strapi · pwizla · May 12, 2026 · May 12, 2026 · May 12, 2026 · May 12, 2026
diff --git a/docusaurus/docs/cms/backend-customization/examples/authentication.md b/docusaurus/docs/cms/backend-customization/examples/authentication.md
@@ -99,7 +99,8 @@ const Login = () => {
         body: JSON.stringify(values),
       });
       /**
-       * Gets the JWT from the server response
+       * Gets the JWT from the server response.
+       * The actual response is { jwt, user }, but we only need the JWT here.
        */
       const { jwt } = await res.json();
       /**
@@ -159,9 +160,11 @@ module.exports = ({ env }) => ({
     config: {
       jwtManagement: 'refresh',
       sessions: {
-        accessTokenLifespan: 604800, // 1 week (default)
-        maxRefreshTokenLifespan: 2592000, // 30 days
-        idleRefreshTokenLifespan: 604800, // 7 days
+        accessTokenLifespan: 600, // 10 minutes (default)
+        maxRefreshTokenLifespan: 2592000, // 30 days (default)
+        idleRefreshTokenLifespan: 1209600, // 14 days (default)
+        maxSessionLifespan: 86400, // 1 day (default)
+        idleSessionLifespan: 7200, // 2 hours (default)
       },
     },
   },
@@ -257,7 +260,6 @@ const EnhancedLogin = () => {
 
 export default EnhancedLogin;
 ```
-```
 
 <br />
 

diff --git a/docusaurus/docs/cms/configurations/users-and-permissions-providers/auth-zero.md b/docusaurus/docs/cms/configurations/users-and-permissions-providers/auth-zero.md
@@ -22,7 +22,7 @@ You have read the [Users & Permissions providers documentation](/cms/configurati
 ## Auth0 configuration
 
 :::note
-AWS Cognito accepts the `localhost` urls. <br/>
+Auth0 accepts the `localhost` URLs. <br/>
 The use of `ngrok` is not needed.
 :::
 

diff --git a/docusaurus/docs/cms/configurations/users-and-permissions-providers/cas.md b/docusaurus/docs/cms/configurations/users-and-permissions-providers/cas.md
@@ -1,6 +1,6 @@
 ---
 title: CAS provider setup for Users & Permissions
-description: Learn how to setup the CAS provider for the Users & Permissions feature.
+description: Learn how to set up the CAS provider for the Users & Permissions feature.
 displayed_sidebar: cmsSidebar
 tags:
 - users and permissions
@@ -13,7 +13,7 @@ import ConfigDone from '/docs/snippets/u-and-p-provider-config-done.md'
 
 # CAS provider setup for Users & Permissions
 
-The present page explains how to setup the Auth0 provider for the [Users & Permissions feature](/cms/features/users-permissions).
+The present page explains how to set up the CAS provider for the [Users & Permissions feature](/cms/features/users-permissions).
 
 :::prerequisites
 You have read the [Users & Permissions providers documentation](/cms/configurations/users-and-permissions-providers).
@@ -58,7 +58,7 @@ The use of `ngrok` is not needed.
 
 ## Strapi configuration
 
-1. Visit the User & Permissions provider settings page at <ExternalLink to="http://localhost:1337/admin/plugins/users-permissions/providers" text="http://localhost:1337/admin/plugins/users-permissions/providers"/>
+1. Visit the User & Permissions provider settings page at <ExternalLink to="http://localhost:1337/admin/settings/users-permissions/providers" text="http://localhost:1337/admin/settings/users-permissions/providers"/>
 2. Click on the **CAS** provider
 3. Fill the information:
    - **Enable**: `ON`

diff --git a/docusaurus/docs/cms/configurations/users-and-permissions-providers/instagram.md b/docusaurus/docs/cms/configurations/users-and-permissions-providers/instagram.md
@@ -19,6 +19,10 @@ The present page explains how to setup the Instagram provider for the [Users & P
 You have read the [Users & Permissions providers documentation](/cms/configurations/users-and-permissions-providers).
 :::
 
+:::caution
+The Instagram Basic Display API was deprecated and shut down by Meta on December 4, 2024. This provider may no longer work as documented below.
+:::
+
 ## Instagram configuration
 
 :::note

diff --git a/docusaurus/docs/cms/configurations/users-and-permissions-providers/linkedin.md b/docusaurus/docs/cms/configurations/users-and-permissions-providers/linkedin.md
@@ -19,6 +19,10 @@ The present page explains how to setup the LinkedIn provider for the [Users & Pe
 You have read the [Users & Permissions providers documentation](/cms/configurations/users-and-permissions-providers).
 :::
 
+:::caution
+LinkedIn has migrated from "Sign In with LinkedIn" to "Sign In with LinkedIn using OpenID Connect." The `r_liteprofile` and `r_emailaddress` scopes have been deprecated. The setup steps below may need adjustments to match the new OpenID Connect product.
+:::
+
 ## LinkedIn configuration
 
 :::note
@@ -37,7 +41,7 @@ The use of `ngrok` is not needed.
 6. Fill the information:
    - **Authorized redirect URL**: `http://localhost:1337/api/connect/linkedin/callback`
 7. On the app page click on **Products** tab.
-8. Select `Sign In with LinkedIn` from the product list to enable it.
+8. Select `Sign In with LinkedIn using OpenID Connect` from the product list to enable it.
 
 ## Strapi configuration
 

diff --git a/docusaurus/docs/cms/configurations/users-and-permissions-providers/twitter.md b/docusaurus/docs/cms/configurations/users-and-permissions-providers/twitter.md
@@ -19,6 +19,10 @@ The present page explains how to setup the Twitter provider for the [Users & Per
 You have read the [Users & Permissions providers documentation](/cms/configurations/users-and-permissions-providers).
 :::
 
+:::caution
+Twitter has rebranded to X. The developer portal has been significantly restructured, and free-tier API access is now limited. The setup steps and URLs below may be outdated.
+:::
+
 ## Twitter configuration
 
 :::note