Many more docs changes

Author: dylburger

docs-v2/pages/connect/index.mdx

@@ -13,11 +13,6 @@ import VideoPlayer from "@/components/VideoPlayer";
 Please reach out at `[email protected]` or our [Slack community](https://pipedream.com/support) to let us know how you're using it, what's not working, and what else you'd like to see.
 </Callout>
 
-<VideoPlayer
-  src="https://www.youtube.com/embed/xhUagMsogkQ"
-  title="Pipedream Connect Public Preview"
-/>
-
 Pipedream Connect is the easiest way for your users to connect to [over {process.env.PUBLIC_APPS}+ APIs](https://pipedream.com/apps), **right in your product**. You can build in-app messaging, CRM syncs, AI-driven products, [and much more](/connect/use-cases), all in a few minutes. Visit [the quickstart](/connect/quickstart) to build your first integration.
 
 Connect lets your users authorize access to any API, directly in your app. You can then retrieve fresh credentials for any account, making requests on their behalf. Pipedream handles the security of credentials and the whole OAuth flow — **no need to manage authorization grants or token refresh yourself.**
@@ -73,9 +68,7 @@ All credentials and tokens are sent to Pipedream securely over HTTPS, and encryp
 ## Product roadmap for Connect
 
 - Address bugs and feedback during the preview phase
-- Use Pipedream OAuth clients while in development, to make it easier to get started
 - Invoke Pipedream workflows on behalf of your end users
-- Improve error handling for Connect developers and end users
 - And more!
 
 ## Glossary of terms

docs-v2/pages/connect/quickstart.mdx

@@ -7,13 +7,6 @@ import VideoPlayer from "@/components/VideoPlayer";
 
 Pipedream Connect is the easiest way for your users to connect to [over {process.env.PUBLIC_APPS}+ APIs](https://pipedream.com/apps), **right in your product**. You can build in-app messaging, CRM syncs, AI-driven products, [and much more](/connect/use-cases), all in a few minutes.
 
-If you prefer videos to text, this demo walks through this quickstart:
-
-<VideoPlayer
-  src="https://www.youtube.com/embed/xhUagMsogkQ"
-  title="Pipedream Connect Public Preview"
-/>
-
 ## Visual overview
 
 Here's a high-level overview of how Connect works with your app:

docs-v2/pages/privacy-and-security/best-practices.mdx

@@ -1,10 +1,10 @@
 # Security Best Practices
 
-Pipedream implements a range of [privacy and security measures](/privacy-and-security/) meant to protect your data from unauthorized access. Since Pipedream [workflows](/workflows/), [event sources](/sources/), and other resources can run any Node.js code and process any event data, you also have a responsibility to ensure you handle that code and data securely. We've outlined a handful of best practices for that below.
+Pipedream implements a range of [privacy and security measures](/privacy-and-security/) meant to protect your data from unauthorized access. Since Pipedream [workflows](/workflows/), [event sources](/sources/), and other resources can run any code and process any event data, you also have a responsibility to ensure you handle that code and data securely. We've outlined a handful of best practices for that below.
 
 ## Store secrets as Pipedream connected accounts or environment variables
 
-Even if your workflow code is private, you should never store secrets like API keys in code. These secrets should be stored in one of two ways:
+Never store secrets like API keys directly in code. These secrets should be stored in one of two ways:
 
 - [If Pipedream integrates with the app](https://pipedream.com/apps), use [connected accounts](/connected-accounts/) to link your apps / APIs.
 - If you need to store credentials for an app Pipedream doesn't support, or you need to store arbitrary configuration data, use [environment variables](/environment-variables/).
@@ -13,21 +13,19 @@ Read more about how Pipedream secures connected accounts / environment variables
 
 ## Deliver data to Pipedream securely
 
-Whenever possible, encrypt data in transit to Pipedream. For example, use HTTPS endpoints when sending HTTP traffic to a workflow.
+Always send data over HTTPS to Pipedream endpoints.
 
 ## Send data out of Pipedream securely
 
 When you connect to APIs in a workflow, or deliver data to third-party destinations, encrypt that data in transit. For example, use HTTPS endpoints when sending HTTP traffic to third parties.
 
-## Add authentication to incoming event data
+## Require authorization for HTTP triggers
 
-You can add many public-facing triggers to your workflows. For example, when you add an HTTP trigger to your workflow, anyone with the associated trigger URL can invoke it. You should protect your workflow with an authentication mechanism like [Basic Auth](https://developer.mozilla.org/en-US/docs/Web/HTTP/Authentication), JWT, or others.
+HTTP triggers are public by default, and require no authorization or token to invoke.
 
-The easiest way to do this is to use the [Validate Webhook Auth action](https://pipedream.com/apps/http/actions/validate-webhook-auth). This supports common auth options, and you don't have to write any code to configure it.
+For many workflows, you should [configure authorization](/workflows/triggers#authorizing-http-requests) to ensure that only authorized parties can invoke your HTTP trigger.
 
-If you need to implement custom logic in code, see [this workflow](https://pipedream.com/new?h=tch_OaJfNv) for a shared API key example. This reads the header `x-api-key` and compares it to the [environment variable](/environment-variables/) called `YOUR_WEBHOOK_API_KEY`. If the `x-api-key` header does not match this variable, it returns a `401 Unauthorized` error and exits the workflow early.
-
-This pattern is typical for protecting workflows: add the authentication logic in a step at the top of your workflow, ending early if auth fails. If auth succeeds, Pipedream runs the remaining steps of your workflow.
+For third-party services like webhooks, that authorize requests using their own mechanism, use the [Validate Webhook Auth action](https://pipedream.com/apps/http/actions/validate-webhook-auth). This supports common auth options, and you don't have to write any code to configure it.
 
 ## Validate signatures for incoming events, where available
 

docs-v2/pages/rest-api/index.mdx

@@ -63,18 +63,18 @@ including all fields). Pass as a string of comma-separated values:
 
 ---
 
+`org_id` **string**
+
 <Callout>
-The `workspace_id` parameter is only required when using [User API keys](/rest-api/auth#user-api-keys). When authenticating with OAuth tokens, the API will automatically use the workspace associated with the token.
+The `org_id` parameter is only required when using [User API keys](/rest-api/auth#user-api-keys). When authenticating with OAuth tokens, the API will automatically use the workspace associated with the token.
 </Callout>
 
-`workspace_id` **string**
-
 When using [User API keys](/rest-api/auth#user-api-keys), some endpoints require you to specify [your workspace ID](/workspaces/#finding-your-workspace-s-id) you want the operation to take effect in:
 
-- When _fetching_ specific resources (for example, when you [retrieve events for a specific source](#get-source-events)), **you should not need to pass your workspace's ID**. If your user is a part of the workspace, and you have access to that resource, and the API will return the details of the resource.
-- When _creating_ new resources, you'll need to specify the `workspace_id` in which you want to create the resource.
+- When _fetching_ specific resources (for example, when you [retrieve events for a specific source](#get-source-events)), **you should not need to pass `org_id`**. If your user is a part of the workspace, and you have access to that resource, and the API will return the details of the resource.
+- When _creating_ new resources, you'll need to specify the `org_id` in which you want to create the resource.
 
-[Find your workspace's ID here](/workspaces/#finding-your-workspace-s-id).
+[Find your workspace / org ID here](/workspaces/#finding-your-workspace-s-id).
 
 ## Pagination
 
@@ -1117,6 +1117,10 @@ curl "https://api.pipedream.com/v1/subscriptions?emitter_id=dc_def456&listener_i
 
 ## Users
 
+<Callout>
+These endpoints only work when using [user API keys](/rest-api/auth#user-api-keys), and will not work with workspace-level OAuth clients.
+</Callout>
+
 ### Get Current User Info
 
 Retrieve information on the authenticated user.
@@ -1194,103 +1198,6 @@ Paid user:
 }
 ```
 
-### Get Current User's Subscriptions
-
-Retrieve all the [subscriptions](#subscriptions) configured for the
-authenticated user.
-
-#### Endpoint
-
-```
-GET /users/me/subscriptions
-```
-
-#### Parameters
-
-_No parameters_
-
-#### Example Request
-
-```shell
-curl 'https://api.pipedream.com/v1/users/me/subscriptions' \
-  -H 'Authorization: Bearer <token>'
-```
-
-#### Example Response
-
-```json
-{
-  "data": [
-    {
-      "id": "sub_abc123",
-      "emitter_id": "dc_abc123",
-      "listener_id": "p_abc123",
-      "event_name": ""
-    },
-    {
-      "id": "sub_def456",
-      "emitter_id": "dc_def456",
-      "listener_id": "p_def456",
-      "event_name": ""
-    }
-  ]
-}
-```
-
-### Get Current User's Webhooks
-
-Retrieve all the [webhooks](#webhooks) configured for the authenticated user.
-
-#### Endpoint
-
-```
-GET /users/me/webhooks
-```
-
-#### Parameters
-
-_No parameters_
-
-#### Example Request
-
-```shell
-curl 'https://api.pipedream.com/v1/users/me/webhooks' \
-  -H 'Authorization: Bearer <token>'
-```
-
-#### Example Response
-
-```json
-{
-  "page_info": {
-    "total_count": 2,
-    "count": 2,
-    "start_cursor": "d2hfMjlsdUd6",
-    "end_cursor": "d2hfb3dHdWVv"
-  },
-  "data": [
-    {
-      "id": "wh_abc123",
-      "name": null,
-      "description": null,
-      "url": "https://endpoint.m.pipedream.net",
-      "active": true,
-      "created_at": 1611964025,
-      "updated_at": 1611964025
-    },
-    {
-      "id": "wh_def456",
-      "name": "Test webhook",
-      "description": "just a test",
-      "url": "https://endpoint2.m.pipedream.net",
-      "active": true,
-      "created_at": 1605835136,
-      "updated_at": 1605835136
-    }
-  ]
-}
-```
-
 ## Webhooks
 
 Pipedream supports webhooks as a way to deliver events to a endpoint you own.
@@ -1946,7 +1853,7 @@ Programmatically view your workspace's current credit usage for the billing peri
 #### Endpoint
 
 ```
-GET /v1/workspaces/<workspace_id>
+GET /v1/workspaces/<org_id>
 ```
 
 #### Path Parameters
@@ -1977,12 +1884,12 @@ Retrieve all the connected accounts for a specific workspace.
 #### Endpoint
 
 ```
-GET /workspaces/<workspace_id>/accounts
+GET /workspaces/<org_id>/accounts
 ```
 
 #### Path Parameters
 
-`workspace_id` **string**
+`org_id` **string**
 
 [Switch to your workspace's context](/workspaces/#switching-between-workspaces) and [find your org's ID](/workspaces/#finding-your-workspace-s-id).
 
@@ -2025,7 +1932,7 @@ Retrieve all the [subscriptions](#subscriptions) configured for a specific works
 #### Endpoint
 
 ```
-GET /workspaces/<workspace_id>/subscriptions
+GET /workspaces/<org_id>/subscriptions
 ```
 
 #### Path Parameters
@@ -2069,7 +1976,7 @@ Retrieve all the [event sources](#sources) configured for a specific workspace.
 #### Endpoint
 
 ```
-GET /orgs/<workspace_id>/sources
+GET /orgs/<org_id>/sources
 ```
 
 #### Path Parameters