From 2cffc8969ef12e367cb0caa78e545107191f80d7 Mon Sep 17 00:00:00 2001
From: Baozier <byn9826@gmail.com>
Date: Wed, 6 Nov 2024 20:12:18 -0500
Subject: [PATCH] Add docs for how to trigger a policy (#189)

---
 README.md         |  3 +++
 docs/q&a.md       | 25 +++++++++++++++++++++++++
 docs/react-sdk.md |  1 +
 package.json      |  2 +-
 4 files changed, 30 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 86513473..463f4df7 100644
--- a/README.md
+++ b/README.md
@@ -55,6 +55,9 @@
   - OTP MFA
   - SMS MFA
   - MFA Enrollment
+- <b>Policy</b>
+  - sign_in_or_sign_up
+  - change_password
 - <b>Mailer Option</b>:
   - SendGrid
   - Mailgun
diff --git a/docs/q&a.md b/docs/q&a.md
index 40a4d8cc..28d6bf8a 100644
--- a/docs/q&a.md
+++ b/docs/q&a.md
@@ -101,3 +101,28 @@ After running these commands, the old secret will be removed, and any tokens sig
 - Enforcing specific MFA types: You can set OTP_MFA_IS_REQUIRED, SMS_MFA_IS_REQUIRED, or EMAIL_MFA_IS_REQUIRED to true to enforce those MFA methods as a login requirement.
 - Letting users choose one of the supported MFA types: If OTP_MFA_IS_REQUIRED, SMS_MFA_IS_REQUIRED, and EMAIL_MFA_IS_REQUIRED are all set to false, you can set ENFORCE_ONE_MFA_ENROLLMENT to contain the MFA types you want to support. The user will then be required to enroll in one of the selected MFA types.
 - You can also use the MFA enrollment functionality provided by the admin panel or the S2S API to customize your MFA enrollment flow.
+
+## How to trigger a different policy
+- To trigger a different policy, add policy=[policy] as a query string when redirecting the user to the authorization page.
+```
+  const url = serverUri +
+    '/oauth2/v1/authorize?' +
+    'response_type=code' +
+    '&state=' + state +
+    '&client_id=' + clientId +
+    '&redirect_uri=' + redirectUri +
+    '&code_challenge=' + codeChallenge +
+    '&code_challenge_method=S256' +
+    '&policy=' + policy +
+    '&scope=' + scope +
+    '&locale=' + locale
+  window.location.href = url
+```
+- When using the React SDK, you can trigger the loginRedirect function with a policy parameter:
+```
+const { loginRedirect } = useAuth()
+
+loginRedirect({
+  policy: 'change_password',
+})
+```
diff --git a/docs/react-sdk.md b/docs/react-sdk.md
index 2bb35140..df4c08c7 100644
--- a/docs/react-sdk.md
+++ b/docs/react-sdk.md
@@ -64,6 +64,7 @@ Triggers a new authentication flow.
 |-----------|------|-------------|---------|----------|
 | locale | string | Specifies the locale to use in the authentication flow | N/A | No |
 | state | string | Specifies the state to use in the authentication flow if you prefer not to use a randomly generated string | N/A | No |
+| policy | string | Specifies the policy to use in the authentication flow | 'sign_in_or_sign_up' | No |
 
 ```
 import { useAuth } from '@melody-auth/react'
diff --git a/package.json b/package.json
index 156c9c5a..7df79ea1 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "melody-auth",
-  "version": "1.0.8",
+  "version": "1.1.0",
   "description": "A turnkey OAuth & authentication system.",
   "license": "MIT",
   "author": "Baozier",