oboToken = await asgardeoJavaScriptClient.getOBOToken(agentConfig, authCodeResponse);
+    {% else %}
+        const oboToken = await identityServerJavaScriptClient.getOBOToken(agentConfig, authCodeResponse);
+    {% endif %}
     
         process.env.GOOGLE_GENERATIVE_AI_API_KEY = process.env.GOOGLE_API_KEY || "";

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@en/includes/quick-starts/agent-auth-ts.md` around lines 1120 - 1122, The code
always calls asgardeoJavaScriptClient.getOBOToken with authCodeResponse; update
this to follow the existing pattern and choose the client based on product_name:
if product_name indicates the IdentityServer product call
identityServerJavaScriptClient.getOBOToken(agentConfig, authCodeResponse),
otherwise call asgardeoJavaScriptClient.getOBOToken(agentConfig,
authCodeResponse); use the same conditional check used elsewhere in the file
(the product_name check used in the LangChain/Google ADK sections) and keep the
assigned variable name oboToken and authCodeResponse unchanged.

en/includes/quick-starts/agent-auth-py.md (1)

51-52: ⚠️ Potential issue | 🟡 Minor

Replace hardcoded product name with template variable.

Line 51 hardcodes "Asgardeo" but this include file is now shared between Asgardeo and Identity Server. The text should use {{ product_name }} for cross-product compatibility.

🔧 Proposed fix

 !!! Info
-    The **authorized redirect URL** defines the location Asgardeo sends users to after a successful login, typically the address of the client application that connects to the MCP server.
+    The **authorized redirect URL** defines the location {{ product_name }} sends users to after a successful login, typically the address of the client application that connects to the MCP server.
     In this guide, the AI agent behaves as the client, which consists of a lightweight OAuth 2.1 callback server running at `http://localhost:6274/oauth/callback` to capture the authorization code. So, we will use this URL as the authorized redirect for this guide.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@en/includes/quick-starts/agent-auth-py.md` around lines 51 - 52, The text
hardcodes "Asgardeo" in the quick-start include; replace the literal "Asgardeo"
with the template variable {{ product_name }} so the include (in
en/includes/quick-starts/agent-auth-py.md) is product-agnostic; update the
sentence that currently reads "Asgardeo sends users to..." to use {{
product_name }} instead and verify surrounding punctuation and spacing remain
correct (keep the OAuth callback URL unchanged).

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@en/includes/quick-starts/agent-auth-ts.md`:
- Line 1070: The instantiation uses the misspelled variable identityServrConfig;
update the constructor call in the AsgardeoJavaScriptClient creation to use the
correctly named variable (identityServerConfig) so the code references the same
configuration object defined earlier (search for AsgardeoJavaScriptClient and
identityServrConfig/identityServerConfig to update the reference).
- Line 883: The variable name is misspelled: replace the usage of
idenityServerJavaScriptClient in the getOBOToken call with the correctly
declared identityServerJavaScriptClient so the call reads
identityServerJavaScriptClient.getOBOToken(agentConfig, authCodeResponse);
ensure any other occurrences of idenityServerJavaScriptClient are corrected to
identityServerJavaScriptClient to match the declaration.
- Around line 1006-1011: Rename the misspelled variable identityServrConfig to
identityServerConfig; update the declaration and any usages to the correct
identifier (identityServerConfig) so it matches the naming pattern used
elsewhere and avoids reference errors in the configuration object containing
afterSignInUrl, clientId, and baseUrl.

---

Outside diff comments:
In `@en/includes/quick-starts/agent-auth-py.md`:
- Around line 51-52: The text hardcodes "Asgardeo" in the quick-start include;
replace the literal "Asgardeo" with the template variable {{ product_name }} so
the include (in en/includes/quick-starts/agent-auth-py.md) is product-agnostic;
update the sentence that currently reads "Asgardeo sends users to..." to use {{
product_name }} instead and verify surrounding punctuation and spacing remain
correct (keep the OAuth callback URL unchanged).

In `@en/includes/quick-starts/agent-auth-ts.md`:
- Around line 52-53: Replace the hardcoded product name "Asgardeo" with the
template variable {{ product_name }} in the authorized redirect URL paragraph
(the sentence that begins "The **authorized redirect URL** defines the location
Asgardeo sends users..."). Update that occurrence so the text reads "...the
location {{ product_name }} sends users to after a successful login..." to make
the include file product-agnostic.
- Around line 1120-1122: The code always calls
asgardeoJavaScriptClient.getOBOToken with authCodeResponse; update this to
follow the existing pattern and choose the client based on product_name: if
product_name indicates the IdentityServer product call
identityServerJavaScriptClient.getOBOToken(agentConfig, authCodeResponse),
otherwise call asgardeoJavaScriptClient.getOBOToken(agentConfig,
authCodeResponse); use the same conditional check used elsewhere in the file
(the product_name check used in the LangChain/Google ADK sections) and keep the
assigned variable name oboToken and authCodeResponse unchanged.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yml

Review profile: CHILL

Plan: Pro

Run ID: 8745b929-fd8a-4c12-a694-035b8eba1a70

📥 Commits

Reviewing files that changed from the base of the PR and between 755f8b9 and fb50ece.

📒 Files selected for processing (15)

• en/asgardeo/docs/quick-starts/mcp-auth-server.md
• en/identity-server/7.2.0/docs/quick-starts/agent-auth-py.md
• en/identity-server/7.2.0/docs/quick-starts/agent-auth-ts.md
• en/identity-server/7.2.0/docs/quick-starts/mcp-auth-server-py.md
• en/identity-server/7.2.0/docs/quick-starts/mcp-auth-server.md
• en/identity-server/7.2.0/mkdocs.yml
• en/identity-server/next/docs/quick-starts/agent-auth-py.md
• en/identity-server/next/docs/quick-starts/agent-auth-ts.md
• en/identity-server/next/docs/quick-starts/mcp-auth-server-py.md
• en/identity-server/next/docs/quick-starts/mcp-auth-server.md
• en/identity-server/next/mkdocs.yml
• en/includes/quick-starts/agent-auth-py.md
• en/includes/quick-starts/agent-auth-ts.md
• en/includes/quick-starts/mcp-auth-server-py.md
• en/includes/quick-starts/mcp-auth-server.md

✅ Files skipped from review due to trivial changes (11)

• en/asgardeo/docs/quick-starts/mcp-auth-server.md
• en/identity-server/next/docs/quick-starts/agent-auth-ts.md
• en/identity-server/next/docs/quick-starts/agent-auth-py.md
• en/includes/quick-starts/mcp-auth-server.md
• en/identity-server/7.2.0/mkdocs.yml
• en/identity-server/next/mkdocs.yml
• en/includes/quick-starts/mcp-auth-server-py.md
• en/identity-server/next/docs/quick-starts/mcp-auth-server.md
• en/identity-server/7.2.0/docs/quick-starts/mcp-auth-server-py.md
• en/identity-server/7.2.0/docs/quick-starts/mcp-auth-server.md
• en/identity-server/next/docs/quick-starts/mcp-auth-server-py.md

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (1)

en/identity-server/7.2.0/docs/quick-starts/agent-auth-ts.md (1)

6-7: Resolve Vale spelling warnings for valid technical terms.

const, what_you_will_learn, source_code, npm, and pnpm are expected here. Add valid terms to the Vale accepted vocabulary (or apply scoped ignore) so docs checks stay clean.

As per coding guidelines "Run Vale locally and resolve all warnings before finalizing documentation; if Vale flags a word as a spelling error, check if it is a legitimate product term, technical term, or widely accepted term and add it to .vale/styles/config/vocabularies/vocab/accept.txt if valid, otherwise fix the spelling".

Also applies to: 17-17, 21-21

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@en/identity-server/7.2.0/docs/quick-starts/agent-auth-ts.md` around lines 6 -
7, Add the legitimate technical terms flagged by Vale to the project's accepted
vocabulary: update the .vale/styles/config/vocabularies/vocab/accept.txt to
include "const", "what_you_will_learn", "source_code", "npm", and "pnpm" (or
apply a scoped ignore if you prefer) so the document metadata (const meta and
its what_you_will_learn entries) no longer trigger Vale spelling warnings;
ensure entries are added as individual lines matching Vale's vocab format and
then re-run Vale to confirm warnings are resolved.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@en/identity-server/7.2.0/docs/quick-starts/agent-auth-py.md`:
- Around line 5-23: Vale is flagging JavaScript identifiers inside the <script>
block (e.g., const, what_you_will_learn, source_code) as false positives; fix
this by adding those identifiers (const, what_you_will_learn, source_code) to
the vocabulary accept list at .vale/styles/config/vocabularies/vocab/accept.txt
or alternatively update the Vale config to ignore <script> tags (HTML/MDX)
during linting so the script block is excluded from prose checks.

In `@en/identity-server/7.2.0/docs/quick-starts/agent-auth-ts.md`:
- Line 21: The anchor HTML in the source_code string ("<a
href='https://github.com/wso2/iam-ai-samples/tree/main/agent-identity/typescript'
target='_blank' class='github-icon'>Agent-Auth TypeScript Sample</a>") opens in
a new tab without rel; update that anchor to include rel='noopener noreferrer'
to prevent reverse-tabnabbing by adding the rel attribute on the same tag.

---

Nitpick comments:
In `@en/identity-server/7.2.0/docs/quick-starts/agent-auth-ts.md`:
- Around line 6-7: Add the legitimate technical terms flagged by Vale to the
project's accepted vocabulary: update the
.vale/styles/config/vocabularies/vocab/accept.txt to include "const",
"what_you_will_learn", "source_code", "npm", and "pnpm" (or apply a scoped
ignore if you prefer) so the document metadata (const meta and its
what_you_will_learn entries) no longer trigger Vale spelling warnings; ensure
entries are added as individual lines matching Vale's vocab format and then
re-run Vale to confirm warnings are resolved.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yml

Review profile: CHILL

Plan: Pro

Run ID: a6fb7ccb-f92a-4495-8b17-ecc1868a9fe1

📥 Commits

Reviewing files that changed from the base of the PR and between 461f41d and 1440b0f.

📒 Files selected for processing (9)

• en/identity-server/7.2.0/docs/quick-starts/agent-auth-py.md
• en/identity-server/7.2.0/docs/quick-starts/agent-auth-ts.md
• en/identity-server/7.2.0/docs/quick-starts/mcp-auth-server-py.md
• en/identity-server/7.2.0/docs/quick-starts/mcp-auth-server.md
• en/identity-server/next/docs/quick-starts/agent-auth-py.md
• en/identity-server/next/docs/quick-starts/agent-auth-ts.md
• en/identity-server/next/docs/quick-starts/mcp-auth-server-py.md
• en/identity-server/next/docs/quick-starts/mcp-auth-server.md
• en/includes/quick-starts/mcp-auth-server.md

✅ Files skipped from review due to trivial changes (7)

• en/includes/quick-starts/mcp-auth-server.md
• en/identity-server/next/docs/quick-starts/agent-auth-py.md
• en/identity-server/next/docs/quick-starts/mcp-auth-server.md
• en/identity-server/next/docs/quick-starts/agent-auth-ts.md
• en/identity-server/next/docs/quick-starts/mcp-auth-server-py.md
• en/identity-server/7.2.0/docs/quick-starts/mcp-auth-server.md
• en/identity-server/7.2.0/docs/quick-starts/mcp-auth-server-py.md