chore: remove webhook auth docs that are not in 1.6

[aimurphy]

Remove the webhook_auth documentation that is not in v 1.6

Summary by CodeRabbit

• Documentation
  • Removed guidance on enabling API key authentication for webhook endpoints.
  • Deleted the “Require authentication for webhooks” section and related explanatory text.
  • Updated configuration documentation to omit references to the LANGFLOW_WEBHOOK_AUTH_ENABLE environment variable.
  • Consolidated webhook documentation to reflect current behavior and configuration paths.

[coderabbitai]

Walkthrough

Removes documentation instructing the use of the LANGFLOW_WEBHOOK_AUTH_ENABLE environment variable for webhook API key authentication and deletes the “Require authentication for webhooks” section. No code or public API changes; edits are limited to documentation text.

Changes

Cohort / File(s)	Summary
Docs: API keys & authentication docs/docs/Configuration/api-keys-and-authentication.mdx	Removed sentence advising use of LANGFLOW_WEBHOOK_AUTH_ENABLE to require API key authentication for flow webhook endpoints.
Docs: Webhook guide docs/docs/Develop/webhook.mdx	Deleted the “Require authentication for webhooks” section and related explanatory text on default behavior and enabling API key auth for webhooks.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Possibly related PRs

• docs: Revise some content related to flow triggers, including the webhook trigger process and some /run endpoint examples. #8880 — Also edits webhook docs and discusses authentication guidance; overlaps in topic and section.
• docs: add required API key headers for 1.5 #8721 — Adjusts webhook/auth documentation to standardize x-api-key usage; closely related to removed auth instructions.

Suggested labels

documentation, size:L

Suggested reviewers

• mendonk
• ogabrielluiz

Pre-merge checks and finishing touches

✅ Passed checks (7 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The pull request title "chore: remove webhook auth docs that are not in 1.6" clearly and accurately describes the main change in the changeset. The PR removes documentation about webhook authentication (specifically the LANGFLOW_WEBHOOK_AUTH_ENABLE environment variable and the "Require authentication for webhooks" section) from two documentation files because this feature is not present in version 1.6. The title is concise, specific, and directly relates to the actual changes made, making it clear to anyone scanning the history that this PR removes outdated webhook authentication documentation.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.
Test Coverage For New Implementations	✅ Passed	This PR removes documentation for the LANGFLOW_WEBHOOK_AUTH_ENABLE feature, which the commit history shows was added on August 29, 2025 (commit 836faa7) but is being removed from documentation because it's not included in version 1.6. The changes are purely documentation deletions with no code modifications. Since this is a documentation-only change that removes references to a feature not present in the release, no new tests are required or expected. The existing webhook authentication tests in src/backend/tests/unit/test_webhook.py remain in place and still test the WEBHOOK_AUTH_ENABLE functionality that exists in the codebase, even though it's being removed from user-facing documentation for this release.
Test Quality And Coverage	✅ Passed	This pull request only removes documentation content from two MDX files and does not introduce any new implementations, code changes, or functional modifications. The changes are purely documentary in nature, removing references to the LANGFLOW_WEBHOOK_AUTH_ENABLE environment variable that is not present in version 1.6. Since no new functionality, API endpoints, or code logic is being added or modified, there is no requirement for tests to accompany these changes. Documentation-only changes that remove outdated information do not require test coverage.
Test File Naming And Structure	✅ Passed	This pull request only modifies documentation files (two .mdx files in the docs directory) and does not add, modify, or remove any test files. The changes remove documentation about webhook authentication that is not present in version 1.6. Since there are no test files involved in this PR, the custom check regarding test file naming and structure patterns is not applicable to these changes.
Excessive Mock Usage Warning	✅ Passed	This pull request only modifies documentation files (two .mdx files) and does not include any test files or code changes. The changes remove documentation about webhook authentication that is not present in version 1.6 of Langflow. Since no test files are modified or added in this PR, there is no test code to evaluate for mock usage, and therefore the check regarding excessive mock usage is not applicable to these changes.

✨ Finishing touches

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix-docs-29-sep-25

---

📜 Recent review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 20051c7 and b6ee908.

📒 Files selected for processing (2)

• docs/docs/Configuration/api-keys-and-authentication.mdx (1 hunks)
• docs/docs/Develop/webhook.mdx (0 hunks)

💤 Files with no reviewable changes (1)

• docs/docs/Develop/webhook.mdx

🧰 Additional context used

📓 Path-based instructions (1)

docs/docs/**/*.{md,mdx}

📄 CodeRabbit inference engine (.cursor/rules/docs_development.mdc)

docs/docs/**/*.{md,mdx}: All documentation content must be written in Markdown or MDX files located under docs/docs/, following the prescribed directory structure for guides, reference, how-to, concepts, and API documentation.
All documentation Markdown and MDX files must begin with a frontmatter block including at least title and description fields.
Use admonitions (:::tip, :::warning, :::danger) in Markdown/MDX files to highlight important information, warnings, or critical issues.
All images referenced in documentation must include descriptive alt text for accessibility.
All code examples included in documentation must be tested and verified to work as shown.
Internal links in documentation must be functional and not broken.
Content must follow the style guide: professional but approachable tone, second person voice, present tense, short paragraphs, sentence case headers, inline code with backticks, bold for UI elements, italic for emphasis, and parallel structure in lists.
Use consistent terminology: always capitalize Langflow, Component, Flow, and uppercase API and JSON.

Files:

• docs/docs/Configuration/api-keys-and-authentication.mdx

🧠 Learnings (1)

📚 Learning: 2025-09-21T09:46:44.276Z

Learnt from: iann0036
PR: langflow-ai/langflow#9935
File: src/lfx/src/lfx/components/amazon/aws_api_call.py:35-48
Timestamp: 2025-09-21T09:46:44.276Z
Learning: Amazon components in the Langflow bundle consistently require explicit AWS credentials (aws_access_key_id and aws_secret_access_key with required=True) rather than falling back to environment/machine credentials for security reasons in hosted environments.

Applied to files:

• docs/docs/Configuration/api-keys-and-authentication.mdx

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

• GitHub Check: Test Docs Build / Test Docs Build
• GitHub Check: build-and-deploy

🔇 Additional comments (1)

docs/docs/Configuration/api-keys-and-authentication.mdx (1)

29-29: LGTM! Clean removal of webhook authentication documentation.

The removal of the sentence about LANGFLOW_WEBHOOK_AUTH_ENABLE is appropriate given that this feature is not present in version 1.6. Verification confirms no remaining references to webhook authentication exist in the documentation, and the content flows naturally from general API authentication to MCP server configuration.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🧪 Early access (Sonnet 4.5): enabled

We are currently testing the Sonnet 4.5 model, which is expected to improve code review quality. However, this model may lead to increased noise levels in the review comments. Please disable the early access features if the noise level causes any inconvenience.

Note:

• Public repositories are always opted into early access features.
• You can enable or disable early access features from the CodeRabbit UI or by updating the CodeRabbit configuration file.

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[mendonk]

+1

[github-actions]

Build successful! ✅
Deploying docs draft.
Deploy successful! View draft