Fix issues breaking the build

danbarr · danbarr · commit 2e550a10a4f9 · 2025-10-10T22:01:21.000-04:00
Signed-off-by: Dan Barr &lt;6922515+danbarr@users.noreply.github.com&gt;
diff --git a/docs/toolhive/_partials/_basic-cedar-config.md b/docs/toolhive/_partials/_basic-cedar-config.md
@@ -24,5 +24,9 @@ format:
 You can also define custom resource attributes in `entities_json` for per-tool
 ownership or sensitivity labels.
 
-> For more policy examples and advanced usage, see
-> [Cedar policies](../concepts/cedar-policies.md).
+:::tip
+
+For more policy examples and advanced usage, see
+[Cedar policies](../concepts/cedar-policies.md).
+
+:::
diff --git a/docs/toolhive/_partials/_oidc-prerequisites.md b/docs/toolhive/_partials/_oidc-prerequisites.md
@@ -13,10 +13,10 @@ From your identity provider, you'll need:
 - Issuer URL
 - JWKS URL (for key verification)
 
-> ToolHive uses OIDC to connect to your existing identity provider, so you can
-> authenticate with your own credentials (for example, Google login) or with
-> service account tokens (for example, in Kubernetes). ToolHive never sees your
-> password, only signed tokens from your identity provider.
+ToolHive uses OIDC to connect to your existing identity provider, so you can
+authenticate with your own credentials (for example, Google login) or with
+service account tokens (for example, in Kubernetes). ToolHive never sees your
+password, only signed tokens from your identity provider.
 
 For background on authentication, authorization, and Cedar policy examples, see
 [Authentication and authorization framework](../concepts/auth-framework.md).
diff --git a/docs/toolhive/concepts/auth-framework.md b/docs/toolhive/concepts/auth-framework.md
@@ -255,4 +255,4 @@ requirements.
 ## Related information
 
 - For detailed policy writing guidance, see
-  [Cedar policies](./cedar-policies.mdcedar-policies.md)
+  [Cedar policies](./cedar-policies.md)
diff --git a/docs/toolhive/concepts/authentication-authorization.md b/docs/toolhive/concepts/authentication-authorization.md
@@ -9,9 +9,6 @@ This document explains the concepts behind ToolHive's authentication and
 authorization framework, which secures MCP servers by verifying client identity
 and controlling access to resources.
 
-> For step-by-step setup and troubleshooting, see
-> [Securing MCP servers with authentication and authorization](../how-to/authentication-authorization.md).
-
 ## Understanding authentication vs. authorization
 
 When you secure MCP servers, it's critical to understand the strong separation
@@ -343,12 +340,10 @@ This restricts access based on the client's location.
 
 ## Related information
 
-- For practical steps to configure authentication and authorization, see
-  [Authentication and authorization](../how-to/authentication-authorization.md)
-- For security best practices, see
-  [Security reference](../reference/security.md)
-- For container security details, see
-  [Container security model](container-security-model.md)
+- For configuration and setup with the ToolHive CLI, see
+  [Authentication and authorization](../guides-cli/auth.mdx)
+- For Kubernetes deployment, see
+  [Authentication and authorization in Kubernetes](../guides-k8s/auth-k8s.mdx)
 - For detailed Cedar policy syntax, see
   [Cedar documentation](https://docs.cedarpolicy.com/)
 
diff --git a/docs/toolhive/concepts/cedar-policies.md b/docs/toolhive/concepts/cedar-policies.md
@@ -169,15 +169,15 @@ security requirements.
 JWT claims from your identity provider become available in policies with a
 `claim_` prefix. You can use these claims in two ways:
 
-### On the principal entity
+**On the principal entity:**
 
 ```text
 permit(principal, action == Action::"call_tool", resource == Tool::"weather") when {
   principal.claim_name == "John Doe"
 };
 ```
 
-### In the context
+**In the context:**
 
 ```text
 permit(principal, action == Action::"call_tool", resource == Tool::"weather") when {
@@ -193,15 +193,15 @@ readable.
 Tool arguments become available in policies with an `arg_` prefix. This lets you
 create policies based on the specific parameters of requests:
 
-### On the resource entity
+**On the resource entity:**
 
 ```text
 permit(principal, action == Action::"call_tool", resource == Tool::"weather") when {
   resource.arg_location == "New York" || resource.arg_location == "London"
 };
 ```
 
-### In the context
+**In the context:**
 
 ```text
 permit(principal, action == Action::"call_tool", resource == Tool::"weather") when {
@@ -407,5 +407,3 @@ When policies don't work as expected, follow this systematic approach:
   [Authentication and authorization framework](./auth-framework.md)
 - For detailed Cedar policy syntax, see
   [Cedar documentation](https://docs.cedarpolicy.com/)
-
-<!-- markdownlint-disable-file MD024 -->
diff --git a/docs/toolhive/guides-k8s/auth-k8s.mdx b/docs/toolhive/guides-k8s/auth-k8s.mdx
@@ -373,12 +373,9 @@ kubectl logs -n toolhive-system -l app.kubernetes.io/name=weather-server-k8s
 - For conceptual understanding, see
   [Authentication and authorization framework](../concepts/auth-framework.md)
 - For detailed Cedar policy syntax, see
-  [Cedar policies](../concepts/cedar-policies.md)
-- For CLI deployment, see
-  [Secure MCP servers with authentication and authorization](../how-to/auth.mdx)
+  [Cedar policies](../concepts/cedar-policies.md) and the
+  [Cedar documentation](https://docs.cedarpolicy.com/)
 - For running MCP servers without authentication, see
-  [Run MCP servers in Kubernetes](./run-mcp-k8s.md)
+  [Run MCP servers in Kubernetes](./run-mcp-k8s.mdx)
 - For ToolHive Operator installation, see
   [Deploy the ToolHive Operator with Helm](./deploy-operator-helm.md)
-- For detailed Cedar policy syntax, see
-  [Cedar documentation](https://docs.cedarpolicy.com/)
