docs: fix auth account identifiers

[DhruvPareek]

Summary

• Use InternalAccount:<uuid> in Global Accounts auth credential examples.
• Remove stale email fields from EMAIL_OTP credential creation requests.
• Clarify that Grid resolves the OTP address from the customer email on file.

Test Plan

• git diff --check
• Targeted rg scan for stale EmbeddedWallet:<id> examples and request-body email fields.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
grid-flow-builder	Ready	Preview, Comment	May 19, 2026 8:37pm

[mintlify]

Preview deployment for your docs. Learn more about Mintlify Previews.

Project	Status	Preview	Updated (UTC)
Grid	🟢 Ready	View Preview	May 19, 2026, 12:05 AM

[DhruvPareek]

• docs: align auth endpoint docs with PDF #481
• docs: allow multiple passkey credentials #479
• docs: update auth signed retry examples #477
• docs: fix auth account identifiers #476 👈 (View in Graphite)
• main

This stack of pull requests is managed by Graphite. Learn more about stacking.

[greptile-apps]

Greptile Summary

This documentation-only PR updates the Global Accounts authentication snippet to fix stale account ID prefixes and remove a non-existent email request field from EMAIL_OTP examples.

• Replaces EmbeddedWallet:<uuid> with InternalAccount:<uuid> across eight locations in request bodies, response examples, and query parameters.
• Removes the email field from all EMAIL_OTP credential creation requests and updates the accompanying prose to clarify that Grid resolves the OTP address from the customer record on file.
• One EmbeddedWallet: occurrence was missed — it sits inside the JSON-encoded payloadToSign string in the "Add an additional credential" 202 response example (line 588).

Confidence Score: 4/5

Safe to merge after fixing the one remaining EmbeddedWallet: occurrence in the payloadToSign example.

All eight updated account ID strings were correctly changed, and the email-field removal is accurate throughout. A single overlooked EmbeddedWallet: inside the JSON-encoded payloadToSign string at line 588 leaves a contradictory example that a developer could copy verbatim into a signing implementation.

mintlify/snippets/global-accounts/authentication.mdx — specifically the payloadToSign response example in the Add an additional credential section.

Important Files Changed

Filename	Overview
mintlify/snippets/global-accounts/authentication.mdx	Correctly updates EmbeddedWallet: → InternalAccount: in eight places and removes the stale email field from EMAIL_OTP request examples, but one occurrence inside the JSON-encoded payloadToSign string (line 588) was missed.

Sequence Diagram

sequenceDiagram
  participant C as Client
  participant IB as Integrator Backend
  participant G as Grid
  participant E as Email

  Note over IB,G: EMAIL_OTP Registration (updated flow)
  C->>IB: "POST /my-backend/otp/register { accountId }"
  IB->>G: "POST /auth/credentials { type: EMAIL_OTP, accountId: InternalAccount: }"
  G->>E: deliver OTP email (address from customer record)
  G-->>IB: "201 AuthMethod { accountId: InternalAccount: }"
  IB-->>C: "{ credentialId }"
  E-->>C: OTP code
  C->>C: generateClientKeyPair()
  C->>IB: "POST /my-backend/otp/verify { otp, clientPublicKey }"
  IB->>G: "POST /auth/credentials/{id}/verify { type: EMAIL_OTP, otp, clientPublicKey }"
  G-->>IB: "200 AuthSession { encryptedSessionSigningKey }"
  IB-->>C: "{ encryptedSessionSigningKey, expiresAt }"

Loading

Comments Outside Diff (1)

1. mintlify/snippets/global-accounts/authentication.mdx, line 588 (link)

   The payloadToSign example in the "Add an additional credential" section still uses the old EmbeddedWallet: prefix inside the JSON-encoded string. Every other account ID in this file was updated to InternalAccount:, but this one was missed because it sits embedded inside an escaped JSON value. A developer following the docs will see EmbeddedWallet: appear in the actual signed payload returned by Grid, contradicting every other corrected example in the file.

   Prompt To Fix With AI

   This is a comment left during a code review.
   Path: mintlify/snippets/global-accounts/authentication.mdx
   Line: 588
   
   Comment:
   The `payloadToSign` example in the "Add an additional credential" section still uses the old `EmbeddedWallet:` prefix inside the JSON-encoded string. Every other account ID in this file was updated to `InternalAccount:`, but this one was missed because it sits embedded inside an escaped JSON value. A developer following the docs will see `EmbeddedWallet:` appear in the actual signed payload returned by Grid, contradicting every other corrected example in the file.
   
   
   
   How can I resolve this? If you propose a fix, please make it concise.

   

Prompt To Fix All With AI

Fix the following 1 code review issue. Work through them one at a time, proposing concise fixes.

---

### Issue 1 of 1
mintlify/snippets/global-accounts/authentication.mdx:588
The `payloadToSign` example in the "Add an additional credential" section still uses the old `EmbeddedWallet:` prefix inside the JSON-encoded string. Every other account ID in this file was updated to `InternalAccount:`, but this one was missed because it sits embedded inside an escaped JSON value. A developer following the docs will see `EmbeddedWallet:` appear in the actual signed payload returned by Grid, contradicting every other corrected example in the file.

```suggestion
      "payloadToSign": "{\"requestId\":\"7c4a8d09-ca37-4e3e-9e0d-8c2b3e9a1f21\",\"type\":\"EMAIL_OTP\",\"accountId\":\"InternalAccount:019542f5-b3e7-1d02-0000-000000000002\",\"expiresAt\":\"2026-04-08T15:35:00Z\"}",
```

_{Reviews (3): Last reviewed commit: "docs: fix auth account identifiers" | Re-trigger Greptile}

[DhruvPareek]

maybe this should just be empty {} ?

[DhruvPareek]

fixed the p1