feat(docs): document SDK v0.16.0 changes

[marythought]

Summary

Documents user-facing changes from the SDK v0.16.0 release:

• KAS error classification (breaking change): New ErrKASRequestError sentinel distinguishes misconfiguration from tamper. Adds migration guide with error classification table and code snippet for Go SDK consumers who check ErrTampered. (opentdf/platform#3166)
• OIDC trailing-slash issuer fix: Troubleshooting entry for unexpected end of JSON input during OIDC discovery with IDPs like Authentik that use trailing-slash issuer URLs. (opentdf/platform#3261)
• GetObligationTrigger RPC: New collapsible section with Go/JS signatures, parameters, and examples — follows the existing Add/List/Remove trigger pattern. (opentdf/platform#3318)
• SDK version annotations: New methods now include an Available since SDK vX.Y.Z note after the signature block, linking to the release

Test plan

• npx docusaurus build succeeds
• vale passes with 0 errors/warnings/suggestions
• Verify Surge preview renders all three sections correctly

🤖 Generated with Claude Code

[coderabbitai]

Warning

Rate limit exceeded

@marythought has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 46 minutes and 20 seconds before requesting another review.

Your organization is not enrolled in usage-based pricing. Contact your admin to enable usage-based pricing to continue reviews beyond the rate limit, or try again in 46 minutes and 20 seconds.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 11b062e4-ce7b-4377-92c0-55a0ed7d2275

📥 Commits

Reviewing files that changed from the base of the PR and between a4b3802 and 71bc3c1.

📒 Files selected for processing (2)

• docs/sdks/obligations.mdx
• docs/sdks/troubleshooting.mdx

📝 Walkthrough

Walkthrough

Documentation expanded with two additions: API reference for GetObligationTrigger operation across Go and JavaScript SDKs, and troubleshooting guides addressing OIDC Discovery issuer URL handling and KAS error classification changes in Go SDK v0.16.0+.

Changes

Cohort / File(s)	Summary
SDK API Documentation docs/sdks/obligations.mdx	Added GetObligationTrigger method documentation for Go and JavaScript SDKs with request/response examples and parameter specifications.
Troubleshooting Guides docs/sdks/troubleshooting.mdx	Added two sections: OIDC Discovery trailing-slash issuer error resolution and KAS error classification changes in v0.16.0+ with migration guidance.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~5 minutes

Possibly related PRs

• chore(docs): restructure Policy page and extract Obligations #281: Relates to Obligation Trigger operations documentation and SDK obligations page updates.

Suggested reviewers

• elizabethhealy
• jp-ayyappan

Poem

🐰 Hops through docs with glee so bright,
New triggers shine with clarity's light,
OIDC slashes smoothed with care,
KAS errors mapped beyond compare,
Our SDK paths now crystal clear,
Documentation's finest year! ✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly describes the main objective of the changeset: documenting SDK v0.16.0 changes across three sections (KAS error classification, OIDC trailing-slash fix, and GetObligationTrigger RPC).
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch docs/sdk-v0.16.0-updates

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Code Review

This pull request updates the SDK documentation by adding a 'Get an Obligation Trigger' section to the obligations guide and two new troubleshooting entries regarding OIDC discovery issues and KAS error classification changes in Go SDK v0.16.0. Feedback suggests clarifying whether the OIDC fix applies to non-Go SDKs and improving consistency in the error classification table by adding the 'sdk.' prefix to sentinel names.

[coderabbitai]

🧹 Nitpick comments (1)

docs/sdks/troubleshooting.mdx (1)

36-38: Scope the affected SDK explicitly in the cause text.

Line 36 says “SDK versions before v0.16.0,” but this fix appears Go-specific (Line 38). Please explicitly state “Go SDK versions before v0.16.0” in the cause section to avoid ambiguity for JavaScript/Java readers.

Suggested wording

-**Cause**: Some identity providers (e.g., [Authentik](https://goauthentik.io/)) include a trailing slash in their OIDC issuer URL (e.g., `https://idp.example/app/`). SDK versions before v0.16.0 concatenated this with `/.well-known/openid-configuration`, producing a double-slash URL that returned a redirect instead of JSON.
+**Cause**: Some identity providers (e.g., [Authentik](https://goauthentik.io/)) include a trailing slash in their OIDC issuer URL (e.g., `https://idp.example/app/`). **Go SDK versions before v0.16.0** concatenated this with `/.well-known/openid-configuration`, producing a double-slash URL that returned a redirect instead of JSON.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@docs/sdks/troubleshooting.mdx` around lines 36 - 38, Change the ambiguous
phrase "SDK versions before v0.16.0" in the Cause section to explicitly read "Go
SDK versions before v0.16.0" so readers of other SDK docs (JS/Java) won't be
confused; likewise ensure the Solution line that mentions url.JoinPath remains
or is clarified to reference the Go SDK (e.g., keep "Go SDK v0.16.0+" and the
mention of url.JoinPath) so both the Cause and Solution consistently identify
the Go SDK.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@docs/sdks/troubleshooting.mdx`:
- Around line 36-38: Change the ambiguous phrase "SDK versions before v0.16.0"
in the Cause section to explicitly read "Go SDK versions before v0.16.0" so
readers of other SDK docs (JS/Java) won't be confused; likewise ensure the
Solution line that mentions url.JoinPath remains or is clarified to reference
the Go SDK (e.g., keep "Go SDK v0.16.0+" and the mention of url.JoinPath) so
both the Cause and Solution consistently identify the Go SDK.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 8bda6d3e-8158-4bd6-a185-254cb7ce5e1c

📥 Commits

Reviewing files that changed from the base of the PR and between a8d4f50 and a4b3802.

📒 Files selected for processing (2)

• docs/sdks/obligations.mdx
• docs/sdks/troubleshooting.mdx

[github-actions]

📄 Preview deployed to https://opentdf-docs-pr-302.surge.sh