Document Datadog Apps OAuth support#37653
Conversation
Preview links (active after the
|
| ``` | ||
| 2. Open the URL shown in the terminal (for example, `http://localhost:5173/`) to preview your app. | ||
|
|
||
| When the dev server needs to call Datadog, such as when running a backend function locally, it uses OAuth by default. If authorization is required, the command opens a browser prompt. After authorization completes, the token is cached in your operating system credential store when supported. |
There was a problem hiding this comment.
Is it worth mentioning if it's not supported?
| When the dev server needs to call Datadog, such as when running a backend function locally, it uses OAuth by default. If authorization is required, the command opens a browser prompt. After authorization completes, the token is cached in your operating system credential store when supported. | |
| When the dev server needs to call Datadog, such as when running a backend function locally, it uses OAuth by default. If authorization is required, the command opens a browser prompt. After authorization completes, the token is cached in your operating system credential store. |
There was a problem hiding this comment.
Sounds good. Its a bit nuanced when it isn't supported. Essentially the scaffolding command we provide will set them up properly so it will work with their operating system credential store, but if they choose to integrate the Datadog Apps build plugin we provide. They will need to make sure they install the optional plugin @napi-rs/keyring, but I feel like this is too in the weeds. Since the docs reference using the scaffolding command we can just leave out the part about "when supported". I'll make the change.
|
|
||
| To automatically upload your app on every push to the `main` branch, use the [`DataDog/apps-github-action`][11] GitHub Action. This action builds your app and uploads it to Datadog. | ||
|
|
||
| CI/CD uploads should use API and application key authentication. Create a Datadog API key and an application key with [Actions API Access][5] enabled, then store them as GitHub secrets. |
There was a problem hiding this comment.
Is this a requirement or a suggestion/recommendation? If it's "should" can you add what the exception would be?
| CI/CD uploads should use API and application key authentication. Create a Datadog API key and an application key with [Actions API Access][5] enabled, then store them as GitHub secrets. | |
| CI/CD uploads require API and application key authentication. Create a Datadog API key and an application key with [Actions API Access][5] enabled, then store them as GitHub secrets. |
There was a problem hiding this comment.
Good call. I'll make the change.
| node --version | ||
| ``` | ||
| - A Datadog **API key** and an **application key** with [Actions API Access][5] enabled. For instructions on creating keys, see [API and Application Keys][6]. | ||
| - For local development and uploads, the generated app uses Datadog OAuth by default. The first command that needs Datadog access opens a browser authorization flow and caches the OAuth token for later use. |
There was a problem hiding this comment.
Recommend moving this bullet point since it's not necessarily a prereq. I moved it to the "Develop your app locally" section, but let me know if you think it belongs somewhere else.
| - For local development and uploads, the generated app uses Datadog OAuth by default. The first command that needs Datadog access opens a browser authorization flow and caches the OAuth token for later use. |
There was a problem hiding this comment.
That is a good callout. This bullet doesn't really feel like a prerequisites. I don't think this line should appear here. My only concern about moving it to Develop your app locally is that the Oauth information is relevent to both local developement and also uploading your app. Its probably good enough though. I'll make the change.
|
|
||
| 2. Start the development server: | ||
|
|
||
| 1. Start the development server: |
There was a problem hiding this comment.
| 1. Start the development server: | |
| **Note**: For local development and uploads, the generated app uses Datadog OAuth by default. The first command that needs Datadog access opens a browser authorization flow and caches the OAuth token for later use. | |
| 1. Start the development server: |
| ``` | ||
| - A Datadog **API key** and an **application key** with [Actions API Access][5] enabled. For instructions on creating keys, see [API and Application Keys][6]. | ||
| - For local development and uploads, the generated app uses Datadog OAuth by default. The first command that needs Datadog access opens a browser authorization flow and caches the OAuth token for later use. | ||
| - Optional: A Datadog **API key** and an **application key** with [Actions API Access][5] enabled. If both `DD_API_KEY` and `DD_APP_KEY` are set, the generated app uses API and application key authentication instead of OAuth. API and application keys are also required for API-key-backed build telemetry, such as build metrics and Error Tracking sourcemap uploads. For instructions, see [API and Application Keys][6]. |
There was a problem hiding this comment.
Suggestion removing details about the override since it's mentioned in the body.
| - Optional: A Datadog **API key** and an **application key** with [Actions API Access][5] enabled. If both `DD_API_KEY` and `DD_APP_KEY` are set, the generated app uses API and application key authentication instead of OAuth. API and application keys are also required for API-key-backed build telemetry, such as build metrics and Error Tracking sourcemap uploads. For instructions, see [API and Application Keys][6]. | |
| - Optional: A Datadog **API key** and an **application key** with [Actions API Access][5] enabled. Required for API-key-backed build telemetry (build metrics and Error Tracking sourcemap uploads) and for CI/CD uploads. For instructions, see [API and Application Keys][6]. |
There was a problem hiding this comment.
Sounds good. I'll make the change 👍
2 participants
What does this PR do? What is the motivation?
Documents OAuth support for Datadog Apps local development and uploads.
The Datadog Apps scaffold uses OAuth by default for
npm run devandnpm run uploadwhen API and application keys are not configured. This update removes the requirement to create API and application keys before trying the local development flow.Merge readiness
AI assistance
Used Codex to draft the documentation update and check the README and contribution guidelines. The changes were reviewed against the repository style guidance before opening the draft PR.
Additional notes
Validation performed locally:
git diff --checkvaleis not installed in this local shell, so I could not run the style linter before opening this draft.No DOCS ticket key is available for the PR title yet.