[DO NOT MERGE] Add connected accounts to A4AA Mintlify

auth4genai/docs.json

@@ -88,13 +88,6 @@
             "icon": "robot",
             "pages": ["sample-apps"]
           },
-          {
-            "group": "Guides",
-            "icon": "graduation-cap",
-            "pages": [
-              "guides/client-initiated-account-linking"
-            ]
-          },
           {
             "group": "Glossary",
             "icon": "compass",

auth4genai/get-started/call-others-apis-on-users-behalf.mdx

@@ -50,5 +50,4 @@ By the end of this quickstart, you should have an AI application integrated with
 You have successfully added the ability to get access tokens for tool calling to your application. For next steps:
 
 - [Call your APIs on user's behalf docs](/intro/call-your-apis-on-users-behalf).
-- Learn more about [Client-initiated account linking](/guides/client-initiated-account-linking).
 - Learn more about how Auth0's [Token Vault](https://auth0.com/docs/secure/tokens/token-vault) manages the tokens of supported identity providers.

auth4genai/integrations/github.mdx

@@ -60,10 +60,9 @@ GitHub apps [use fine grained permissions](https://docs.github.com/en/enterprise
         GitHub OAuth app you created.
       </li>
       <li>
-        In **Advanced**, toggle **Enable Token Vault**. This allows the
-        connection to retrieve and store access tokens for third-party APIs
-        securely. To learn more, read [Configure Token
-        Vault](https://auth0.com/docs/secure/tokens/token-vault/configure-token-vault).
+        In **Purpose**, toggle on **Use for Connected Accounts**. This allows the
+        connection to retrieve and securely store access tokens for external APIs. To learn more, read [Connected Accounts for Token
+        Vault](https://auth0.com/docs/secure/tokens/token-vault/connected-accounts-for-token-vault).
       </li>
       <li>Click **Create**.</li>
       <li>

auth4genai/integrations/google.mdx

@@ -137,11 +137,10 @@ Use the [Auth0 Dashboard](https://manage.auth0.com/) to create a new Google soci
     token for the Google social connection, it will contain the appropriate
     scopes so you can use it to call the required Google APIs.
   </Step>
-  <Step title="Enable Token Vault">
-    In **Advanced**, toggle **Enable Token Vault**. This allows the connection
-    to retrieve and store access tokens for third-party APIs securely. To learn
-    more, read [Configure Token
-    Vault](https://auth0.com/docs/secure/tokens/token-vault/configure-token-vault).
+  <Step title="Enable Connected Accounts for Token Vault">
+    In **Purpose**, toggle **Use for Connected Accounts**. This allows the connection
+    to retrieve and securely store access tokens for external APIs. To learn
+    more, read [Connected Accounts for Token Vault](https://auth0.com/docs/secure/tokens/token-vault/connected-accounts-for-token-vault).
   </Step>
   <Step title="Save">Click **Save Changes**.</Step>
   <Step title="Enable Applications">

auth4genai/integrations/oauth2.mdx

@@ -13,8 +13,8 @@ If a specific identity provider or service isn't available out of the box, Auth0
 
 To learn more and configure a custom OAuth2 connection with Auth0, see our [Connect Apps to Generic OAuth2 Authorization Servers documentation](https://auth0.com/docs/authenticate/identity-providers/social-identity-providers/oauth2).
 
-## Configure Token Vault
+## Configure Connected Accounts
 
-After creating the connection, at the bottom of the connection settings in the **Advanced** section enable the **Enable Token Vault** toggle. This will allow your connection to retrieve and store access tokens for third-party APIs.
+After creating the connection, in the **Purpose** section, toggle on **Use for Connected Accounts**. This allows your connection to retrieve and securely store access tokens for external APIs. To learn more, read [Connected Accounts for Token Vault](https://auth0.com/docs/secure/tokens/token-vault/connected-accounts-for-token-vault).
 
 <LearnMore />

auth4genai/integrations/slack.mdx

@@ -61,10 +61,9 @@ The Sign in with Slack integration is ideal for AI agents that need to participa
         Slack OAuth app you created.
       </li>
       <li>
-        In **Advanced**, toggle **Enable Token Vault**. This allows the
-        connection to retrieve and store access tokens for third-party APIs
-        securely. To learn more, read [Configure Token
-        Vault](https://auth0.com/docs/secure/tokens/token-vault/configure-token-vault).
+        In **Purpose**, toggle **Use for Connected Accounts**. This allows the
+        connection to retrieve and securely store access tokens for external APIs
+        . To learn more, read [Configure Connected Accounts for Token Vault](https://auth0.com/docs/secure/tokens/token-vault/connected-accounts-for-token-vault).
       </li>
       <li>Click **Create**.</li>
       <li>

auth4genai/intro/account-linking.mdx

@@ -7,50 +7,29 @@ description: "Account linking in Auth0 allows a user to connect multiple identit
 
 For AI agents that need to act on a user's behalf, account linking is critical. An agent might need to access a user's calendar via their Google account and their code repositories through their GitHub account. Without account linking, the agent would see these as two separate users.
 
-By linking these accounts, your AI agents have a holistic view of the user. This unified profile is essential for Token Vault to retrieve the correct tokens for the various external services the agent needs to call. When an agent requests to access a third-party API, account linking ensures that Auth0 can associate that request with the current user and their authorized connections.
+By linking these accounts, your AI agents have a holistic view of the user. This unified profile is essential for Token Vault to retrieve the correct tokens for the various external services the agent needs to call. When an agent requests to access an external API, account linking ensures that Auth0 can associate that request with the current user and their authorized connections.
 
-### How it works
-
-The account linking process merges two user profiles into a primary and a secondary account. The user_id and core profile properties of the primary account are retained, and the secondary account's identity is added to the primary profile's identities array. Multiple secondary accounts can be added to a primary account by linking.
-
-There are two primary methods for implementing account linking:
+[Connected Accounts for Token Vault](https://auth0.com/docs/secure/tokens/token-vault/connected-accounts-for-token-vault) enables a unified Auth0 user profile to be linked to multiple external accounts, such as Google, GitHub, or Slack, where users can log in to any one of their accounts using a single set of credentials.
 
-- [**User-initiated account linking (client-side)**](https://auth0.com/docs/manage-users/user-accounts/user-account-linking/user-initiated-account-linking-client-side-implementation)**:** In this scenario, the user explicitly chooses to link their accounts through a settings page or a similar interface within your application. This is a common pattern and is the recommended approach for many AI agent use cases.
-- [**Suggested account linking (server-side)**](https://auth0.com/docs/manage-users/user-accounts/user-account-linking/suggested-account-linking-server-side-implementation)**:** This approach identifies users with the same verified email address across different connections and prompts them to link their accounts. This is typically handled in a regular web application where server-side code can query the Auth0 Management API to find potential accounts to link. This can also be done using the [Account Link Extension](https://auth0.com/docs/customize/extensions/account-link-extension).
-
-### Client-initiated account linking for AI agents
-
-**Client-initiated account linking** is a new option that provides a seamless way for users to grant AI agents access to different services. When an AI agent needs to access a new service (e.g., Google Calendar) for which it doesn't have a token, the application can trigger the account linking flow.
+### How it works
 
-<Frame>
-  ![Client-initiated account linking
-  flow](/img/client_initiated_account_linking.png)
-</Frame>
+Once a user successfully connects and authorizes access to a supported external provider, Auth0 adds: 
 
-The key steps are:
+- The account on the user profile, now known as a connected account.
+- The external provider’s access and refresh tokens for that connected account to the [Token Vault](/intro/token-vault).
 
-<Steps>
-  <Step title="Trigger the flow">
-    The client application initiates the flow when an agent needs access to a
-    new external provider.
-  </Step>
-  <Step title="User authentication">
-    The user is prompted to log in with the new account they wish to link.
-  </Step>
-  <Step title="Token exchange and linking">
-    Auth0 handles the authentication with the new provider and, upon successful
-    login, links the new identity to the user's primary profile.
-  </Step>
-  <Step title="Token retrieval">
-    With the accounts now linked, your application can use Token Vault to
-    retrieve an access token for the newly connected service to use for API
-    calls.
-  </Step>
-</Steps>
+Auth0 adds an account to the user profile using the [Connected Accounts flow](https://auth0.com/docs/secure/tokens/token-vault/connected-accounts-for-token-vault). When a user logs in via a supported external provider through Auth0, they initiate a Connected Accounts request from the client application: 
 
-This process ensures that the user maintains control and explicitly grants permission for each new service the agent needs to access, enhancing security and trust.
+1. The client application makes a `POST` request to the `/connected-accounts` endpoint, passing scopes in `authorization_parameters` to send to the external provider.
+2. Auth0 creates a unique session ID and URL that redirects the user to a web browser. The client application saves the session ID for later verification.
+3. The client application redirects the user to URL, which opens in a browser, for user authentication and authorization with the Auth0.
+4. The user connects and authorizes the permissions for the connection in the consent screen. 
+5. After the user successfully authorizes the connection, the external provider redirects the user to Auth0, which redirects the user to the client application using the `redirect_uri` with a single-use code. 
+6. The client application presents the `connect_code` and the original session ID to Auth0 by making a `POST` request to the `/connected-accounts/complete` endpoint.
+7. After successful validation, Auth0 adds the account to the `connected_accounts` array on the user profile and stores the access and refresh tokens for the connected account in the Token Vault.
+8. Auth0 completes the flow by sending a 200 status code back to the client application, indicating that the account was successfully connected. 
 
-For a detailed guide on implementing this flow, please refer to the [Client-Initiated Account Linking Guide](/guides/client-initiated-account-linking).
+Once Auth0 successfully adds the connected account to the user profile, the client application can fetch the tokens needed to call the external API associated with the connected account on the user's behalf.
 
 ## Get started
 
@@ -67,35 +46,12 @@ To begin using Auth0 Token Vault with your AI agents, refer to the following res
   />
 </Columns>
 
-### Guides
-
-<Columns cols={2}>
-  <Card
-    title="Client-Initiated Account Linking Guide"
-    href="/guides/client-initiated-account-linking"
-    icon="link"
-    horizontal
-  />
-</Columns>
-
 ### Learn more
 
 <Columns cols={2}>
   <Card
-    title="User Account Linking"
-    href="https://auth0.com/docs/manage-users/user-accounts/user-account-linking"
-    icon="user"
-    horizontal
-  />
-  <Card
-    title="User-Initiated Account Linking: Client-Side Implementation"
-    href="https://auth0.com/docs/manage-users/user-accounts/user-account-linking/user-initiated-account-linking-client-side-implementation"
-    icon="user"
-    horizontal
-  />
-  <Card
-    title="User Account Linking: Server-Side Implementation"
-    href="https://auth0.com/docs/manage-users/user-accounts/user-account-linking/suggested-account-linking-server-side-implementation"
+    title="Connected Accounts for Token Vault"
+    href="https://auth0.com/docs/secure/tokens/token-vault/connected-accounts-for-token-vault"
     icon="user"
     horizontal
   />

auth4genai/intro/integrations.mdx

@@ -62,9 +62,9 @@ To enable your AI agents to call APIs on a user’s behalf, you will need to:
     (permissions) your application requires to access the user's data from the
     third-party API.
   </Step>
-  <Step title="Enable Token Vault on the Connection">
-    Scroll down to the end of the page to the **Advanced** section and toggle
-    **Enable Token Vault** and save the Connection.
+  <Step title="Enable Connected Accounts for Token Vault on the Connection">
+    In the **Purpose** section, toggle on 
+    **Use for Connected Accounts** and save the Connection. To learn more, read [Connected Accounts for Token Vault](https://auth0.com/docs/secure/tokens/token-vault/connected-accounts-for-token-vault).
   </Step>
   <Step title="Enable the Connection for your application">
     Ensure that the newly configured Connection is enabled for the Auth0