Skip to content

feat: Adopter Stories#1279

Closed
aaguiarz wants to merge 13 commits into
mainfrom
feat/adopters-stories
Closed

feat: Adopter Stories#1279
aaguiarz wants to merge 13 commits into
mainfrom
feat/adopters-stories

Conversation

@aaguiarz

@aaguiarz aaguiarz commented Jun 8, 2026

Copy link
Copy Markdown
Member

Description

What problem is being solved?

How is it being solved?

What changes are made to solve it?

References

Review Checklist

  • I have clicked on "allow edits by maintainers".
  • I have added documentation for new/changed functionality in this PR or in a PR to openfga.dev [Provide a link to any relevant PRs in the references section above]
  • The correct base branch is being used, if not main
  • I have added tests to validate that the change in functionality is working as expected

Summary by CodeRabbit

  • Documentation

    • Added eight new adopter case studies from production implementations
    • Added industry-specific authorization guides for Healthcare, Banking, E-commerce, HR, CRM, LMS, and Applicant Tracking
    • Added authorization learning materials covering ReBAC, RBAC, ABAC, Zanzibar, and Policy Engines
    • Added implementation guides for AI agents, RAG systems, microservices, and multi-tenant SaaS
    • Updated configuration documentation to latest version
  • Improvements

    • Enhanced website accessibility and SEO structure

aaguiarz added 13 commits May 20, 2026 23:01
- Add per-page meta descriptions (140-160 chars) on key pages
- Retitle authorization-concepts page for SEO
- Fix homepage H1 by removing SVG <title> leak (HeroLogo)
- Install @stackql/docusaurus-plugin-structured-data
- Emit Organization (CNCF/Linux Foundation), WebSite + SearchAction,
  BreadcrumbList, and SoftwareApplication JSON-LD
- Add FAQPage JSON-LD to authorization-concepts (7 entries)
- Add HowTo JSON-LD to getting-started overview (9 steps)
Copilot AI review requested due to automatic review settings June 8, 2026 21:51
@aaguiarz aaguiarz requested review from a team as code owners June 8, 2026 21:51
@aaguiarz aaguiarz closed this Jun 8, 2026
@coderabbitai

coderabbitai Bot commented Jun 8, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 2498c47c-4a86-429e-b45d-7b4615ccb9a1

📥 Commits

Reviewing files that changed from the base of the PR and between dfec4e6 and 1f4f731.

📒 Files selected for processing (49)
  • blog/fine-grained-news-2024-10.md
  • docs/content/adopters/agicap.mdx
  • docs/content/adopters/docker.mdx
  • docs/content/adopters/grafana.mdx
  • docs/content/adopters/headspace.mdx
  • docs/content/adopters/openlane.mdx
  • docs/content/adopters/overview.mdx
  • docs/content/adopters/read-ai.mdx
  • docs/content/adopters/vitrolife.mdx
  • docs/content/adopters/zuplo.mdx
  • docs/content/authorization-concepts.mdx
  • docs/content/getting-started/overview.mdx
  • docs/content/getting-started/setup-openfga/configuration.mdx
  • docs/content/industries/applicant-tracking-system.mdx
  • docs/content/industries/banking.mdx
  • docs/content/industries/crm.mdx
  • docs/content/industries/ecommerce.mdx
  • docs/content/industries/healthcare.mdx
  • docs/content/industries/human-resources.mdx
  • docs/content/industries/lms.mdx
  • docs/content/industries/overview.mdx
  • docs/content/intro.mdx
  • docs/content/learn/abac-vs-rebac.mdx
  • docs/content/learn/fine-grained-authorization.mdx
  • docs/content/learn/overview.mdx
  • docs/content/learn/policy-engine.mdx
  • docs/content/learn/rbac-vs-rebac.mdx
  • docs/content/learn/rebac.mdx
  • docs/content/learn/zanzibar.mdx
  • docs/content/modeling/agents/mcp-authorization.mdx
  • docs/content/modeling/agents/overview.mdx
  • docs/content/modeling/agents/rag-authorization.mdx
  • docs/content/use-cases/ai-agent-authorization.mdx
  • docs/content/use-cases/mcp-server-authorization.mdx
  • docs/content/use-cases/microservices-authorization.mdx
  • docs/content/use-cases/multi-tenant-saas.mdx
  • docs/content/use-cases/overview.mdx
  • docs/content/use-cases/rag-authorization.mdx
  • docs/sidebars.js
  • docusaurus.config.js
  • scripts/generate-llms-txt.mjs
  • src/features/LandingPage/FeaturesSection/index.tsx
  • src/features/LandingPage/HeroHeader/HeroLogo.tsx
  • src/features/LandingPage/HeroHeader/index.tsx
  • src/pages/index.tsx
  • src/theme/NotFound.tsx
  • src/theme/Root.tsx
  • static/llms.txt
  • static/robots.txt

Walkthrough

This PR substantially expands OpenFGA's documentation with adopter case studies, industry-specific authorization guides, learning resources on authorization concepts, and use-case patterns. It also enhances site SEO through JSON-LD structured data, breadcrumbs, and robots.txt, reorganizes navigation with new sidebar sections, and improves frontend accessibility via ARIA attributes and secure link attributes.

Changes

Documentation Content Expansion

Layer / File(s) Summary
Adopter case studies
docs/content/adopters/*.mdx
Eight adopter case studies (Agicap, Docker, Grafana, Headspace, OpenLane, Read AI, Vitrolife, Zuplo) documenting real-world OpenFGA deployments with architecture details and outcomes; adopters overview page links all studies and highlights common characteristics.
Industry-specific authorization guides
docs/content/industries/*.mdx
Seven new industry guides (Healthcare, Banking, E-commerce, Human Resources, CRM, LMS, Applicant Tracking System) explain fine-grained authorization modeling for sector-specific use cases; industries overview curates the list and emphasizes model variation by domain.
Authorization learning pages
docs/content/learn/*.mdx
Six new learning pages introduce authorization concepts (Zanzibar, ReBAC, RBAC vs. ReBAC, ABAC vs. ReBAC, Fine-Grained Authorization, Policy Engines vs. Relationship Engines) with comparisons and decision guidance; learn overview organizes all topics.
Use-case application patterns
docs/content/use-cases/*.mdx
Five new use-case pages (Microservices Authorization, Multi-tenant SaaS, RAG Authorization, MCP Server Authorization, AI Agent Authorization) provide modeling patterns and code examples; use-cases overview groups application authorization scenarios.
Concepts update and agent modeling
docs/content/authorization-concepts.mdx, docs/content/modeling/agents/*.mdx
Authorization-concepts.mdx adds FAQ JSON-LD and rewrites content with cross-links to new learning pages; agent modeling overview, RAG authorization, and MCP authorization pages update frontmatter descriptions to clarify patterns.
Sidebar navigation and intro links
docs/sidebars.js, docs/content/intro.mdx
Four new collapsed sidebar categories (Industries, Use Cases, Adopters, Learn) organize the expanded documentation; intro.mdx related-links array extended with the three new section entries.

SEO, Metadata, and Site Configuration

Layer / File(s) Summary
JSON-LD structured data
docs/content/authorization-concepts.mdx, docs/content/getting-started/overview.mdx, src/pages/index.tsx, src/theme/Root.tsx
FAQ JSON-LD added to authorization-concepts, HowTo JSON-LD added to getting-started overview, SoftwareApplication/SoftwareSourceCode schema injected on home page, and dynamic BreadcrumbList JSON-LD generated per pathname in Root component.
Robots access and crawl control
static/robots.txt, src/theme/Root.tsx, static/llms.txt
New robots.txt grants crawl access to all bots and specifies sitemap URL; Root component sets noindex meta tag for blog fine-grained-news pages; llms.txt reorganized with updated link structure and new navigation sections.
Frontend accessibility and link security
src/features/LandingPage/HeroHeader/HeroLogo.tsx, src/features/LandingPage/HeroHeader/index.tsx, src/features/LandingPage/FeaturesSection/index.tsx, src/theme/NotFound.tsx
HeroLogo SVG adds aria-hidden and removes embedded title element; HeroHeader h1 gains visually-hidden "OpenFGA" span for screen readers; external links throughout site updated with target="_blank" and rel="noopener noreferrer".
Docusaurus configuration
docusaurus.config.js
Enables showLastUpdateTime preset option and reorganizes metadata array to add og:type and Twitter card tags alongside existing og:image for improved social sharing.
Documentation URL generation via slugs
scripts/generate-llms-txt.mjs
Enhanced to parse frontmatter slug metadata from MDX files, build docUrlMap, and update function signatures to use slug-derived URLs in generated links instead of doc ID paths.
Configuration documentation
docs/content/getting-started/setup-openfga/configuration.mdx
Version reference updated from v1.8.9 to v1.16.0; configuration options table expanded with new rows for resolution limits, ListObjects/ListUsers timeouts, ReadChanges paging, experimentals, AuthZEN settings, datastore secondary connections, OTLP tracing, cache/throttling controls, and planner tuning.
Blog update
blog/fine-grained-news-2024-10.md
Adds closing paragraph inviting readers to share feedback and OpenFGA adoption stories via community channels.

🎯 4 (Complex) | ⏱️ ~60 minutes

Possibly Related PRs

  • openfga/openfga.dev#1271: Overlaps on JSON-LD/SEO additions, breadcrumb implementation, sidebar updates, and robots.txt/llms.txt restructuring.
  • openfga/openfga.dev#1072: Related through script/generate-llms-txt.mjs slug-based URL generation feature introduced earlier.
  • openfga/openfga.dev#1241: Touches the same configuration.mdx documentation and llms.txt/sidebar navigation areas.

Suggested Reviewers

  • rhamzeh
  • dyeam0
  • tylernix
✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch feat/adopters-stories
⚔️ Resolve merge conflicts
  • Resolve merge conflict in branch feat/adopters-stories

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Note

Copilot was unable to run its full agentic suite in this review.

Adds SEO/crawlability improvements and expands documentation content/structure for OpenFGA docs and landing pages.

Changes:

  • Added robots.txt + expanded llms.txt content, and updated llms.txt generation to respect doc frontmatter slugs.
  • Added structured data (JSON-LD) for site, breadcrumbs, software app, and select docs pages; added targeted noindex for time-sensitive blog posts.
  • Expanded docs IA with new “Learn”, “Use Cases”, “Industries”, and “Adopters” sections and updated sidebars/links accordingly.

Reviewed changes

Copilot reviewed 48 out of 49 changed files in this pull request and generated 3 comments.

Show a summary per file
File Description
static/robots.txt Introduces crawler directives and sitemap reference.
static/llms.txt Updates generated documentation map and adds new sections/links for LLM consumption.
src/theme/Root.tsx Adds JSON-LD (site + breadcrumbs) and noindex for specific blog posts.
src/theme/NotFound.tsx Hardens external link by adding rel="noopener noreferrer".
src/pages/index.tsx Adds Software/SourceCode JSON-LD and updates landing page meta description.
src/features/LandingPage/HeroHeader/index.tsx Improves H1 accessibility by adding visually-hidden “OpenFGA” text.
src/features/LandingPage/HeroHeader/HeroLogo.tsx Makes logo decorative for screen readers (aria-hidden) and removes <title>.
src/features/LandingPage/FeaturesSection/index.tsx Adds rel="noopener noreferrer" to external links opened in new tabs.
scripts/generate-llms-txt.mjs Builds a docID→URL map using frontmatter slug and generates updated llms.txt sections.
docusaurus.config.js Enables docs “last update time” and enhances OG/Twitter metadata.
docs/sidebars.js Adds new sidebar categories: Industries, Use Cases, Adopters, Learn.
docs/content/use-cases/rag-authorization.mdx Adds new “RAG Authorization” use case page.
docs/content/use-cases/overview.mdx Adds Use Cases landing page.
docs/content/use-cases/multi-tenant-saas.mdx Adds “Multi-Tenant SaaS Authorization” use case page.
docs/content/use-cases/microservices-authorization.mdx Adds “Microservices Authorization” use case page.
docs/content/use-cases/mcp-server-authorization.mdx Adds “MCP Server Authorization” use case page.
docs/content/use-cases/ai-agent-authorization.mdx Adds “AI Agent Authorization” use case page.
docs/content/modeling/agents/rag-authorization.mdx Updates description for SEO/clarity.
docs/content/modeling/agents/overview.mdx Updates description for SEO/clarity.
docs/content/modeling/agents/mcp-authorization.mdx Updates description for SEO/clarity.
docs/content/learn/zanzibar.mdx Adds new Learn page about Zanzibar.
docs/content/learn/rebac.mdx Adds new Learn page about ReBAC.
docs/content/learn/rbac-vs-rebac.mdx Adds new Learn comparison page.
docs/content/learn/policy-engine.mdx Adds new Learn page comparing policy vs relationship engines.
docs/content/learn/overview.mdx Adds Learn landing page.
docs/content/learn/fine-grained-authorization.mdx Adds new Learn page about fine-grained authorization.
docs/content/learn/abac-vs-rebac.mdx Adds new Learn comparison page.
docs/content/intro.mdx Expands intro resources to include Use Cases/Industries/Learn.
docs/content/industries/overview.mdx Adds Industries landing page.
docs/content/industries/lms.mdx Adds LMS/EdTech industry page.
docs/content/industries/human-resources.mdx Adds HR/HRIS industry page.
docs/content/industries/healthcare.mdx Adds Healthcare industry page.
docs/content/industries/ecommerce.mdx Adds E-commerce industry page.
docs/content/industries/crm.mdx Adds CRM industry page.
docs/content/industries/banking.mdx Adds Banking/Fintech industry page.
docs/content/industries/applicant-tracking-system.mdx Adds ATS/Recruiting industry page.
docs/content/getting-started/setup-openfga/configuration.mdx Updates server config options reference to newer OpenFGA version/options.
docs/content/getting-started/overview.mdx Adds structured data (HowTo JSON-LD) and improves page description.
docs/content/authorization-concepts.mdx Adds FAQPage JSON-LD and rewrites/updates conceptual content + links.
docs/content/adopters/zuplo.mdx Adds Zuplo adopter case study page.
docs/content/adopters/vitrolife.mdx Adds Vitrolife adopter case study page.
docs/content/adopters/read-ai.mdx Adds Read AI adopter case study page.
docs/content/adopters/overview.mdx Adds Adopters landing page.
docs/content/adopters/openlane.mdx Adds OpenLane adopter case study page.
docs/content/adopters/headspace.mdx Adds Headspace adopter case study page.
docs/content/adopters/grafana.mdx Adds Grafana Labs adopter case study page.
docs/content/adopters/docker.mdx Adds Docker adopter case study page.
docs/content/adopters/agicap.mdx Adds Agicap adopter case study page.
blog/fine-grained-news-2024-10.md Minor formatting/indentation fix.
Comments suppressed due to low confidence (6)

src/theme/Root.tsx:1

  • Inline <script> tags will be blocked by a typical CSP unless script-src allows inline scripts (via unsafe-inline) or the scripts carry an allowed nonce/hash. Since this component explicitly sets a CSP meta tag, these JSON-LD scripts may silently not execute in production; consider adding a nonce to these script tags and ensuring the CSP includes it (preferred), or otherwise adjusting CSP in a controlled way.
    src/theme/Root.tsx:1
  • The word-splitting logic mixes underscore replacement with hyphen splitting (replace(/[_]+/g, ' ').split('-')), which yields tokens containing spaces (e.g., fine_grained becomes a single token \"fine grained\"). That produces incorrect breadcrumb names like \"Fine grained\" instead of \"Fine Grained\". Consider normalizing both _ and - to spaces and splitting on whitespace (or splitting on both delimiters) before applying title-casing.
    src/theme/Root.tsx:1
  • If siteConfig.url is configured with a trailing slash (common in some Docusaurus setups), item URLs will contain a double slash (e.g., https://openfga.dev//docs/...). Normalize siteUrl (trim trailing /) before interpolating, or use a URL join helper to ensure canonical breadcrumb URLs.
    src/pages/index.tsx:1
  • Injecting JSON into a <script> tag is safer if you escape < (and ideally guard against </script> substrings) to prevent accidental script-tag termination if any fields ever become data-driven. Root.tsx already uses .replace(/</g, '\\\\u003c') for this; consider applying the same escaping here for consistency and defense-in-depth.
    scripts/generate-llms-txt.mjs:1
  • The frontmatter parser hard-codes \\n line endings, so it will fail to detect frontmatter on files using CRLF (\\r\\n). That will silently drop slug overrides and generate incorrect URLs. Consider updating the regex to accept \\r?\\n and/or using a small frontmatter parser to robustly handle common formatting variations.
    src/features/LandingPage/HeroHeader/index.tsx:1
  • The inline visually-hidden style block is a fairly standard sr-only pattern and is likely to be reused elsewhere. Consider moving this to a shared CSS utility class (or an existing sr-only class if the site already has one) to reduce duplication and make future accessibility tweaks easier.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment on lines +88 to +90
Fine-Grained Authorization (FGA) means deciding access at the level of the individual resource and action — *"Alice can edit document-42"*, not just *"Alice is an editor"*. Well-designed FGA systems handle millions of objects and users with permissions that change rapidly, like Google Drive's per-document and per-folder sharing.

A notable example of FGA is Google Drive: access can be granted either to documents or to folders, as well as to individual users or users as a group, and access rights regularly change as new documents are created and shared with specific users or groups.
See [Fine-Grained Authorization](./learn/fine-grained-authorization.mdx) for the full explanation.
Comment on lines +94 to +96
In [Role-Based Access Control](https://en.wikipedia.org/wiki/Role-based_access_control) (RBAC), permissions are assigned to users based on roles like `editor` or `admin`. RBAC fits flat, single-tenant access models but breaks down with hierarchy, sharing, or multi-tenancy.

RBAC systems enable you to define users, groups, roles, and permissions, then store them in a centralized location. Applications access that information to make authorization decisions.
See [RBAC vs. ReBAC](./learn/rbac-vs-rebac.mdx) for when roles run out and how <ProductName format={ProductNameFormat.ShortForm}/> models RBAC cleanly.
Comment on lines +100 to +102
In [Attribute-Based Access Control](https://en.wikipedia.org/wiki/Attribute-based_access_control) (ABAC), permissions are granted based on attributes of the user, resource, or request — for example, a user with `marketing` and `manager` attributes can publish marketing posts. ABAC implementations typically pull attributes from multiple sources at decision time.

Applications implementing ABAC need to retrieve information stored in multiple data sources - like RBAC services, user directories, and application-specific data sources - to make authorization decisions.
See [ABAC vs. ReBAC](./learn/abac-vs-rebac.mdx) for how the two combine.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants