Merge pull request #5964 from segmentio/master

master back to develop after OAuth merge

Author: stayseesong

src/_data/sidenav/main.yml

@@ -260,6 +260,8 @@ sections:
         title: Speeding Up Redshift Queries
       - path: /connections/storage/warehouses/redshift-useful-sql
         title: Useful SQL Queries for Redshift
+  - path: /connections/regional-segment
+    title: Regional Segment
   - path: /connections/test-connections
     title: Event Tester
   - path: /connections/data-export-options
@@ -276,18 +278,6 @@ sections:
     title: Integration Error Codes
   - path: /connections/rate-limits
     title: Rate Limits
-  - path: /connections/regional-segment
-    title: Regional Segment
-# - section_title: Reverse ETL
-#   section:
-#   - path: /reverse-etl
-#     title: Reverse ETL Overview
-#   - path: /reverse-etl/bigquery-setup
-#     title: BigQuery Reverse ETL Setup
-#   - path: /reverse-etl/redshift-setup
-#     title: Redshift Reverse ETL Setup
-#   - path: /reverse-etl/snowflake-setup
-#     title: Snowflake Reverse ETL Setup
 - section_title: Unify
   section:
   - path: /unify
@@ -324,9 +314,9 @@ sections:
       title: Tables & Materialized Views
   - section_title: Linked Profiles 
     slug: unify/linked-profiles
-    section: 
-    - path: /unify/linked-profiles/linked-events
-      title: Linked Events
+    section:
+    - path: /unify/linked-profiles
+      title: Linked Profiles Overview 
     - section_title: Setup Guides
       slug: unify/linked-profiles/setup-guides
       section: 
@@ -336,6 +326,11 @@ sections:
           title: Snowflake Setup
         - path: /unify/linked-profiles/setup-guides/redshift-setup
           title: Redshift Setup
+    - path: /unify/linked-profiles/data-graph
+      title: Data Graph
+    - path: /unify/linked-profiles/linked-events
+      title: Linked Events
+ 
   - section_title: Traits
     slug: unify/traits
     section:
@@ -402,6 +397,8 @@ sections:
       title: Account-level Audiences
     - path: '/engage/audiences/generative-audiences'
       title: Generative Audiences
+    - path: '/engage/audiences/linked-audiences'
+      title: Linked Audiences
     - path: '/engage/audiences/organization'
       title: Organize Audiences
 

src/api/public-api/index.md

@@ -42,7 +42,7 @@ Learn more about [GitHub's secret scanning program](https://docs.github.com/en/d
 ## OAuth 2.0
 
 > info ""
-> This feature is currently in pilot and is governed by Segment’s [First Access and Beta Preview Terms](https://www.twilio.com/en-us/legal/tos){:target="_blank"}. 
+> OAuth 2.0 is currently in private beta and is governed by Segment’s [First Access and Beta Preview Terms](https://www.twilio.com/en-us/legal/tos){:target="_blank"}.
 
 ## FAQs
 #### What should I do if I see a notification that my token was exposed?

src/connections/functions/source-functions.md

@@ -390,7 +390,7 @@ Copy and paste this URL into the upstream tool or service to send data to this s
 ## OAuth 2.0
 
 > info ""
-> OAuth 2.0 is currently in pilot and is governed by Segment’s [First Access and Beta Preview Terms](https://www.twilio.com/en-us/legal/tos){:target="_blank"}. 
+> OAuth 2.0 is currently in private beta and is governed by Segment’s [First Access and Beta Preview Terms](https://www.twilio.com/en-us/legal/tos){:target="_blank"}.
 
 ## Source function FAQs
 

src/connections/oauth.md

@@ -6,7 +6,7 @@ hidden: true
 OAuth 2.0 is an online authorization standard that uses tokens to grant access to API resources like Segment’s tracking API. You can use OAuth 2.0 as a security requirement for connections to third-party tools. 
 
 > info ""
-> This feature is currently in pilot and is governed by Segment’s [First Access and Beta Preview Terms](https://www.twilio.com/en-us/legal/tos){:target="_blank"}.  OAuth 2.0 only supports server to Segment communication, a machine-to-machine workflow. Take a look at the [supported sources](#supported-sources) to see what sources Segment supports.
+> OAuth 2.0 is currently in private beta and is governed by Segment’s [First Access and Beta Preview Terms](https://www.twilio.com/en-us/legal/tos){:target="_blank"}. OAuth 2.0 only supports server to Segment communication, a machine-to-machine workflow. Take a look at the [supported sources](#supported-sources) to see what sources Segment supports.
 
 ## Permissions 
 Depending on your workspace permissions, your access to OAuth apps is limited. 
@@ -134,4 +134,4 @@ OAuth 2.0 currently supports these scopes:
    * `functions:write`
 
 **Public API scopes**
-   * `public_api:read_write`
+   * `public_api:read_write`

src/connections/sources/catalog/libraries/server/node/index.md

@@ -653,6 +653,46 @@ analytics.track({
 ```
 
 
+## OAuth 2.0
+
+> info ""
+> OAuth 2.0 is currently in private beta and is governed by Segment’s [First Access and Beta Preview Terms](https://www.twilio.com/en-us/legal/tos){:target="_blank"}.
+
+Enable [OAuth 2.0](/docs/connections/oauth/) in your Segment workspace to guarantee authorized communication between your server environment and Segment's Tracking API. To support the non-interactive server environment, the OAuth workflow used is a signed client assertion JWT.  
+
+You will need a public and private key pair where:
+- The public key is uploaded to the Segment dashboard. 
+- The private key is kept in your server environment to be used by this SDK. 
+
+Your server will verify its identity by signing a token request and will receive a token that is used to to authorize all communication with the Segment Tracking API.
+
+You'll need to provide the OAuth Application ID and the public key's ID, both of which are provided in the Segment dashboard.  There are also options available to specify the authorization server, custom scope, maximum number of retries, or a custom HTTP client if your environment has special rules for separate Segment endpoints.
+
+Be sure to implement handling for Analytics SDK errors. Good logging helps distinguish any configuration issues.
+
+For more information, see the [Segment OAuth 2.0 documentation](/docs/connections/oauth/).
+
+```ts
+import { Analytics, OAuthSettings } from '@segment/analytics-node';
+import { readFileSync } from 'fs'
+
+const privateKey = readFileSync('private.pem', 'utf8')
+
+const settings: OAuthSettings = {
+  clientId: '<CLIENT_ID_FROM_DASHBOARD>',
+  clientKey: privateKey,
+  keyId: '<PUB_KEY_ID_FROM_DASHBOARD>',
+}
+
+const analytics = new Analytics({
+  writeKey: '<MY_WRITE_KEY>',
+  oauthSettings: settings,
+})
+
+analytics.on('error', (err) => { console.error(err) })
+
+analytics.track({ userId: 'foo', event: 'bar' })
+```
 ## Troubleshooting
 
 {% include content/troubleshooting-intro.md %}

src/connections/sources/catalog/libraries/server/python/index.md

@@ -530,12 +530,49 @@ analytics.write_key = 'YOUR_WRITE_KEY'
 
 ## Google App Engine
 
-Google App Engine my not resolve project dependencies. If this is the case add the following to your project alongside analytics-python:
+Google App Engine may not resolve project dependencies. If this is the case add the following to your project alongside analytics-python:
 - [requests](https://github.com/kennethreitz/requests){:target="_blank"}
 - python-dateutil](https://github.com/paxan/python-dateutil){:target="_blank"}
 
 If you're having issues with threads outliving your request, check [Background threads and synchronous mode](#background-threads-and-synchronous-mode)
 
+## OAuth 2.0
+
+> info ""
+> OAuth 2.0 is currently in private beta and is governed by Segment’s [First Access and Beta Preview Terms](https://www.twilio.com/en-us/legal/tos){:target="_blank"}.
+
+Enable [OAuth 2.0](/docs/connections/oauth/) in your Segment workspace to guarantee authorized communication between your server environment and Segment's Tracking API. To support the non-interactive server environment, the OAuth workflow used is a signed client assertion JWT.  
+
+You will need a public and private key pair where:
+- The public key is uploaded to the Segment dashboard. 
+- The private key is kept in your server environment to be used by this SDK. 
+Your server will verify its identity by signing a token request and will receive a token that is used to to authorize all communication with the Segment Tracking API.
+
+You'll need to provide the OAuth Application ID and the public key's ID, both of which are provided in the Segment dashboard.  There are also options available to specify the authorization server, custom scope, maximum number of retries, or a custom HTTP client if your environment has special rules for separate segment endpoints.
+
+Be sure to implement handling for Analytics SDK errors. Good logging will help distinguish any configuration issues.
+
+For more information, see the [Segment OAuth 2.0 documentation](/docs/connections/oauth/).
+
+```python
+import segment.analytics as analytics
+with open("private_key.pem") as f:
+    privatekey = f.read()
+
+analytics.write_key = '<YOUR WRITE KEY HERE>'
+
+analytics.oauth_client_id = 'CLIENT_ID' # OAuth application ID from segment dashboard
+analytics.oauth_client_key = privatekey # generated as a public/private key pair in PEM format from OpenSSL
+analytics.oauth_key_id = 'KEY_ID' # From segment dashboard after uploading public key
+
+def on_error(error, items):
+    print("An error occurred: ", error)
+analytics.on_error = on_error
+
+analytics.track('AUser', 'track')
+analytics.flush()
+```
+
 ## Troubleshooting
 
 ### Request size limits