feat(docs): add Authorization REST API integration guide

[marythought]

Summary

• Adds a new guide at /guides/authorization-rest-api showing how to call the OpenTDF Authorization Service directly over HTTP, without an SDK
• Targets server-side integrators using Node.js, Python, Ruby, or any language without an OpenTDF SDK
• Covers authentication (OIDC client credentials), health checks, GetDecision, GetDecisionBulk, GetEntitlements, attribute FQN construction, entity identifiers, batching strategies, and production best practices
• Follows existing guide conventions (mermaid diagrams, tabbed code examples, admonitions, production checklist)

Context

Rocket.Chat PR #39845 built a full Virtru PDP integration by hand-rolling ~200 lines of HTTP calls. The existing authorization docs cover SDK usage only — this guide fills the gap for server-side REST API consumers.

Test plan

• Dev server renders the page at /guides/authorization-rest-api
• Mermaid sequence diagram renders
• Tab components (curl / TypeScript / Python) work
• Cross-links to /sdks/authorization, /sdks/obligations, /guides/authentication-guide resolve
• Page appears in the Guides sidebar section

🤖 Generated with Claude Code

[gemini-code-assist]

Code Review

This pull request introduces a comprehensive guide for the Authorization REST API, covering authentication, health checks, and core service endpoints with examples in multiple languages. The review feedback identifies a technical inaccuracy regarding the JSON structure for JWT-based entity identifiers and suggests using versioned REST paths for legacy v1 endpoints to maintain consistency with the OpenAPI specification.

[github-actions]

❌ Surge preview build failed — no preview was deployed. Check the workflow logs for details.

Once the build passes, the preview will be at: https://opentdf-docs-pr-285.surge.sh

Common cause: If the build failed on vendored YAML validation, run the following locally and commit the result:

npm run update-vendored-yaml
git add specs/
git commit -m "chore(deps): update vendored OpenAPI specs"

[github-actions]

❌ Surge preview build failed — no preview was deployed. Check the workflow logs for details.

Once the build passes, the preview will be at: https://opentdf-docs-pr-285.surge.sh

Common cause: If the build failed on vendored YAML validation, run the following locally and commit the result:

npm run update-vendored-yaml
git add specs/
git commit -m "chore(deps): update vendored OpenAPI specs"

[KevLehman]

Great docs!

[coderabbitai]

Warning

Rate limit exceeded

@marythought has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 59 minutes and 28 seconds before requesting another review.

To keep reviews running without waiting, you can enable usage-based add-on for your organization. This allows additional reviews beyond the hourly cap. Account admins can enable it under billing.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 9d56931f-6144-40a4-a441-e6eb1394ca3a

📥 Commits

Reviewing files that changed from the base of the PR and between a82f860 and 864728d.

📒 Files selected for processing (1)

• docs/guides/authorization-rest-api.mdx

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch worktree-DSPX-2802-rest-api-guide

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[jakedoublev]

These enhancements are really great. I have a couple pieces of feedback before we merge.