update docs

Author: sanchitmehtagit

EXAMPLES.md

@@ -367,6 +367,28 @@ The Credentials Manager utility allows you to securely store and retrieve the us
 let credentialsManager = CredentialsManager(authentication: Auth0.authentication())
 ```
 
+> [!NOTE]
+> **Swift 6 Concurrency Support**: The Credentials Manager conforms to `Sendable` and can be safely used across concurrency contexts, including within actors.
+>
+> ```swift
+> // Example: Using CredentialsManager in an Actor (Swift 6)
+> actor AuthService {
+>     let credentialsManager: CredentialsManager
+>     
+>     init() {
+>         self.credentialsManager = CredentialsManager(authentication: Auth0.authentication())
+>     }
+>     
+>     func fetchCredentials() async throws -> Credentials {
+>         // Safe to call from within an actor
+>         return try await credentialsManager.credentials(withScope: "openid profile email",
+>                                                         minTTL: 60,
+>                                                         parameters: [:],
+>                                                         headers: [:])
+>     }
+> }
+> ```
+
 > [!CAUTION]
 > The Credentials Manager is not thread-safe, except for the following methods: 
 > 
@@ -2965,7 +2987,11 @@ Check the [API documentation](https://auth0.github.io/Auth0.swift/documentation/
 
 ## Logging
 
-Auth0.swift can print HTTP requests and responses for debugging purposes. Enable it by calling the following method in either `WebAuth`, `Authentication` or `Users`:
+Auth0.swift provides comprehensive logging capabilities for debugging HTTP requests and responses. The logging system is built on Apple's [Unified Logging](https://developer.apple.com/documentation/os/logging) (`OSLog`) for better performance and integration with system diagnostic tools.
+
+### Enable Logging
+
+Enable logging by calling the `logging(enabled:)` method on `WebAuth`, `Authentication`, or `Users`:
 
 ```swift
 Auth0
@@ -2974,32 +3000,98 @@ Auth0
     // ...
 ```
 
+```swift
+Auth0
+    .authentication()
+    .logging(enabled: true)
+    // ...
+```
+
+```swift
+Auth0
+    .users(token: credentials.accessToken)
+    .logging(enabled: true)
+    // ...
+```
+
 > [!CAUTION]
-> Set this flag only when **DEBUGGING** to avoid leaking user's credentials in the device log.
+> Enable logging **only when debugging** to avoid performance impacts and potential security concerns in production builds.
 
-With a successful authentication you should see something similar to the following:
+### Automatic Token Redaction
+
+**Security First**: Auth0.swift automatically redacts sensitive information from logs to protect user credentials. The following fields are redacted when logging HTTP responses:
+
+- `access_token`
+- `refresh_token`
+- `id_token`
+
+Redacted tokens appear as `"redacted"` in the logs, ensuring sensitive data never appears in plain text.
+
+### Logging Output
+
+With logging enabled, you'll see detailed HTTP request and response information. Here's an example of what a successful authentication flow looks like:
 
 ```text
 ASWebAuthenticationSession: https://example.us.auth0.com/authorize?.....
 Callback URL: com.example.MyApp://example.us.auth0.com/ios/com.example.MyApp/callback?...
+
 POST https://example.us.auth0.com/oauth/token HTTP/1.1
 Content-Type: application/json
 Auth0-Client: eyJ2ZXJzaW9uI...
 
-{"code":"...","client_id":"...","grant_type":"authorization_code","redirect_uri":"com.example.MyApp:\/\/example.us.auth0.com\/ios\/com.example.MyApp\/callback","code_verifier":"..."}
+{
+  "code": "...",
+  "client_id": "...",
+  "grant_type": "authorization_code",
+  "redirect_uri": "com.example.MyApp://example.us.auth0.com/ios/com.example.MyApp/callback",
+  "code_verifier": "..."
+}
 
 HTTP/1.1 200
 Pragma: no-cache
 Content-Type: application/json
 Strict-Transport-Security: max-age=3600
-Date: Wed, 27 Apr 2022 19:04:39 GMT
-Content-Length: 57
+Date: Wed, 08 Dec 2025 10:30:00 GMT
+Content-Length: 1024
 Cache-Control: no-cache
 Connection: keep-alive
 
-{"access_token":"...","token_type":"Bearer"}
+{
+  "access_token": "redacted",
+  "refresh_token": "redacted",
+  "id_token": "redacted",
+  "token_type": "Bearer",
+  "expires_in": 86400
+}
 ```
 
+### Viewing Logs
+
+Auth0.swift logs are written to the **Unified Logging System** with the following identifiers:
+
+- **Subsystem**: `com.auth0.Auth0`
+- **Categories**: `NetworkTracing`, `Configuration`
+
+#### Xcode Console (Recommended)
+
+Logs appear automatically in the Xcode debug console during development on all platforms.
+
+**Filtering in Xcode 15+:**
+
+Use these filter expressions directly in the console search bar:
+
+| Filter | Description |
+|--------|-------------|
+| `subsystem:com.auth0.Auth0` | Show all Auth0 SDK logs |
+| `category:NetworkTracing` | Show only network requests/responses |
+| `category:Configuration` | Show only configuration errors |
+| `subsystem:com.auth0.Auth0 category:NetworkTracing` | Combine filters for specific logs |
+
+#### Log Categories
+
+- **NetworkTracing** - HTTP requests and responses (enabled via `logging(enabled: true)`)
+- **Configuration** - SDK setup and configuration issues (always logged)
+
 > [!TIP]
 > When troubleshooting, you can also check the logs in the [Auth0 Dashboard](https://manage.auth0.com/#/logs) for more information.
 

README.md

@@ -347,7 +347,7 @@ Check the [FAQ](FAQ.md) for more information about the alert box that pops up **
 
 Auth0.swift uses Apple's Unified Logging (OSLog) to help you troubleshoot issues during development. Enable detailed HTTP logging to see network requests, responses, and errors.
 
-### Enable Logging (NetworK Tracing based logs)
+### Enable Logging (Network Tracing based logs)
 
 To enable detailed HTTP request and response tracing during development: