[Release] v3.1.5-beta (#172 )

chore: update package versions to 3.1.5-beta across all apps
refactor: improve file download handling and memory management (#171 )
2025-10-23 06:11:58 +00:00 · 2025-07-22 01:09:27 -03:00 · 2025-07-22 00:36:11 -03:00 · 2025-07-22 00:28:43 -03:00 · 2025-07-22 00:24:47 -03:00 · 2025-07-21 18:42:28 -03:00
835 changed files with 45467 additions and 25698 deletions
--- a/.dockerignore
+++ b/.dockerignore
@@ -62,9 +62,9 @@ docker-compose*

 # Storage directories (created at runtime)
 uploads/
-temp-chunks/
+temp-uploads/
 apps/server/uploads/
-apps/server/temp-chunks/
+apps/server/temp-uploads/

 # Static files
 apps/server/prisma/*.db
--- a/.github/pull_request_template.md
+++ b/.github/pull_request_template.md
@@ -0,0 +1,56 @@
+## **🎯 Please make sure you are opening this Pull Request against the `next` branch!**
+
+## 📝 Description
+
+Please provide a clear and concise description of the changes introduced by this pull request.
+
+## 🔗 Related Issue(s)
+
+If this PR fixes or relates to an issue, please link it here (e.g., `Closes #123`).
+
+## 💡 Motivation and Context
+
+Why is this change required? What problem does it solve?
+
+## 🤖 Use of Artificial Intelligence (AI)
+
+The use of AI tools is absolutely welcome and not an issue. For transparency and continuous improvement, please answer the following:
+
+- Did you use any AI tools (such as GitHub Copilot, ChatGPT, etc.) to help develop this PR?
+    - [ ] No, this PR was developed without the assistance of AI tools.
+    - [ ] Yes, AI tools assisted in the development of this PR (please specify which ones and how they were used):
+        - Tool(s) used:
+        - Brief description of how AI contributed:
+- Was this PR generated entirely by an AI tool (i.e., with minimal human intervention)?  
+    - [ ] No  
+    - [ ] Yes (please provide details):
+
+## 🧪 How Has This Been Tested?
+
+Please describe the tests that you ran to verify your changes. Include details about your test environment, and the test cases you ran.
+
+## 📸 Screenshots (if appropriate)
+
+Add any relevant screenshots to help explain your changes.
+
+## 🔄 Types of Changes
+
+Check the relevant option(s) below:
+
+- [ ] 🐛 Bug fix (non-breaking change which fixes an issue)
+- [ ] ✨ New feature (non-breaking change which adds functionality)
+- [ ] ⚠️ Breaking change (fix or feature that would cause existing functionality to change)
+- [ ] 📚 Documentation update
+
+## ✅ Checklist
+
+- [ ] My code follows the code style of this project
+- [ ] I have performed a self-review of my code
+- [ ] I have commented my code, particularly in hard-to-understand areas
+- [ ] I have added tests that prove my fix is effective or that my feature works
+- [ ] I have added necessary documentation (if appropriate)
+- [ ] I have rebased and/or merged on top of the latest `next` branch
+
+---
+
+🙏 Thank you for your contribution!
--- a/.gitignore
+++ b/.gitignore
@@ -30,4 +30,7 @@ apps/server/dist/*

 #DEFAULT
 .env
+.steering
 data/
+
+node_modules/
--- a/.husky/pre-push
+++ b/.husky/pre-push
@@ -0,0 +1,12 @@
+echo "🔍 Running pre-push validation for all apps..."
+
+echo "📱 Validating web app..."
+cd apps/web && pnpm validate
+
+echo "📚 Validating docs app..."
+cd ../docs && pnpm validate
+
+echo "🖥️ Validating server app..."
+cd ../server && pnpm validate
+
+echo "✅ All validations passed!" 
--- a/6
+++ b/6
@@ -133,15 +133,15 @@ set -e
 echo "Starting Palmr Application..."
 echo "Storage Mode: \${ENABLE_S3:-false}"
 echo "Secure Site: \${SECURE_SITE:-false}"
+echo "Encryption: \${DISABLE_FILESYSTEM_ENCRYPTION:-false}"
 echo "Database: SQLite"

 # Set global environment variables
 export DATABASE_URL="file:/app/server/prisma/palmr.db"
-export UPLOAD_PATH="/app/server/uploads"
-export TEMP_CHUNKS_PATH="/app/server/temp-chunks"
+export NEXT_PUBLIC_DEFAULT_LANGUAGE=\${DEFAULT_LANGUAGE:-en-US}

 # Ensure /app/server directory exists for bind mounts
-mkdir -p /app/server/uploads /app/server/temp-chunks /app/server/uploads/logo /app/server/prisma
+mkdir -p /app/server/uploads /app/server/temp-uploads /app/server/prisma

 echo "Data directories ready for first run..."

--- a/31
+++ b/31
@@ -1,24 +1,41 @@
-.PHONY: help build start clean logs stop restart
+.PHONY: help build start clean logs stop restart update-version

 # Default target
 help:
 	@echo "🚀 Palmr - Available Commands:"
 	@echo ""
-	@echo "  make build     - Build Docker image with multi-platform support"
-	@echo "  make start     - Start the application using docker-compose"
-	@echo "  make stop      - Stop all running containers"
-	@echo "  make logs      - Show application logs"
-	@echo "  make clean     - Clean up containers and images"
-	@echo "  make shell     - Access the application container shell"
+	@echo "  make build         - Build Docker image with multi-platform support"
+	@echo "  make update-version - Update version in all package.json files"
+	@echo "  make start         - Start the application using docker-compose"
+	@echo "  make stop          - Stop all running containers"
+	@echo "  make logs          - Show application logs"
+	@echo "  make clean         - Clean up containers and images"
+	@echo "  make shell         - Access the application container shell"
 	@echo ""
 	@echo "📁 Scripts location: ./infra/"

 # Build Docker image using the build script
 build:
 	@echo "🏗️  Building Palmr Docker image..."
+	@echo "📝 This will update version numbers in all package.json files before building"
+	@echo ""
+	@chmod +x ./infra/update-versions.sh
 	@chmod +x ./infra/build-docker.sh
+	@echo "🔄 Starting build process..."
 	@./infra/build-docker.sh

+# Update version in all package.json files
+update-version:
+	@echo "🔄 Updating version numbers..."
+	@echo "🏷️  Please enter the new version (e.g., v3.0.0, 3.0-beta):"
+	@read -p "Version: " VERSION; \
+	if [ -z "$$VERSION" ]; then \
+		echo "❌ Error: Version cannot be empty"; \
+		exit 1; \
+	fi; \
+	chmod +x ./infra/update-versions.sh; \
+	./infra/update-versions.sh "$$VERSION"
+
 # Start the application
 start:
 	@echo "🚀 Starting Palmr application..."
--- a/apps/docs/.eslintrc.json
+++ b/apps/docs/.eslintrc.json
@@ -1,3 +0,0 @@
-{
-  "extends": ["next/core-web-vitals", "next/typescript"]
-}
--- a/apps/docs/.prettierignore
+++ b/apps/docs/.prettierignore
@@ -0,0 +1,4 @@
+/node_modules
+/.next
+/out
+/build 
--- a/apps/docs/.prettierrc.json
+++ b/apps/docs/.prettierrc.json
@@ -0,0 +1,16 @@
+{
+  "importOrder": [
+    "^(react/(.*)$)|^(react$)",
+    "^(next/(.*)$)|^(next$)",
+    "<THIRD_PARTY_MODULES>",
+    "",
+    "^@/(.*)$",
+    "^[./]"
+  ],
+  "importOrderParserPlugins": ["typescript", "jsx", "decorators-legacy"],
+  "plugins": ["@ianvs/prettier-plugin-sort-imports", "prettier-plugin-sort-json"],
+  "printWidth": 120,
+  "singleQuote": false,
+  "tabWidth": 2,
+  "trailingComma": "es5"
+}
--- a/apps/docs/components.json
+++ b/apps/docs/components.json
@@ -1,15 +1,5 @@
 {
  "$schema": "https://ui.shadcn.com/schema.json",
-  "style": "new-york",
-  "rsc": true,
-  "tsx": true,
-  "tailwind": {
-    "config": "",
-    "css": "src/app/global.css",
-    "baseColor": "neutral",
-    "cssVariables": true,
-    "prefix": ""
-  },
  "aliases": {
    "components": "@/components",
    "utils": "@/lib/utils",
@@ -17,5 +7,15 @@
    "lib": "@/lib",
    "hooks": "@/hooks"
  },
-  "iconLibrary": "lucide"
+  "iconLibrary": "lucide",
+  "rsc": true,
+  "style": "new-york",
+  "tailwind": {
+    "config": "",
+    "css": "src/app/global.css",
+    "baseColor": "neutral",
+    "cssVariables": true,
+    "prefix": ""
+  },
+  "tsx": true
 }
--- a/apps/docs/content/docs/1.1.7-beta/api.md
+++ b/apps/docs/content/docs/1.1.7-beta/api.md
@@ -1,50 +0,0 @@
---
-title: API Endpoints
---
-
-Palmr. provides a **highly documented and typed API** that can be accessed at:  
-
- **In a production environment:** `{your_server_domain}/docs`  
- **In a local environment:** [http://localhost:3333/docs](http://localhost:3333/docs)  
-
-The API documentation is powered by **Scalar** ([https://scalar.com](https://scalar.com)), which offers a fully interactive interface for testing all the available requests within Palmr. Below is an example screenshot of the API documentation interface:  
-
-![Palmr API Documentation](/assets/v1/api-docs/scalar.png)  
-
---  
-
-### Accessing the API Documentation  
-
-We do **not provide an online version** of the API documentation because it may change depending on the specific version of Palmr. you are using. Therefore, we recommend checking the documentation only after starting your API service. The API service corresponds to the **server** within the official Palmr. GitHub repository.  
-
---  
-
-### Scalar-Based Documentation  
-
-We recommend using **Scalar** for querying and testing the API because the system was designed with Scalar in mind. Scalar offers an intuitive and interactive environment for exploring endpoints, sending requests, and viewing responses directly within the interface.  
-
---  
-
-### Swagger-Based Documentation  
-
-If you prefer not to use Scalar or are more comfortable with an alternative tool, a **Swagger-based version** of the documentation is also available. 
-
-![Palmr API Documentation](/assets/v1/api-docs/swagger.png)  
-
-You can access it at:  
-
- **In a production environment:** `{your_server_domain}/swagger`  
- **In a local environment:** [http://localhost:3333/swagger](http://localhost:3333/swagger)  
-
-Both the Scalar and Swagger versions contain the same endpoints and are documented at a level sufficient for testing and integrating with other systems.  
-
---
-
-Both options ensure that you have all the necessary tools and information to integrate Palmr. with your systems or third-party services effectively.  
-
-### Useful Links  
-
-Here are some useful links related to Palmr.'s API and its components:  
-
- [Scalar Official Website](https://scalar.com)  
- [Swagger Official Website](https://swagger.io)
--- a/apps/docs/content/docs/1.1.7-beta/architecture.md
+++ b/apps/docs/content/docs/1.1.7-beta/architecture.md
@@ -1,54 +0,0 @@
---
-title: Architecture of Palmr.
---
-
-##### Overview of the core architecture components of Palmr.  
-  
-
-Understanding the architecture of Palmr. is crucial for both deploying and scaling the application. Below is a diagram illustrating the main components:
-
-![Palmr Banner](/assets/v1/general/architecture.png)
-
-## **Technologies Used**  
-
-Each component in the Palmr. architecture plays a vital role in ensuring reliability, performance, and scalability:  
-
-### **PostgreSQL**  
-Palmr. uses **PostgreSQL** as the primary database solution. It provides reliable and secure data storage, ensuring consistency and high performance for all database operations. PostgreSQL's powerful indexing, query optimization, and support for complex data types make it an ideal choice for handling large amounts of data.  
-
-### **React + TypeScript + Vite**  
-The frontend of Palmr. is built using **React** and **TypeScript**, bundled with **Vite** for fast development and optimized builds.  
- **React** enables the creation of a dynamic and responsive user interface with a component-based architecture.  
- **TypeScript** adds static typing, enhancing code quality and reducing runtime errors.  
- **Vite** provides a fast and efficient development environment with hot module replacement (HMR) and optimized production builds.  
-
-### **MinIO**  
-Palmr. uses **MinIO** for object storage. MinIO is a high-performance, S3-compatible object storage solution designed for large-scale data infrastructure.  
- Supports high-throughput file storage and retrieval.  
- Ensures data integrity and redundancy.  
- Compatible with AWS S3 APIs, making integration seamless.  
-
-### **Fastify**  
-The backend of Palmr. is powered by **Fastify**, a high-performance, low-overhead web framework for Node.js.  
- Provides fast request handling with a lightweight core.  
- Built-in schema-based validation for secure and reliable API handling.  
- Supports plugin-based architecture for easy extensibility.  
-
-### **How It Works**  
-1. **Frontend** — React + TypeScript + Vite handle the user interface and user interactions.  
-2. **Backend** — Fastify processes requests and communicates with the database and storage layers.  
-3. **Database** — PostgreSQL stores metadata and transactional data.  
-4. **Object Storage** — MinIO stores the actual files and ensures scalable, high-performance storage.  
-
---
-
-### **Useful Links**
- [PostgreSQL Documentation](https://www.postgresql.org/docs/)
- [React Documentation](https://react.dev/)
- [TypeScript Handbook](https://www.typescriptlang.org/docs/)
- [Vite Guide](https://vitejs.dev/guide/)
- [MinIO Documentation](https://min.io/docs/minio/container/index.html)
- [Fastify Documentation](https://fastify.dev/docs/latest/)
-
---
-
--- a/apps/docs/content/docs/1.1.7-beta/available-languages.md
+++ b/apps/docs/content/docs/1.1.7-beta/available-languages.md
@@ -1,48 +0,0 @@
---
-title: Available languages
---
-
-The project uses i18next for internationalization (i18n) support. The language detection is handled automatically through i18next-browser-languagedetector .
-
-### Available Languages in Palmr.
----
-
-##### 1. 🇺🇸 English (en-US)
-##### 2. 🇧🇷 Portuguese (pt-BR)
-##### 3. 🇫🇷 French (fr-FR)
-##### 4. 🇪🇸 Spanish (es-ES)
-##### 5. 🇩🇪 German (de-DE)
-##### 6. 🇷🇺 Russian (ru-RU)
-##### 7. 🇮🇳 Hindi (hi-IN)
-##### 8. 🇸🇦 Arabic (ar-SA)
-##### 9. 🇯🇵 Japanese (ja-JP)
-##### 10. 🇰🇷 Korean (ko-KR)
-##### 11. 🇹🇷 Turkish (tr-TR)
-##### 12. 🇨🇳 Chinese (zh-CN)
-
-</br>
-
-### Language Selection
-##### The language can be changed in two ways:
-
-#### 1. Automatic Detection
-   
-   - The application automatically detects the user's browser language
-   - Uses the browser's language settings as the initial language
-
-#### 2. Manual Selection
-
-![Palmr Profile Menu](/assets/v1/main/language/language-selector.png)
-   
-   - Users can manually switch languages through the language selector in the UI
-   - Language preference is saved in the browser's localStorage
-
-### Default Language
-##### English (en-US) is set as the fallback language.
-</br>
-
-### Language Detection
-The application automatically detects the user's browser language and sets it as the initial language. Users can manually change the language using the language switcher in the interface (globe icon in the navigation bar).
-
-### RTL Support
-The application includes special handling for right-to-left (RTL) languages, specifically for Arabic (ar-SA).
--- a/apps/docs/content/docs/1.1.7-beta/configuring-smtp.md
+++ b/apps/docs/content/docs/1.1.7-beta/configuring-smtp.md
@@ -1,67 +0,0 @@
---
-title: Configuring SMTP
---
-
-For Palmr to function with all its best features, we need to configure our email server. To make this easier, there is a built-in configuration panel inside **Settings** in Palmr. However, only users with an **ADMIN** profile can access and configure these settings.
-
-## Why Configure SMTP?
-
-The main functionalities that depend on SMTP configuration are:
- **Password Reset** – Users who forget their password and cannot access the **Settings** panel need this feature.
- **Email Notifications** – Recipients will receive emails when new shares are sent to them.
-
-Now, let's go through the step-by-step process to configure the **SMTP Server**.
-
---
-
-## Accessing SMTP Settings
-
-To access **Settings**, an **ADMIN** user must click on the profile picture in the **header** and select **Settings** from the dropdown menu.
-
-![Dropdown Menu](/assets/v1/main/smtp/dropdown-menu.png)
-
-Once inside the **Settings** panel, click on the **Email** card to expand the SMTP configuration options.
-
-![Closed Settings Card](/assets/v1/main/smtp/closed-card.png)
-
-After expanding the card, the following SMTP configuration fields will appear:
-
-![Opened Settings Card](/assets/v1/main/smtp/opened-card.png)
-
---
-
-## Configuring SMTP Server
-
-The first step is to **enable SMTP** by selecting "Yes" in the **SMTP Enabled** field.
-
-![SMTP Enabled](/assets/v1/main/smtp/smtp-enabled.png)
-
-Once SMTP is enabled, you can configure the other necessary fields:
-
- **Sender Name** – This will appear as the sender’s name in emails. (Example: "Palmr")
- **Sender Email** – The email address from which notifications will be sent. (Example: "noreply@palmr.app")
- **SMTP Server** – The SMTP server address. You can use any email service provider. For Gmail, use `smtp.gmail.com` (this is the recommended option and set as default).
- **SMTP Port** – The server port. For Gmail, the standard port is **587**.
- **SMTP Username** – The username for the SMTP server. For Gmail, enter your email address.
- **SMTP Password** – The SMTP password. (Generate an App Password for Gmail)
-
-> **Important:** If using **Gmail**, you need to generate an **App Password** instead of using your standard email password.
-> For other email services, consult the official documentation of the service provider you are using. We recommend using Gmail for simplicity and limits the number of emails sent.
-
---
-
-## Generating a Gmail App Password
-
-To generate an App Password for Gmail:
-1. Go to [Google My Account](https://myaccount.google.com/).
-2. Select **Security**.
-3. Scroll down to **App Passwords**.
-4. Generate a new password specifically for Palmr.
-
-For a complete guide, refer to: **[How to set up SMTP credentials with Gmail](https://medium.com/rails-to-rescue/how-to-set-up-smtp-credentials-with-gmail-for-your-app-send-email-cf236d11087d)**.
-
---
-
-## Finalizing SMTP Configuration
-
-After entering the correct information, save the settings. Palmr is now ready to send emails for password resets and share notifications!
--- a/apps/docs/content/docs/1.1.7-beta/contribute.md
+++ b/apps/docs/content/docs/1.1.7-beta/contribute.md
@@ -1,161 +0,0 @@
---
-title: How to Contribute
---
-
-Thank you for your interest in contributing to the **Palmr.** project! Contributions are what make the open-source community such an amazing place to learn, inspire, and create. This guide will walk you through the process of contributing to Palmr.
-
---
-
-### Step 1: Log in to GitHub
-
-Before you can contribute, you need to be logged into your GitHub account. If you don't have an account yet, you can sign up for free at **[GitHub](https://github.com/)**.
-
---
-
-### Step 2: Go to the Palmr Repository
-
-Once you're logged in, go to the Palmr repository by clicking on this link: **[https://github.com/kyantech/Palmr](https://github.com/kyantech/Palmr)**.
-
-Alternatively, you can search for "Palmr" in the GitHub search bar and click on the repository owned by **kyantech**.
-
---
-
-### Step 3: Fork the Repository
-
-To contribute to the project, you’ll need to create your own copy of the repository. This is called a **fork**. Here’s how to do it:
-1. Click the **Fork** button at the top right of the repository page.
-2. This will create a copy of the repository under your GitHub account.
-
---
-
-### Step 4: Clone Your Forked Repository
-
-Next, you’ll need to clone your forked repository to your local machine. Here’s how:
-1. On your forked repository page, click the **Code** button.
-2. Copy the repository URL (HTTPS or SSH).
-3. Open your terminal or command prompt and run the following command to clone the repository:
-
-   ```bash 
-   git clone <repository-url>
-   ```
-4. Navigate into the cloned directory:
-
-   ```bash
-   cd Palmr
-   ```
-
---
-
-### Step 5: Set Up the `next` Branch as the Base
-
-Before making changes, ensure your local repository is set up to track the `next` branch from the original Palmr repository. Here’s how:
-1. Add the original Palmr repository as a remote:
-
-   ```bash
-   git remote add upstream https://github.com/kyantech/Palmr.git
-   ```
-2. Fetch the latest changes from the `next` branch:
-
-   ```bash
-   git fetch upstream next
-   ```
-
-3. Create a new branch for your contribution based on `upstream/next`:
-
-   ```bash
-   git checkout -b your-branch-name upstream/next
-   ```
-
---
-
-### Step 6: Make Your Changes
-
-Now you’re ready to make your contributions! This could include:
- Fixing a bug
- Adding a new feature
- Improving documentation
- Writing tests
-
-Make your changes in your local repository using your preferred code editor.
-
---
-
-### Step 7: Commit Your Changes Using Conventional Commits
-
-Once you’ve made your changes, commit them to your branch using **Conventional Commits**. Conventional Commits help maintain a clean and consistent commit history. Here’s how to format your commit messages:
-
-#### Commit Message Format:
-`<type>(<scope>): <description>`
-
-#### Examples:
- `feat: add user authentication`
- `fix(api): resolve null pointer exception`
- `docs: update README file`
- `chore: update dependencies`
-
-#### Steps to Commit:
-1. Stage your changes:
-
-  ```bash
-  git add .
-  ```
-2. Commit your changes with a properly formatted message:
-
-  ```bash
-  git commit -m "feat: add new feature for user profiles"
-  ```
-
---
-
-### Step 8: Push Your Changes to GitHub
-
-After committing your changes, push them to your forked repository on GitHub:
-
-```bash
-git push origin your-branch-name
-```
-
---
-
-### Step 9: Open a Pull Request to the `next` Branch
-
-Now that your changes are on GitHub, you can open a **Pull Request (PR)** to propose your changes to the `next` branch of the Palmr repository. Here’s how:
-1. Go to your forked repository on GitHub.
-2. Click the **Pull Request** button.
-3. On the PR creation page:
-   - Set the **base repository** to `kyantech/Palmr`.
-   - Set the **base branch** to `next`.
-   - Set the **head repository** to your forked repository.
-   - Set the **compare branch** to your branch (`your-branch-name`).
-4. Fill out the PR form with a clear title and description of your changes.
-5. Click **Create Pull Request**.
-
---
-
-### Step 10: Wait for Review
-
-Once your PR is submitted, the maintainers will review your changes. They may provide feedback or request additional changes. Be sure to respond to their comments and make any necessary updates.
-
---
-
-### Tips for Contributing
-
-To ensure your contribution is accepted, follow these tips:
- **Use Conventional Commits**: Write clear and consistent commit messages using the Conventional Commits format.
- **Keep Your PRs Small**: Focus on one issue or feature per PR to make it easier to review.
- **Be Patient**: Maintainers are often volunteers and may take some time to review your PR.
-
---
-
-### Why Contributing is Important
-
-Contributing to open-source projects like Palmr has many benefits:
-1. **Improves the Project**: Your contributions help make the project better for everyone.
-2. **Builds Your Skills**: You’ll gain experience working with Git, GitHub, and collaborative coding.
-3. **Supports the Community**: Open-source thrives on community contributions. Your work helps sustain the project.
-
---
-
-### Conclusion
-
-That's it! You've successfully contributed to the **🌴 Palmr.** project on GitHub. Thank you for your time and effort in making Palmr better for everyone. We appreciate your contribution! 
--- a/apps/docs/content/docs/1.1.7-beta/generate-share.md
+++ b/apps/docs/content/docs/1.1.7-beta/generate-share.md
@@ -1,128 +0,0 @@
---
-title: Creating a share
---
-
-To create a share in Palmr, the process is very intuitive and self-explanatory. There are multiple ways to create a share, but the most straightforward method is through the **Home Page**, specifically in the **Recent Shares** section.
-
-## Home Page
-
-On the home page, there is a **"Recent Shares"** section. When no shares have been created yet, this section will appear as follows:
-
-![Recent Shares Section](/assets/v1/main/shares/share-section.png)
-
-Since no shares exist yet, you will see a **"Create Share"** button prominently displayed.
-
-![Create Share Button](/assets/v1/main/shares/create-first-share.png)
-
-> **Note:** You don’t need to upload files to create a share! Yes, it’s entirely possible to create a share without adding any files. While this might not make sense in every scenario, some users and use cases find this feature highly valuable.
-
-As mentioned above, shares in Palmr are created first with their settings, and then files can be added later. You can also edit a share at any time.
-
-To create a share, simply click the **"Create Share"** button in the center of the **Recent Shares** section. Doing so will open the following **Create Share** modal:
-
-![Create Share Modal](/assets/v1/main/shares/create-share-modal.png)
-
-Fill in the required information in the modal. The fields **Expiration Date**, **Max Views**, and **Password** are optional but significantly impact how the share functions for recipients:
- **Password:** If set, the recipient must enter the correct password to access the share.
- **Max Views:** If the limit is reached, the share will no longer be accessible unless the creator increases or removes the limit.
- **Expiration Date:** After the expiration date, the share will automatically be disabled unless extended by the creator.
-
-Even the **name** field is optional, but we recommend setting a name for better organization.
-
-Once a share is created, the **Recent Shares** section updates to display a table with the following fields:
-
- **Name**
- **Created At**
- **Expires At**
- **Status**
- **Security**
- **Files**
- **Recipients**
- **Actions**
-
-![Shares Table](/assets/v1/main/shares/shares-table.png)
-
-To create additional shares, a **"New Share"** button appears in the upper right corner of the **Recent Shares** section.
-
-![New Share Button](/assets/v1/main/shares/new-share-btn.png)
-
-Clicking this button will reopen the **Create Share** modal.
-
-The **Recent Shares** section displays only the **last 5 shares**. To view all created shares, click the **"View All"** button.
-
-![Shares Filled](/assets/v1/main/shares/recent-shares-filled.png)
-
-![View All Button](/assets/v1/main/shares/view-all-button.png)
-
-Clicking this redirects you to the **Shares Management** page.
-
-![Shares Management Page](/assets/v1/main/shares/my-shares-page.png)
-
-Another way to access the **Shares Management** page is by clicking the **"My Shares"** card on the home page.
-
-![My Shares Card](/assets/v1/main/shares/my-shares-card.png)
-
---
-
-## Shares Management Page
-
-The **Shares Management** page is similar to the **Uploads Management** page, but here, you can **add, remove, edit, and view all created shares** without the limitation of only displaying the last 5 shares.
-
-##### Each share has an **Actions** column with the following options:
-
-![Actions Column](/assets/v1/main/shares/actions-column.png)
-
-## Edit Share
-
-Clicking the **Edit** button allows you to modify the share details.
-
-![Edit Share Modal](/assets/v1/main/shares/edit-share-modal.png)
-
-## Manage Files
-
-Clicking the **Manage Files** button lets you add or remove files from the share.
-
-![Manage Files Modal](/assets/v1/main/shares/manage-files-modal.png)
-
-## Manage Recipients
-
-Clicking the **Manage Recipients** button lets you add or remove recipients for the share.
-
-> **Note:** Email notifications will only be sent if SMTP settings are properly configured in the system.
-
-![Manage Recipients Modal](/assets/v1/main/shares/manage-recipients-modal.png)
-
-## View Share Details
-
-Clicking **View Details** lets you see all details of a share.
-
-![View Details Modal](/assets/v1/main/shares/share-details-modal.png)
-
-## Generate Share Link
-
-Clicking the **Generate Link** button creates a shareable link, which can be customized.
-
-![Generate Link Modal](/assets/v1/main/shares/generate-share-link-modal.png)
-
-Once generated, you can view and copy the link.
-
-![Copy Link Modal](/assets/v1/main/shares/copy-link-modal.png)
-
-The generated link can be edited or copied from a dropdown menu.
-
-![Edit or Copy Link Dropdown](/assets/v1/main/shares/dropdown-with-copy.png)
-
-When the generated link is accessed, the recipient can **view and download** the shared files.
-
-![Shared Page Preview](/assets/v1/main/shares/share-screen.png)
-
-## Delete Share
-
-Clicking the **Delete** button allows you to permanently remove a share.
-![Delete Share Modal](/assets/v1/main/shares/delete-share-modal.png)
-
---
-
-## Summary
-
-Palmr’s share creation process is intuitive and flexible. You can create a share without files, edit share settings, manage recipients, and generate shareable links. The **Shares Management** page provides a full overview of all shares, ensuring you have complete control over your file-sharing process.
--- a/apps/docs/content/docs/1.1.7-beta/gh-sponsor.md
+++ b/apps/docs/content/docs/1.1.7-beta/gh-sponsor.md
@@ -1,77 +0,0 @@
---
-title: Github Sponsors
---
-
-Sponsoring a project on GitHub is a powerful way to support its development and ensure its long-term sustainability. This tutorial will guide you through the process of sponsoring the **Palmr.** project on GitHub using GitHub Sponsors.
-
---
-
-### Step 1: Log in to GitHub
-
-Before you can star a project, you need to be logged into your GitHub account. If you don't have an account yet, you can sign up for free at [GitHub](https://github.com/).
-
---
-
-### Step 2: Go to the Palmr. Repository
-
-Once you're logged in, go to the Palmr. repository by clicking on this link: [https://github.com/kyantech/Palmr](https://github.com/kyantech/Palmr).
-
-Alternatively, you can search for "Palmr" in the GitHub search bar and click on the repository owned by **Kyantech**.
-
---
-
-### Step 3: Click on the "Sponsor" Button
-
-On the Palmr repository page, you'll see a "Sponsor" button at the top right corner of the page. Click this button to proceed.
-
-![Palmr Profile Menu](/assets/v1/sponsor/sponsor-btn.png)
-
---
-
-### Step 4: Choose a Custom Sponsorship Amount
-
-GitHub Sponsors allows you to sponsor the project with a **custom amount starting at $1**. Here's how to do it:
-1. On the sponsorship page, look for the option to **enter a custom amount**.
-2. Type in the amount you'd like to sponsor (e.g., $1, $5, $10, or any amount you choose).
-3. Select the billing frequency (monthly or one-time).
-
-![Palmr Profile Menu](/assets/v1/sponsor/sponsor-page.png)
-
-
---
-
-### Step 5: Complete the Sponsorship
-
-After entering your custom amount and selecting the billing frequency, you'll be prompted to enter your payment details. Follow the instructions to complete the sponsorship process. Once done, you'll officially be a sponsor of the Palmr project!
-
---
-
-### Why Sponsoring is Important for Project Development
-
-Sponsoring a project goes beyond starring—it provides direct financial support to the developers, enabling them to focus on improving and maintaining the project. Here's why sponsoring is so important:
-
-#### 1. **Supports Sustainability**
-   - Sponsoring helps ensure the long-term sustainability of the project by providing developers with the resources they need to continue their work.
-
-#### 2. **Encourages Innovation**
-   - Financial support allows developers to experiment, innovate, and add new features to the project.
-
-#### 3. **Shows Deep Appreciation**
-   - Sponsoring is a tangible way to show your appreciation for the hard work and effort that goes into maintaining and developing a project.
-
-#### 4. **Gives You Recognition**
-   - Many projects offer recognition for sponsors, such as listing your name or company on the project's README or website.
-
-#### 5. **Helps Open Source Thrive**
-   - Open-source projects like Palmr rely on community support. By sponsoring, you're contributing to the growth and success of the open-source ecosystem.
-
---
-
-### A Meaningful Way to Give Back
-Sponsoring a project is a meaningful way to give back to the developers who create the tools and software you rely on. Even a small contribution of **$1** can make a big difference. Your support ensures that Palmr continues to grow and improve. Thank you for considering sponsoring! 💖
-
---
-
-### Conclusion
-
-That's it! You've successfully sponsored the **Palmr** project on GitHub. Your contribution, no matter the amount, will help ensure the project continues to grow and improve. Thank you for your support!
--- a/apps/docs/content/docs/1.1.7-beta/gh-star.md
+++ b/apps/docs/content/docs/1.1.7-beta/gh-star.md
@@ -1,72 +0,0 @@
---
-title: Star this project on Github
---
-
- Starring a project on GitHub is a great way to show appreciation for a repository and to bookmark it for easy access later. This tutorial will guide you through the process of starring the **Palmr** project on GitHub.
-
---
-
-### Step 1: Log in to GitHub
-
-Before you can star a project, you need to be logged into your GitHub account. If you don't have an account yet, you can sign up for free at [GitHub](https://github.com/).
-
---
-
-### Step 2: Go to the Palmr. Repository
-
-Once you're logged in, go to the Palmr. repository by clicking on this link: [https://github.com/kyantech/Palmr](https://github.com/kyantech/Palmr).
-
-Alternatively, you can search for "Palmr" in the GitHub search bar and click on the repository owned by **Kyantech**.
-
---
-
-### Step 3: Star the Repository
-
-On the Palmr. repository page, you'll see a "Star" button at the top right corner of the page. Click this button to star the repository.
-
-![Palmr Profile Menu](/assets/v1/sponsor/star-btn.png)
-
---
-
-### Step 4: Confirm the Star
-
-After clicking the "Star" button, the button will change to "Unstar," indicating that the repository has been successfully starred. You can always unstar the repository by clicking the "Unstar" button.
-
-![Palmr Profile Menu](/assets/v1/sponsor/starred-button.png)
-
-
---
-
-### Why Starring is Important for Project Development
-
-Starring a repository on GitHub is more than just a bookmarking tool—it’s a way to support the project and its developers. Here’s why starring is so important:
-
-#### 1. **Shows Appreciation**
-   - Starring a repository is a simple way to show your appreciation for the hard work and effort that goes into maintaining and developing a project. It’s like giving a thumbs-up to the developers!
-
-#### 2. **Increases Visibility**
-   - The more stars a repository has, the more visible it becomes on GitHub. This can attract more contributors, users, and even potential sponsors, which helps the project grow.
-
-#### 3. **Encourages Developers**
-   - Seeing stars on a repository motivates developers to continue improving the project. It’s a sign that people find the project useful and valuable.
-
-#### 4. **Helps with Discovery**
-   - GitHub’s trending and recommendation algorithms often prioritize repositories with more stars. By starring Palmr, you’re helping others discover it more easily.
-
-#### 5. **Tracks Your Interests**
-   - Starring a repository adds it to your "Starred" list, making it easy for you to find and revisit the project later. It’s a great way to keep track of projects you love or want to follow.
-
-#### 6. **Supports Open Source**
-   - Open-source projects like Palmr thrive on community support. By starring the repository, you’re contributing to the open-source ecosystem and helping ensure the project’s longevity.
-
---
-
-### A Small Action with a Big Impact
-Starring a repository takes just a second, but it can have a huge impact on the project’s growth and development. Your support means a lot to the developers and the community behind Palmr. So, if you find the project useful, don’t forget to hit that **Star** button! ⭐
-
---
-
-### Conclusion
-
-That's it! You've successfully starred the **Palmr.** project on GitHub. Starring repositories is a simple yet powerful way to keep track of projects you find interesting or useful. Thank you for supporting Palmr!
-
--- a/apps/docs/content/docs/1.1.7-beta/github-architecture.md
+++ b/apps/docs/content/docs/1.1.7-beta/github-architecture.md
@@ -1,80 +0,0 @@
---
-title: Github Architecture
---
-
-## Project Structure
-
-```plaintext
-├── apps/
-│   ├── web/         # Frontend application
-│   ├── server/      # Backend API service
-│   └── docs/        # Documentation site
-└── composes/        # Docker compose configurations
-configurations
- ```
-
-
-## Core Components
-### 1. Frontend Application (apps/web)
-##### Technology Stack:
-  - React 18
-  - TypeScript
-  - Vite
-  - HeroUI Components
-  - TailwindCSS
-  - i18next for internationalization
-
-
-##### The frontend follows a feature-based architecture with:
-
- Components-based structure
- Custom hooks for business logic
- Route protection system
- File management system
- Modal system for file operations
-
-### 2. Backend Service (apps/server)
-##### Technology Stack:
-  - Fastify
-  - PostgreSQL
-  - MinIO for object storage
-  - Prisma as ORM
-
-##### Key features include:
- User authentication/authorization
- File management
- Storage management
- Share system
-
-### 3. Documentation (apps/docs)
- Built with Astro and Starlight
- Provides comprehensive documentation for the project
-
-### 4. Infrastructure
- Docker-based deployment
- Containerized services
- Environment-specific configurations through docker-compose
-
-## Key Features
-##### 1. File Management
-   
-   - Upload/Download capabilities
-   - File preview system
-   - Share management
-   - Storage usage monitoring
-
-##### 2. User System
-   
-   - Authentication
-   - User management
-   - Profile management
-
-##### 3. Storage System
-   
-   - MinIO integration for object storage
-   - Disk space monitoring
-   - Upload size validation
-##### 4. Internationalization
-   
-   - Multi-language support
-   - Translation management
--- a/apps/docs/content/docs/1.1.7-beta/index.md
+++ b/apps/docs/content/docs/1.1.7-beta/index.md
@@ -1,42 +0,0 @@
---
-title: Welcome to Palmr.
---
-
-![Palmr Banner](/assets/v1/general/banner.png) 
-
-## 🌴 What is **Palmr.** ?   
-___
-**Palmr.** is a powerful and **flexible open-source alternative** to popular file transfer services like **WeTransfer**, **SendGB**, **Send Anywhere** and **Files.fm**. The key advantage of Palmr. is that you can **host it on your own infrastructure**, such as a **dedicated server** or **VPS**, giving you full control over your files and data security — without relying on third-party services or worrying about artificial limits or high fees.  
-
-## **Why Choose Palmr.?**  
-___
-### **1. No Artificial Limits**  
-Unlike traditional services, Palmr. does not impose file size or quantity limits. The only limit is the **available storage** on your server or VPS. If you have the storage capacity, you can send files without restrictions, no premium plans, no ads, and no hidden fees.  
-
-### **2. Open Source and Free**  
-
-Palmr. is completely **open source** and free to use. You can:  
- Deploy it on any infrastructure (VPS, dedicated server, Docker, etc.).  
- Review and audit the code to ensure security and integrity.  
- Contribute improvements or custom features.  
- Adapt it for different use cases as needed.  
-
-### **3. Security and Privacy Under Your Control**  
-By hosting Palmr. on your own infrastructure, you retain **full control over your data**. Your files are not stored or processed by third parties, ensuring **privacy** and **confidentiality** of transferred information.  
-
-### **4. Highly Customizable**  
-Palmr. is fully customizable, allowing you to align it with your brand identity and user experience:  
- Add your own **logo**.  
- Set a **custom app name**.  
- Configure an **SMTP server** for email notifications.  
- Customize some text to create a unique experience for users.  
-
-### **5. Complete User and Admin Management**  
-Palmr. offers a robust user and admin management system:  
- Create and manage multiple **administrators** .  
- Add unlimited **users**.  
- Control who can view, upload, and manage files.  
- Easily monitor usage.  
-
-### **6. Fast, Lightweight, and Scalable**  
-Palmr. is designed to be lightweight and scalable, ensuring high performance even with large files or high user traffic. Its efficient architecture allows you to scale easily as your needs grow.  
--- a/apps/docs/content/docs/1.1.7-beta/installation.mdx
+++ b/apps/docs/content/docs/1.1.7-beta/installation.mdx
@@ -1,135 +0,0 @@
---
-title: Installation (Docker Compose)
---
-
-import { Tab, Tabs } from 'fumadocs-ui/components/tabs';
-
-### Quick Start with Default Docker Compose
-
-There is a default `docker-compose.yml` file in the project root that can be used for quick execution. While this provides a convenient way to get started, it's important to note that using the default passwords is **not secure**, especially if the application is exposed to public networks. Malicious users could potentially exploit known default credentials to attack your deployment.
-
-This base Docker Compose configuration works perfectly for localhost development but may require modifications when deployed to a VPS or production environment for optimal performance and security. Please consult the complete documentation for proper production deployment configurations.
-
-For a quick start using the default configuration, simply run:
-```bash
-docker compose up -d
-```
-This command will start the project using the default configuration.
-
-> ⚠️ **Important:** We strongly recommend testing your configuration locally first, especially if you've made any modifications to the Docker Compose files. Only after confirming everything works as expected locally should you proceed with deployment to a VPS or server environment.
-
-### Startup Script for Docker Compose
-
-To simplify the execution of the project and enable it to run on any machine, a **startup script** for Docker Compose was created. This script automates the generation of secure credentials and facilitates local setup. While this method provides better security than using default passwords, for maximum security, we strongly recommend moving all sensitive credentials to environment variables instead.
-
-To execute the project using this approach, you need to have **Docker** and **Docker Compose** installed on your machine. While this is the simplest way to execute the project, it is **not recommended for production environments**.  
-
---
-
-### Ways to Execute the Startup Script  
-
-First of all, download the relase v1.1.7-beta: 
-[Release version - 1.1.7-beta](https://github.com/kyantech/Palmr/releases/tag/v1.1.7-beta)
-
-There are two ways to execute the script:  
-
-<Tabs items={['Using a Makefile', 'Running the Script Directly']}>
-  <Tab >
-    To use this method, you need to have the `make` command installed on your machine.
-    
-    To generate the new `docker-compose.yml` file using a Makefile, run the following command from the project root:  
-
-    ```bash
-    make gen-compose
-    ```
-
-    This command will subcribe the `docker-compose.yml` file in the root of the project.  
-    - The script's primary function is to generate secure passwords for **MinIO** (object storage) and **Postgres** (database).  
-    - The generated `docker-compose.yml` file serves as a base and can be modified at any time.  
-    - It is configured to run locally via `localhost` and is **not intended for production** or VPS environments.  
-
-    After the file is generated, you can modify or adapt it for deployment in other environments.  
-  </Tab>
-  <Tab >
-    To generate the `docker-compose.yml` file by running the script directly, use the following commands:  
-
-    ```bash
-    chmod +x ./scripts/generate-docker-compose.sh  
-    ./scripts/generate-docker-compose.sh  
-    ```
-
-    This will have the same effect as running `make gen-compose`.  
-  </Tab>
-</Tabs>
-
---
-
-### Running the Project  
-After generating the new `docker-compose.yml` file, you can start the project by running the following command from the project root:  
-
-```bash
-docker compose up -d
-```
-
-To access Palmr. in a local environment, open your browser and visit:  
-
-[http://localhost:4173](http://localhost:4173)  
-
---
-
-### Deployment in Production  
-For production environments with high scalability and availability requirements, we recommend using **Kubernetes**, **Docker Swarm**, or a similar container orchestrator.  
-
-For homelab, personal projects, or environments where high availability and scalability are not critical, Docker Compose can be used without issues. The `docker-compose.yml` file pulls the latest Palmr. images from Docker and makes them available on specific ports, as shown below:  
-
- **Frontend:** [http://localhost:4173](http://localhost:4173)  
- **Backend:** [http://localhost:3333](http://localhost:3333)  
- **MinIO API:** [http://localhost:9000](http://localhost:9000)  
- **MinIO Console:** [http://localhost:9001](http://localhost:9001)  
- **Postgres Database:** [http://localhost:5423](http://localhost:5423)  
-
---
-
-### Port Configuration Recommendations  
-In this version of `docker-compose.yml`, none of the ports for the frontend and backend should be modified. Consequently, none of the URLs should be changed because the frontend image contains a pre-built version configured to work on port **4173**.  
-
-> ⚠️ Due to technical limitations related to **ReactJS**, environment variables executed at runtime cannot be changed. Therefore, to ensure that the system functions correctly as designed, keep the `docker-compose.yml` file unchanged.  
-
---
-
-### Running in Development Mode  
-If you want to modify the ports in a local environment and run the project using Docker with Docker Compose, we recommend using the `docker-compose-dev.yaml` file. This file builds the project based on the files in the cloned repository.  
-
-When using `docker-compose-dev.yaml`, make sure to configure all port and URL settings correctly. Incorrect configuration will prevent Palmr. from functioning as expected.  
-
---
-
-### Docker Compose in Production Environments  
-We **do not recommend** using `docker-compose.yml` in production or VPS environments. Docker Compose is designed for development and testing purposes only, not for handling production workloads.  
-
---
-
-### Recommended Deployment for Production  
-For production environments, we recommend using **Kubernetes**. However, the repository does not include a ready-to-use Kubernetes configuration, so you will need to configure it manually.  
-
-Alternatively, you can set up the application using separate services as follows:  
-
- **Frontend:** Host on **Vercel** or **AWS Amplify**.  
- **Backend:** Host on **Render.com** or similar services.  
- **MinIO:** Deploy separately on a server using Docker.  
- **Database:** Host on a managed service like **Neon.tech**.  
-
---
-
-### Environment Variables  
-The Palmr. code is completely open-source, allowing you to adjust the deployment to meet your needs. Ensure that the environment variables are correctly configured to avoid issues during execution.  
-
---
-
-### Additional Resources
-
- [Docker Documentation](https://docs.docker.com/)
- [Docker Compose Documentation](https://docs.docker.com/compose/)
- [Kubernetes Documentation](https://kubernetes.io/docs/)
- [MinIO Documentation](https://min.io/docs/minio/container/index.html)
- [PostgreSQL Documentation](https://www.postgresql.org/docs/)
--- a/apps/docs/content/docs/1.1.7-beta/login.md
+++ b/apps/docs/content/docs/1.1.7-beta/login.md
@@ -1,104 +0,0 @@
---
-title: First Login (Admin)
---
-
-Once you have started all the services as described in the deployment instructions, you will be able to access the frontend at:  
-
- **Production environment:** `{your_web_domain}`  
- **Local environment:** [http://localhost:4173](http://localhost:4173)  
-
-Upon accessing the frontend, you will see a screen similar to the image below:  
-
-![Palmr Landing Page](/assets/v1/general/lp.png)  
-
-This is the **Palmr. landing page**, which provides basic information about the application. This landing page can be hidden later when you configure your app, allowing the login page to become the default home page. However, on the first execution, it is displayed by default.  
-
---
-
-## First Login  
-
-At the top of the landing page, you will see a button to log in to Palmr.:  
-
-> **But you may wonder:** 
-
-To simplify the process, Palmr. comes pre-configured with **seed data** upon the first initialization. This seed data includes a default **admin user** with full access to all settings and user management within the application.  
-
-After clicking the **Login** button, you will be redirected to the login screen, which looks like this:  
-
-![Palmr Login Page](/assets/v1/ui/login.png)  
-
-Use the following default credentials to log in for the first time:  
-
-| User       | Password   |
-|------------|------------|
-| `admin@example.com` | `admin123` |  
-
-If everything is set up correctly, you will be authenticated and redirected to Palmr.'s main dashboard, which looks like this:  
-
-![Palmr Dashboard](/assets/v1/ui/dashboard.png)  
-
-At this point, you are officially logged in and ready to start using all the features of Palmr.!  
-
---
-
-## Recommendations After First Access  
-
-Since Palmr. includes a single default admin user in the seed data, it is **highly recommended** to change the default admin credentials immediately after the first login. This is crucial for maintaining the security of your instance.  
-
-Follow these steps to update the admin credentials and secure your Palmr. instance:  
-
-### Step 1: Access the Profile Settings  
-1. Click the **user icon** located in the top right corner of the screen.  
-2. A dropdown menu will appear with several options:  
-
-![Palmr Profile Menu](/assets/v1/ui/menu.png)  
-
-3. Select **"Profile"** from the dropdown menu. This will redirect you to the profile settings page:  
-
-![Palmr Profile Page](/assets/v1/ui/profile.png)  
-
---
-
-### Step 2: Update the Admin Profile  
-On the profile settings page, you can update all the information related to the admin account.  
-
- To update the password, enter a new secure password and confirm it.  
- Update other details as needed based on your preferences.  
-
-**Tip:** For better security, use a strong password containing:  
- At least 12 characters  
- A mix of uppercase and lowercase letters  
- Numbers and special characters  
-
---
-
-### Step 3: Update the Profile Picture  
-You can also update the profile picture for better personalization.  
-
-1. Click the **camera icon** next to the avatar.  
-2. Select an image from your local device.  
-
-![Palmr Profile Picture](/assets/v1/ui/profile_picture.png)  
-
-> **Recommendation:** Use a square image to ensure proper display.  
-
---
-
-## Troubleshooting  
-
-If you encounter any issues during the first login or profile update, please check the following:  
- Ensure that all services (frontend, backend, MinIO, and database) are running correctly.  
- Make sure the environment variables are properly configured.  
- Confirm that the database seeds have been applied correctly.  
-
---
-
-## Security Best Practices  
-
- After setting up your admin account, create separate user accounts with limited access based on roles.  
- Use HTTPS to secure the connection between the client and the server.  
- Regularly update the Palmr. instance to benefit from the latest security patches and improvements.  
-
---
-
-
--- a/apps/docs/content/docs/1.1.7-beta/manage-users.md
+++ b/apps/docs/content/docs/1.1.7-beta/manage-users.md
@@ -1,85 +0,0 @@
---
-title: Manage users
---
-
-Manage users to **Palmr** is a straightforward process. Below is a detailed step-by-step guide explaining how to create and manage users within the application.
-
-
-### Step 1: Accessing User Management
-
-To begin, you need to navigate to the **User Management** section:
-
-1. Click on the **user icon** located in the header of the app.
-2. A dropdown menu will appear. From the options available, select **"User Management"**
-
-![Palmr Profile Menu](/assets/v1/ui/menu.png) 
-
---
-
-### Step 2: User Management Dashboard
-
-After selecting **User Management**, you will be redirected to the **User Management Dashboard**. 
-
- On your first access, the only user listed will be the **default Admin** user.
- If you need to update the Admin user details, you must follow the steps outlined in the **Profile Management** section.  
- User details for the logged-in Admin cannot be modified from the **User Management Dashboard**.
-
-![Palmr Profile Menu](/assets/v1/main/users/users-management.png) 
-
---
-
-### Step 3: Adding a New User
-
-1. To add a new user, click on the **"Add User"** button located at the top right corner of the screen.
-
-![Palmr Profile Menu](/assets/v1/main/users/add-users-btn.png) 
-
-2. A modal form will appear, allowing you to enter the new user's details:
-
-![Palmr Profile Menu](/assets/v1/main/users/add-user-modal.png) 
-
-3. After filling in the user details, click on **"Create"** to confirm.  
-   Alternatively, you can click **"Cancel"** to abort the user creation process.
-
-4. Once the user is created successfully, it will appear in the user list.
-
-![Palmr Profile Menu](/assets/v1/main/users/new-user-table.png) 
-
---
-
-### Step 4: Managing User Actions
-
-In the **User List**, under the **"Actions"** column, you will find a dropdown menu for each user.
-
-![Palmr Profile Menu](/assets/v1/main/users/add-user-actions-dropdown.png) 
-
-
-Available actions include:
-
- **Edit User** – Opens a modal form to update user information:
-   - Change user details including role.
-   - Change the user password.
-
-![Palmr Profile Menu](/assets/v1/main/users/edit-user-modal.png) 
-
- **Deactivate User** – Marks the user as inactive, preventing them from logging into the system.
- **Activate User** – Reactivates a deactivated user, allowing them to log in again.
- **Delete User** – Permanently removes the user from the system.
-
-
---
-
-### Troubleshooting
-
-#### User Creation Fails
- Ensure all mandatory fields (name, email, role) are filled out correctly.
- Check for duplicate emails.
- Verify that the system has proper connectivity to the backend.
-
-#### User Cannot Log In
- Ensure the user is marked as **Active**.
- Verify that the correct email and password are being used.
- Reset the user password if needed.
-
-
-
--- a/apps/docs/content/docs/1.1.7-beta/manual-installation.mdx
+++ b/apps/docs/content/docs/1.1.7-beta/manual-installation.mdx
@@ -1,170 +0,0 @@
---
-title: Manual Installation
---
-Manual installation is a bit more complex and labor-intensive compared to installation via Docker Compose. However, by following this step-by-step guide, you can execute the project cleanly.
-
-It's worth noting that even though our frontend and backend are run manually, we will still need to use Docker or another third-party service to run Postgres and MinIO. In this tutorial, we will use Docker with Docker Compose to set up MinIO and Postgres.
-
-For this, within our `apps/server` directory, we already have a Docker Compose file that runs MinIO and Postgres, which are necessary for the application to function. However, feel free to use another service if you prefer. Once again, we are using Docker Compose to reduce the manual effort required to set up these services, especially third-party services like Postgres and MinIO.
-
-Now, let's proceed with the step-by-step guide.
-
-## Prerequisites
-
-Before we begin, we need to have the following tools installed in our environment:
-
- Docker
- Docker Compose
- Node.js
- pnpm
- Git
-
-It's important to emphasize that the entire repository was written using the `pnpm` package manager. Therefore, it is highly recommended to use `pnpm` to run the services to avoid potential issues. However, if you prefer to use another package manager like `npm`, `yarn`, or `bun`, you may do so at your own risk. The system might work normally, but it could also present unknown and unmapped errors when using other package managers. So, we strongly recommend using `pnpm`.
-
-## Running the Application
-
-### Step 1: Clone the Repository
-
-First, clone the official repository:
-
-```bash
-git clone https://github.com/kyantech/Palmr.git
-```
-In the root of this repository, you will find a folder called apps. Inside this folder, there are three subfolders: docs, server, and web. For now, we are interested in the server and web folders, which contain our backend (written in Fastify) and frontend (written in React + Vite), respectively.
-
-### Step 2: Set Up Backend Services
-Navigate to the backend folder, where the Docker Compose file for MinIO and Postgres is located:
-
-```bash
-cd ./apps/server
-```
-Inside this folder, you can start by running:
-
-```bash
-docker compose up -d
-```
-This command will run Postgres and MinIO in the background. If you need to make any changes, the file being executed with docker compose up is located at `apps/server/docker-compose.yaml`. However, we recommend using the default settings for the first run and making changes only after you have a functional version of the base code.
-
-### Step 3: Set Up Backend
-
-With MinIO and Postgres running via Docker Compose, let's proceed to the next steps, which involve running the project itself. Here, we will build and run the project in production mode, not development mode. To do this, we need to build both the backend and frontend applications.
-
-Since we are already in the server folder, let's start with the backend.
-
-#### 3.1: Set Up Environment Variables
-
-We need some environment variables for Palmr to run successfully. For this, we will use the `.env.example` file provided in the repository as a base.
-
-Simply run:
-
-```bash
-cp .env.example .env
-```
-
-This command copies the necessary environment variables to a `.env` file in the root directory.
-
-#### 3.2: Install Dependencies
-Next, we need to initialize the database connected directly to Postgres via Prisma, our ORM. But for Prisma to work, we need to install the dependencies for our backend project. With Node and pnpm installed, run:
-
-```bash
-pnpm install
-```
-#### 3.3: Generate Prisma Client
-After the installation is complete, run the following command:
-
-```bash
-pnpm dlx prisma generate
-```
-The prisma generate command generates the Prisma client for the project. This client allows programmatic access to the database.
-
-#### 3.4: Deploy Prisma Migrations
-Once the generation is complete, run:
-
-```bash
-pnpm dlx prisma migrate deploy
-```
-The prisma migrate deploy command deploys the Prisma migration.
-
-#### 3.5: Seed the Database
-After the migration is deployed, we can seed the database to populate the initial tables with the following command:
-
-```bash
-pnpm db:seed
-```
-Now, our database is ready for the project to run.
-
-#### 3.6: Build and Run the Backend
-To run the backend, simply execute:
-
-```bash
-pnpm run build
-```
-This command builds the application for production. After the build is complete, run:
-
-```bash
-pnpm start
-```
-Following these steps, the backend will be functional. To test it, you can access:
-
-```bash
-http://localhost:3333/docs
-```
-This is the API documentation page.
-
-### Step 4: Set Up Frontend
-The frontend setup is similar to the backend, but we don't need to run any Docker containers—only the service itself.
-
-#### 4.1: Navigate to the Frontend Directory
-If you are in the server folder:
-
-```bash
-cd ../web
-```
-If you are in the root of the repository:
-
-```bash
-cd apps/web
-```
-
-#### 4.2: Set Up Environment Variables
-Once in the web directory, first run:
-
-```bash
-cp .env.example .env
-```
-This populates the environment variables, just like in the backend.
-
-#### 4.3: Install Dependencies
-Next, install the dependencies:
-
-```bash
-pnpm install
-```
-
-#### 4.4: Build and Run the Frontend
-Now, the process for the frontend is simpler. We can simply run the build with:
-
-```bash
-pnpm run build
-```
-Once the build is complete, start the service with:
-
-```bash
-pnpm preview
-```
-
-Wait for the service to start, and then you can test the entire application at:
-
-```bash
-http://localhost:4173
-```
-
-##### Conclusion
-That's it! This is the step-by-step guide to manually running a production version of Palmr.
-
-### Useful Links
-
- [Docker Documentation](https://docs.docker.com/)
- [Node.js Documentation](https://nodejs.org/en/docs/)
- [pnpm Documentation](https://pnpm.io/)
- [Prisma Documentation](https://www.prisma.io/docs/)
--- a/apps/docs/content/docs/1.1.7-beta/meta.json
+++ b/apps/docs/content/docs/1.1.7-beta/meta.json
@@ -1,28 +0,0 @@
-{
-  "title": "v1.1.7-beta",
-  "description": "(Deprecated)",
-  "root": true,
-  "icon": "Trash2",
-  "pages": [
-    "---Introduction---",
-    "index",
-    "architecture",
-    "github-architecture",
-    "installation",
-    "manual-installation",
-    "api",
-    "---How to use Palmr.---",
-    "login",
-    "manage-users",
-    "upload",
-    "generate-share",
-    "configuring-smtp",
-    "available-languages",
-    "---Developers---",
-    "contribute",
-    "open-an-issue",
-    "---Sponsor this project---",
-    "gh-star",
-    "gh-sponsor"
-  ]
-}
--- a/apps/docs/content/docs/1.1.7-beta/open-an-issue.md
+++ b/apps/docs/content/docs/1.1.7-beta/open-an-issue.md
@@ -1,81 +0,0 @@
---
-title: How to open an issue
---
-
-Opening an issue on GitHub is a great way to report bugs, request features, or ask questions about a project. This tutorial will guide you through the process of opening an issue for the **Palmr.** project on GitHub.
-
---
-
-### Step 1: Log in to GitHub
-
-Before you can star a project, you need to be logged into your GitHub account. If you don't have an account yet, you can sign up for free at [GitHub](https://github.com/).
-
---
-
-### Step 2: Go to the Palmr. Repository
-
-Once you're logged in, go to the Palmr. repository by clicking on this link: [https://github.com/kyantech/Palmr](https://github.com/kyantech/Palmr).
-
-Alternatively, you can search for "Palmr" in the GitHub search bar and click on the repository owned by **Kyantech**.
-
---
-
-### Step 3: Navigate to the Issues Tab
-
-On the Palmr repository page, click on the **Issues** tab near the top of the page. This will take you to the issues section of the repository.
-
-![Palmr Profile Menu](/assets/v1/developers/issues-tab.png)
-
-
---
-
-### Step 4: Click on "New Issue"
-
-Once you're in the issues section, click the **New Issue** button to start creating a new issue.
-
-![Palmr Profile Menu](/assets/v1/developers/new-issue-btn.png)
-
-
---
-
-### Step 5: Fill Out the Issue Form
-
-You’ll now see a form where you can provide details about your issue. Here’s how to fill it out:
-
-1. **Title**: Write a clear and concise title that summarizes the issue.
-2. **Description**: Provide a detailed description of the issue. Include steps to reproduce the problem (if it’s a bug), expected behavior, and actual behavior. If you’re requesting a feature, explain why it would be useful.
-3. **Labels (Optional)**: Add labels to categorize your issue (e.g., `bug`, `enhancement`, `question`). This helps the maintainers organize and prioritize issues.
-4. **Attachments (Optional)**: You can attach screenshots, logs, or other files to help explain the issue.
-
-![Palmr Profile Menu](/assets/v1/developers/new-issue-form.png)
-
---
-
-### Step 6: Submit the Issue
-
-Once you’ve filled out the form, click the **Create** button. Your issue will now be visible to the project maintainers and other contributors.
-
---
-
-### Tips for Writing a Good Issue
-
-To ensure your issue is addressed quickly and effectively, follow these tips:
- **Be Clear and Specific**: Provide as much detail as possible.
- **Use a Descriptive Title**: A good title helps maintainers understand the issue at a glance.
- **Include Steps to Reproduce**: If it’s a bug, explain how to reproduce it.
- **Be Polite and Respectful**: Remember that maintainers and contributors are volunteering their time.
-
---
-
-### Why Opening Issues is Important
-
-Opening issues is a key part of contributing to open-source projects. Here’s why it matters:
-1. **Improves the Project**: Your feedback helps identify bugs and suggest new features.
-2. **Helps Maintainers**: Clear and detailed issues make it easier for maintainers to address problems.
-3. **Encourages Collaboration**: Issues can spark discussions and attract contributors to help solve problems.
-
---
-
-### Conclusion
-
-That's it! You've successfully opened an issue for the **Palmr** project on GitHub. Your contribution helps improve the project and supports the open-source community. Thank you for taking the time to share your feedback!
--- a/apps/docs/content/docs/1.1.7-beta/upload.md
+++ b/apps/docs/content/docs/1.1.7-beta/upload.md
@@ -1,94 +0,0 @@
---
-title: Uploading Files
---
-
-To upload a file in Palmr, the process is very simple. There are two main locations where you can upload files. 
-However, before proceeding, it’s important to highlight that the core functionality of Palmr is file sharing. 
-But for this to work, you need to first upload one or more files to share. Later, you can create a sharing session, 
-which may contain one or multiple files.
-
-Now let's focus on the file upload process. As mentioned, it is very simple, and you can upload files from two locations: 
-**the Home Page** or **the My Files Page**. We will go through both examples below, but the process is exactly the same in both cases.
-
---
-
-## Home Page
-
-On the home page, there is a **"Recent Uploads"** section. On the first initialization (when no file has been uploaded yet), 
-it will appear like this:
-
-![Recent Uploads Section](/assets/v1/main/upload/recent-uploads.png)
-
-To upload a file, simply click on the **"Upload File"** button. This will open a modal where you can select the file you want 
-to upload from your device. Some file types, such as images, audio, and video, will have a preview available.
-
-![Upload File Button](/assets/v1/main/upload/upload-file-button.png)
-
-### Example with an image:
-![Preview Example](/assets/v1/main/upload/preview-example.png)
-
-After selecting the file, you can either confirm the upload by clicking the **"Upload"** button or cancel the operation by clicking the **"Cancel"** button.
-
-![Upload and Cancel Buttons](/assets/v1/main/upload/upload-cancel-buttons.png)
-
-Once one or more files have been uploaded, the **"Recent Uploads"** section will update and look like this:
-
-![Recent Uploads with Files](/assets/v1/main/upload/recent-uploads-filled.png)
-
-To upload a new file from this screen, click the **"Upload File"** button in the upper right corner of the section, and follow the same steps as before.
-
-![New Upload Button](/assets/v1/main/upload/new-upload-button.png)
-
-This list on the home page shows only the **last 5 uploads**. To view older files or upload more, you need to go to the **"My Files"** page. 
-You can access this by clicking on the **"View All"** button in the upper right corner of the section or by clicking on the **"My Files"** card on the home page.
-
-![View All Button](/assets/v1/main/upload/view-all-button.png)
-
-Or:
-
-![My Files Card](/assets/v1/main/files/my-files-card.png)
-
---
-
-## My Files Page
-
-On the **"My Files"** page, the layout will look like this:
-
-![My Files Page](/assets/v1/main/files/my-files-page.png)
-
-Here, you have the option to **filter** your uploaded files or upload new ones by clicking the **"Upload File"** button and following the same steps explained earlier.
-
-Notice that the tables in the **"Recent Files"** section and the **"My Files"** page are the same — the only difference is the number of results shown. 
-The **"Recent Files"** section shows only the last 5 uploads, while the **"My Files"** table displays all uploads.
-
-The table fields include:
- **Name**
- **Description**
- **Size**
- **Created At**
- **Updated At**
- **Actions**
-
-### Actions Column
-In the **"Actions"** column, you will find an icon that opens the following dropdown:
-
-![Actions Dropdown](/assets/v1/main/files/actions-dropdown.png)
-
-Each option is self-explanatory, but let’s detail the **Edit** option:
-
- **Edit** – Opens a modal where you can edit the file name, description, and other details.
-
-  ![Edit Modal](/assets/v1/main/files/edit-modal.png)
-
- You can also **delete** a file directly from the dropdown by selecting the **Delete** option.
-
-The preview feature is only available for files like images, audio, PDFs and video. For other file types, 
-you can download them using the **Download** option in the dropdown.
-
---
-
-## Notes and Recommendations
-
- For a better user experience, we recommend using optimized files for upload.  
- Upload errors or issues are logged and can be reviewed through the admin panel.  
- Admins can manage file access permissions.  
--- a/apps/docs/content/docs/2.0.0-beta/api.mdx
+++ b/apps/docs/content/docs/2.0.0-beta/api.mdx
@@ -18,7 +18,6 @@ The API documentation is powered by **[Scalar](https://scalar.com/)**, which pro

 ![Palmr API Documentation](/assets/v2/api-docs/scalar.png)

-
 We have made a deliberate decision to **not provide an online version** of the API documentation, as the endpoints and functionality may vary significantly depending on the specific version of Palmr. you have deployed in your environment. To ensure you're always working with accurate and version-specific documentation, we strongly recommend accessing the documentation only after initializing your API service. It's important to note that the API service is specifically designated as the **server** component within the official Palmr. GitHub repository.

 We strongly recommend utilizing **Scalar** as your primary tool for querying and testing the API, as the entire documentation system has been carefully optimized and designed with Scalar integration in mind. Scalar provides developers with an exceptionally intuitive and feature-rich interactive environment that streamlines the process of exploring endpoints, constructing and sending requests, and analyzing responses directly within its sophisticated interface.
--- a/apps/docs/content/docs/2.0.0-beta/architecture.mdx
+++ b/apps/docs/content/docs/2.0.0-beta/architecture.mdx
@@ -12,51 +12,50 @@ Understanding the architecture of Palmr. is crucial for both deploying and scali

 Each component in the Palmr. architecture plays a vital role in ensuring reliability, performance, and scalability. The stack is built with simplicity, performance, and flexibility in mind, everything is self-hosted, developer-friendly, and designed to scale without adding unnecessary complexity.

-
 ### 💾 PostgreSQL
+
 Palmr. uses **PostgreSQL** as the primary database solution. It's a powerful, open-source relational database that’s trusted by developers around the world. PostgreSQL is fully ACID-compliant, which means it handles transactions safely and reliably. It’s perfect for storing structured data like user accounts, file metadata, transfer logs, and anything else that requires consistency. With advanced features like full-text search, custom data types (like JSONB), and strong indexing capabilities, PostgreSQL gives us the tools to scale efficiently without giving up query performance or flexibility.

 - Provides reliable and secure data storage, ensuring consistency and high performance for all database operations.
 - Powerful indexing, query optimization, and support for complex data types.
 - Ideal for handling large amounts of metadata and transactional data in a predictable and scalable way.

-
 ### 🎨 Next.js 15 + React + TypeScript
+
 The frontend of Palmr. is built using **Next.js 15**, along with **React** and **TypeScript**, forming a modern stack that’s easy to maintain and super fast for end users. Next.js 15 brings server components, server actions, and a new app router system that makes rendering dynamic content incredibly efficient. This allows us to load only what’s needed, when it’s needed which makes the app feel snappy even under load. React provides a clean, component-based structure that makes it easy to break the UI into reusable pieces, and TypeScript helps prevent bugs before they even happen by enforcing static typing and better code navigation. Whether it's SSR, static pages, or dynamic user interactions, this trio handles it all seamlessly.

 - **React** enables the creation of a dynamic and responsive user interface with a component-based architecture.
 - **TypeScript** adds static typing, enhancing code quality and reducing runtime errors.
 - **Next.js 15** handles routing, server-side rendering, and server components for performance at scale.

-
 ### 📦 MinIO
+
 Palmr. uses **MinIO** for object storage. MinIO is a lightweight, high-performance, S3-compatible storage solution that makes file handling simple and scalable. Every file uploaded to Palmr. Whether it's a personal file transfer or a shared asset is stored in MinIO. It’s built to handle huge amounts of data and can be deployed locally, on-premise, or in the cloud. Because it speaks the same API as Amazon S3, integrating with it is straightforward and familiar to most developers. And since it’s self-hosted, we have full control over performance, redundancy, and security.

 - Supports high-throughput file storage and retrieval.
 - Ensures data integrity and redundancy.
 - Compatible with AWS S3 APIs, making integration seamless.

-
 ### ⚡ Fastify
+
 The backend of Palmr. is powered by **Fastify**, a super-fast Node.js web framework optimized for performance and low overhead. It’s designed to handle lots of concurrent requests with minimal resource usage, which is key for scalable backend services. Fastify also has a built-in schema validation system that ensures all incoming data is properly validated before reaching business logic, which helps prevent bugs and security issues. It follows a plugin-based architecture, making it easy to keep route handlers, services, and middlewares cleanly separated and easy to extend as the project grows.

 - Provides fast request handling with a lightweight core.
 - Built-in schema-based validation for secure and reliable API handling.
 - Supports plugin-based architecture for easy extensibility.

-
 ### 🔄 How It Works
+
 1. **Frontend** — React + TypeScript + Next.js 15 handle the user interface and user interactions.
 2. **Backend** — Fastify processes requests and communicates with the database and storage layers.
 3. **Database** — PostgreSQL stores metadata and transactional data.
 4. **Object Storage** — MinIO stores the actual files and ensures scalable, high-performance storage.

-
 ### 📚 Useful Links
+
 - [PostgreSQL Documentation](https://www.postgresql.org/docs/)
 - [Next.js Documentation](https://nextjs.org/docs)
 - [React Documentation](https://react.dev/)
 - [TypeScript Handbook](https://www.typescriptlang.org/docs/)
 - [MinIO Documentation](https://min.io/docs/minio/container/index.html)
 - [Fastify Documentation](https://fastify.dev/docs/latest/)
-
--- a/apps/docs/content/docs/2.0.0-beta/available-languages.mdx
+++ b/apps/docs/content/docs/2.0.0-beta/available-languages.mdx
@@ -8,20 +8,20 @@ The project leverages next-intl, a powerful and flexible internationalization (i

 ---

-| Language | Code | Description | Translation |
-|----------|------|-------------|-------------|
-| 🇺🇸 English | en-US | Primary development language and default fallback option | 100% |
-| 🇧🇷 Portuguese | pt-BR | Standard Brazilian Portuguese support | 100% |
-| 🇫🇷 French | fr-FR | Standard French language support | 100% |
-| 🇪🇸 Spanish | es-ES | Standard Spanish language support | 100% |
-| 🇩🇪 German | de-DE | Standard German language support | 100% |
-| 🇷🇺 Russian | ru-RU | Standard Russian language support | 100% |
-| 🇮🇳 Hindi | hi-IN | Standard Hindi language support | 100% |
-| 🇸🇦 Arabic | ar-SA | Standard Arabic language support with RTL | 100% |
-| 🇯🇵 Japanese | ja-JP | Standard Japanese language support | 100% |
-| 🇰🇷 Korean | ko-KR | Standard Korean language support | 100% |
-| 🇹🇷 Turkish | tr-TR | Standard Turkish language support | 100% |
-| 🇨🇳 Chinese | zh-CN | Standard Simplified Chinese support | 100% |
+| Language      | Code  | Description                                              | Translation |
+| ------------- | ----- | -------------------------------------------------------- | ----------- |
+| 🇺🇸 English    | en-US | Primary development language and default fallback option | 100%        |
+| 🇧🇷 Portuguese | pt-BR | Standard Brazilian Portuguese support                    | 100%        |
+| 🇫🇷 French     | fr-FR | Standard French language support                         | 100%        |
+| 🇪🇸 Spanish    | es-ES | Standard Spanish language support                        | 100%        |
+| 🇩🇪 German     | de-DE | Standard German language support                         | 100%        |
+| 🇷🇺 Russian    | ru-RU | Standard Russian language support                        | 100%        |
+| 🇮🇳 Hindi      | hi-IN | Standard Hindi language support                          | 100%        |
+| 🇸🇦 Arabic     | ar-SA | Standard Arabic language support with RTL                | 100%        |
+| 🇯🇵 Japanese   | ja-JP | Standard Japanese language support                       | 100%        |
+| 🇰🇷 Korean     | ko-KR | Standard Korean language support                         | 100%        |
+| 🇹🇷 Turkish    | tr-TR | Standard Turkish language support                        | 100%        |
+| 🇨🇳 Chinese    | zh-CN | Standard Simplified Chinese support                      | 100%        |

 ### 🔄 Language Selection

--- a/apps/docs/content/docs/2.0.0-beta/configuring-smtp.mdx
+++ b/apps/docs/content/docs/2.0.0-beta/configuring-smtp.mdx
@@ -7,6 +7,7 @@ For Palmr to function with all its best features, we need to configure our email
 ## ❓ Why Configure SMTP?

 The main functionalities that depend on SMTP configuration are:
+
 - 🔑 **Password Reset** – Users who forget their password and cannot access the **Settings** panel need this feature.
 - 📧 **Email Notifications** – Recipients will receive emails when new shares are sent to them.

@@ -53,6 +54,7 @@ Once SMTP is enabled, you can configure the other necessary fields:
 ### 🔐 Generating a Gmail App Password

 To generate an App Password for Gmail:
+
 1. Go to [Google My Account](https://myaccount.google.com/).
 2. Select **Security**.
 3. Scroll down to **App Passwords**.
--- a/apps/docs/content/docs/2.0.0-beta/contribute.mdx
+++ b/apps/docs/content/docs/2.0.0-beta/contribute.mdx
@@ -15,6 +15,7 @@ Before you can contribute, you need to be logged into your GitHub account. If yo
 ---

 ### 🔍 Access the Repository
+
 Once you're logged in, go to the Palmr repository by clicking on this link: **[https://github.com/kyantech/Palmr](https://github.com/kyantech/Palmr)**. The repository contains all the source code, documentation, and resources for the Palmr project. Take a moment to explore the repository structure, including the README file, which provides an overview of the project.

 Alternatively, you can search for "Palmr" in the GitHub search bar and click on the repository owned by **kyantech**. When searching, make sure you're looking at the official repository by checking the owner and repository name. The repository should have a description that matches the Palmr project and show recent activity from the maintainers. You can also check the number of stars, forks, and watchers to verify you're accessing the correct repository.
@@ -32,6 +33,7 @@ To contribute to the project, you'll need to create your own copy of the reposit
 5. You'll be automatically redirected to your forked repository once it's ready.

 The fork will maintain a connection to the original repository, allowing you to:
+
 - Keep your fork synchronized with the original repository
 - Submit pull requests from your fork to the original repository
 - Work independently on your own copy without affecting the original
@@ -41,6 +43,7 @@ The fork will maintain a connection to the original repository, allowing you to:
 ### 📥 Clone the Fork

 Next, you’ll need to clone your forked repository to your local machine. Here’s how:
+
 1. On your forked repository page, click the **Code** button.
 2. Copy the repository URL (HTTPS or SSH).
 3. Open your terminal or command prompt and run the following command to clone the repository:
@@ -60,6 +63,7 @@ Next, you’ll need to clone your forked repository to your local machine. Here
 ### 🔄 Set up Base Branch

 Before making changes, ensure your local repository is set up to track the `next` branch from the original Palmr repository. Here’s how:
+
 1. Add the original Palmr repository as a remote:

   ```bash
@@ -81,7 +85,9 @@ Before making changes, ensure your local repository is set up to track the `next
 ---

 ### ✏️ Make Local Changes
+
 Now you're ready to make your contributions! This could include:
+
 - Fixing a bug
 - Adding a new feature
 - Improving documentation
@@ -113,12 +119,14 @@ Once you’ve made your changes, commit them to your branch using **Conventional
 `<type>(<scope>): <description>`

 **Examples:**
+
 - `feat: add user authentication`
 - `fix(api): resolve null pointer exception`
 - `docs: update README file`
 - `chore: update dependencies`

 **Steps to Commit:**
+
 1. Stage your changes:

   ```bash
@@ -138,6 +146,7 @@ Once you’ve made your changes, commit them to your branch using **Conventional
 After committing your changes, you'll need to push them to your forked repository on GitHub. This step synchronizes your local changes with your remote repository. Here's how to do it:

 1. First, ensure your branch is up-to-date with any remote changes:
+
   ```bash
   git pull origin your-branch-name
   ```
@@ -148,11 +157,13 @@ After committing your changes, you'll need to push them to your forked repositor
   ```

 If this is the first time pushing this branch, you might need to set the upstream branch:
-   ```bash
-   git push -u origin your-branch-name
-   ```
+
+```bash
+git push -u origin your-branch-name
+```

 If you encounter any errors while pushing:
+
 - Make sure you have the correct permissions on your fork
 - Verify your remote URL is correct using `git remote -v`
 - Check if you need to authenticate with GitHub
@@ -162,6 +173,7 @@ If you encounter any errors while pushing:
 ### 🔀 Create Pull Request

 Now that your changes are on GitHub, you can open a **Pull Request (PR)** to propose your changes to the `next` branch of the Palmr repository. Here’s how:
+
 1. Go to your forked repository on GitHub.
 2. Click the **Pull Request** button.
 3. On the PR creation page:
@@ -191,6 +203,7 @@ Remember that code review is a collaborative process aimed at ensuring code qual
 ## 💡 Contribution Tips

 To ensure your contribution is accepted, follow these tips:
+
 - **Use Conventional Commits**: Write clear and consistent commit messages using the Conventional Commits format.
 - **Keep Your PRs Small**: Focus on one issue or feature per PR to make it easier to review.
 - **Be Patient**: Maintainers are often volunteers and may take some time to review your PR.
@@ -206,6 +219,7 @@ To ensure your contribution is accepted, follow these tips:
 ## ⭐ Why Contribute?

 Contributing to open-source projects like Palmr has many benefits:
+
 1. **Improves the Project**: Your contributions help make the project better for everyone.
 2. **Builds Your Skills**: You’ll gain experience working with Git, GitHub, and collaborative coding.
 3. **Supports the Community**: Open-source thrives on community contributions. Your work helps sustain the project.
--- a/apps/docs/content/docs/2.0.0-beta/generate-share.mdx
+++ b/apps/docs/content/docs/2.0.0-beta/generate-share.mdx
@@ -6,7 +6,7 @@ title: 🔗 Managing shares

 Creating a share in Palmr is designed to be a straightforward and user-friendly experience that anyone can master quickly. While the platform offers several methods for share creation, we recommend beginning with the most accessible approach: utilizing the **Home Page**, particularly through the well-organized **Recent Shares** section.

-___
+---

 ### Home Page

@@ -19,7 +19,6 @@ For first-time users, the interface features a prominently positioned **"Create
 ![](/assets/v1/main/shares/create-first-share.png)

 > Note: One of Palmr's unique features is its flexibility - you don't need to upload files to create a share! This might seem counterintuitive at first, but it's a deliberately designed feature that many users find invaluable for their specific workflows and use cases. This approach allows you to set up the sharing framework first and add content later.
-> 

 This design philosophy reflects Palmr's user-centric approach: you can establish your share's parameters and settings first, then populate it with files at your convenience. Furthermore, all aspects of your share remain fully editable at any time, providing maximum flexibility.

@@ -78,7 +77,7 @@ Each share has an **Actions** column with the following options:

 ![](/assets/v1/main/shares/actions-column.png)

-___
+---

 ## ✏️ Edit Share

@@ -88,24 +87,23 @@ The **Edit** button provides access to a comprehensive interface where you can m

 ## 📁 Manage Files

-___
+---

 Through the **Manage Files** button, you gain complete control over the content of your share, with the ability to both add new files and remove existing ones.

 ![](/assets/v1/main/shares/manage-files-modal.png)

-___
+---

 ## 👥 Manage Recipients

 The **Manage Recipients** button opens an interface where you can maintain your recipient list, adding or removing access as needed.

 > Note: For email notifications to function properly, please ensure that your system's SMTP settings are correctly configured and active.
-> 

 ![](/assets/v1/main/shares/manage-recipients-modal.png)

-___
+---

 ## 👀 View Share Details

@@ -113,7 +111,7 @@ The **View Details** option provides a comprehensive overview of all aspects and

 ![](/assets/v1/main/shares/share-details-modal.png)

-___
+---

 ## 🔗 Generate Share Link

@@ -133,7 +131,7 @@ When recipients access your generated link, they'll be able to both **view and d

 ![](/assets/v1/main/shares/share-screen.png)

-___
+---

 ## Delete Share

--- a/apps/docs/content/docs/2.0.0-beta/gh-sponsor.mdx
+++ b/apps/docs/content/docs/2.0.0-beta/gh-sponsor.mdx
@@ -34,6 +34,7 @@ Once you're logged in, go to the Palmr. repository by clicking on this link: [ht
 Alternatively, you can search for "Palmr" in the GitHub search bar and click on the repository owned by **Kyantech**.

 You can also:
+
 - Star the repository to show your support
 - Watch it for updates
 - Fork it if you want to contribute
@@ -75,25 +76,26 @@ Once done, you'll officially be a **Palmr sponsor**! 🙌
 ### ⭐ Why Sponsoring Matters

 - 🧱 Supports Sustainability
-Your sponsorship helps keep the project alive and maintained long-term.
+  Your sponsorship helps keep the project alive and maintained long-term.

 - 🚀 Encourages Innovation
-Financial support gives developers the freedom to try new ideas and push boundaries.
+  Financial support gives developers the freedom to try new ideas and push boundaries.

 - 🫶 Shows Deep Appreciation
-Sponsoring is a meaningful, tangible way to thank developers for their work.
+  Sponsoring is a meaningful, tangible way to thank developers for their work.

 - 🏆 Earns You Recognition
-Many projects publicly thank their sponsors — you might appear in the README or on the site!
+  Many projects publicly thank their sponsors — you might appear in the README or on the site!

 - 🌱 Helps Open Source Thrive
-Open-source projects rely on community support. Sponsoring helps the ecosystem grow.
+  Open-source projects rely on community support. Sponsoring helps the ecosystem grow.

 ---

 ## 🎁 What Happens After Sponsoring

 Once you become a sponsor:
+
 1. You'll receive a confirmation email from GitHub
 2. Your name will appear in our sponsors list
 3. You'll get access to sponsor-only updates and content
@@ -107,4 +109,3 @@ Once you become a sponsor:
 That's it! You've successfully sponsored the **Palmr.** project on GitHub.  
 Your support will help ensure this open-source project continues to evolve and thrive.  
 **We appreciate you and welcome you to our community!** 🎉
-
--- a/apps/docs/content/docs/2.0.0-beta/gh-star.mdx
+++ b/apps/docs/content/docs/2.0.0-beta/gh-star.mdx
@@ -66,6 +66,7 @@ After clicking the "Star" button, several things will happen:
 4. The repository will be added to your starred repositories list

 You can access your starred repositories anytime by:
+
 - Clicking your profile picture
 - Selecting "Your stars" from the dropdown menu
 - Or visiting: https://github.com/[your-username]?tab=stars
@@ -81,22 +82,22 @@ To remove your star, simply click the "Unstar" button at any time.
 Starring a repository on GitHub is more than just a bookmarking tool—it’s a way to support the project and its developers. Here’s why starring is so important:

 - 🙌 Shows Appreciation
-Starring a repository is a simple way to show your appreciation for the hard work and effort that goes into maintaining and developing a project.
+  Starring a repository is a simple way to show your appreciation for the hard work and effort that goes into maintaining and developing a project.

 - 📈 Increases Visibility
-The more stars a repository has, the more visible it becomes on GitHub.
+  The more stars a repository has, the more visible it becomes on GitHub.

 - 💪 Encourages Developers
-Seeing stars motivates developers to continue improving the project.
+  Seeing stars motivates developers to continue improving the project.

 - 🔍 Helps with Discovery
-GitHub prioritizes repositories with more stars in trending and recommendations.
+  GitHub prioritizes repositories with more stars in trending and recommendations.

 - 📚 Tracks Your Interests
-Starred repositories are saved to your list for easy access later.
+  Starred repositories are saved to your list for easy access later.

 - 🌍 Supports Open Source
-Your stars help sustain the open-source community and the Palmr project.
+  Your stars help sustain the open-source community and the Palmr project.

 ---

@@ -119,6 +120,7 @@ Your star is more than just a number - it's a vote of confidence in our vision a
 That's it! You've successfully starred the **Palmr** project on GitHub. Thank you for supporting Palmr and becoming part of our growing community! Your support helps us continue improving and expanding the project for everyone.

 Feel free to explore our other ways to contribute, like:
+
 - Sharing Palmr with others
 - Reporting issues
 - Contributing code
--- a/apps/docs/content/docs/2.0.0-beta/github-architecture.mdx
+++ b/apps/docs/content/docs/2.0.0-beta/github-architecture.mdx
@@ -2,31 +2,30 @@
 title: </> Github Architecture
 ---

-import { File, Folder, Files } from "fumadocs-ui/components/files";
+import { File, Files, Folder } from "fumadocs-ui/components/files";

 ## Project Structure

 <Files>
  <Folder name="apps" defaultOpen>
-    <Folder name="docs" >
+    <Folder name="docs">
      <File name="all documentation files" />
    </Folder>
-    <Folder name="server" >
+    <Folder name="server">
      <File name="all backend files" />
    </Folder>
-    <Folder name="web" >
+    <Folder name="web">
      <File name="all frontend files" />
    </Folder>
  </Folder>
  <File name="other project files" />
 </Files>

-
 ## Core Components

 ### 🖥️ Frontend Application (apps/web)

- **Technology Stack:**
+**Technology Stack:**

 - Next.js 15 (App Router)
 - React 18
@@ -52,7 +51,7 @@ The frontend is organized with:

 ### ⚙️ Backend Service (apps/server)

- **Technology Stack:**
+**Technology Stack:**

 - Fastify
 - PostgreSQL
@@ -76,7 +75,7 @@ Key features include:

 ### 📚 Documentation (apps/docs)

- **Technology Stack:**
+**Technology Stack:**

 - Fumadocs
 - MDX (Markdown + JSX)
--- a/apps/docs/content/docs/2.0.0-beta/installation.mdx
+++ b/apps/docs/content/docs/2.0.0-beta/installation.mdx
@@ -2,13 +2,12 @@
 title: 🐳 Installation (Docker Compose)
 ---

-
 Installation via Docker Compose is the simplest way to run the project across different environments. For it to run correctly, we need two main tools installed in our environment:

 - Docker ([https://docs.docker.com](https://docs.docker.com/))
 - Docker Compose ([https://docs.docker.com/compose](https://docs.docker.com/compose/))

-> *It's worth emphasizing that Palmr. was fully developed in a MacOS environment and extensively tested on Linux servers. Therefore, we can guarantee the best system performance in these environments. Windows and other environments have not been tested yet, and potential bugs may occur during execution. However, remember that we are still in a beta version of Palmr., and errors or bugs can occur in any operating system. If you identify any issues, we appreciate your help in notifying us through our GitHub [issues page](https://github.com/kyantech/Palmr/issues).*
+> _It's worth emphasizing that Palmr. was fully developed in a MacOS environment and extensively tested on Linux servers. Therefore, we can guarantee the best system performance in these environments. Windows and other environments have not been tested yet, and potential bugs may occur during execution. However, remember that we are still in a beta version of Palmr., and errors or bugs can occur in any operating system. If you identify any issues, we appreciate your help in notifying us through our GitHub [issues page](https://github.com/kyantech/Palmr/issues)._

 ---

@@ -25,6 +24,7 @@ Next, let's look at the content of our `docker-compose.yaml`.
 ---

 ## 🐳 Docker Compose Content
+
 Below is the complete content of our `docker-compose.yaml` that can be copied directly from here or from our official repository ([Docker Compose](https://github.com/kyantech/Palmr/blob/main/docker-compose.yaml)).

 ```yaml
@@ -57,11 +57,21 @@ services:
      - NEXT_TELEMETRY_DISABLED=1
      - API_BASE_URL=http://palmr:${API_INTERNAL_PORT:-3333} # Using Docker service name for internal communication
    ports:
-      - "${API_EXTERNAL_PORT:-3333}:3333"  # Server port
-      - "${APP_EXTERNAL_PORT:-5487}:5487"  # Web port
+      - "${API_EXTERNAL_PORT:-3333}:3333" # Server port
+      - "${APP_EXTERNAL_PORT:-5487}:5487" # Web port
    restart: unless-stopped
    healthcheck:
-      test: ["CMD", "wget", "--no-verbose", "http://palmr:${API_INTERNAL_PORT:-3333}/health", "&&", "wget", "--no-verbose", "http://palmr:${APP_INTERNAL_PORT:-5487}"]
+      test:
+        [
+          "CMD",
+          "wget",
+          "--no-verbose",
+          "http://palmr:${API_INTERNAL_PORT:-3333}/health",
+          "&&",
+          "wget",
+          "--no-verbose",
+          "http://palmr:${APP_INTERNAL_PORT:-5487}",
+        ]
      interval: 30s
      timeout: 10s
      retries: 3
@@ -127,7 +137,6 @@ services:
 volumes:
  minio_data:
  postgres_data:
-
 ```

 Notice that the `docker-compose.yaml` has several comments that help you configure your own compose to meet your environment's needs. Let's give an overview of some changes we can make.
@@ -138,12 +147,12 @@ Notice that the `docker-compose.yaml` has several comments that help you configu

 Palmr. consists of four main services, each with specific responsibilities. Below, we present a detailed view of each component:

-| **Service** | **Image** | **Exposed Ports** | **Main Features** |
-| --- | --- | --- | --- |
-| palmr | [kyantech/palmr:latest](https://hub.docker.com/repository/docker/kyantech/palmr/general) | **3333** (API)<br/>**5487** (Web) | • Combined backend API and frontend service<br/>• Depends on services: postgres and minio<br/>• Has healthcheck to ensure availability |
-| minio (Storage) | [minio/minio:RELEASE.2025-03-12T18-04-18Z](https://hub.docker.com/layers/minio/minio/RELEASE.2025-03-12T18-04-18Z/images/sha256-85f3e4cd1ca92a2711553ab79f222bcd8b75aa2c77a1a0b0ccf80d38e8ab2fe5) | **6421**(API)<br/>**6422**(Console) | • File storage service<br/>• Persistent volume for data |
-| minio-init (Config) | [minio/mc:RELEASE.2025-03-12T17-29-24Z](https://hub.docker.com/layers/minio/mc/RELEASE.2025-03-12T17-29-24Z/images/sha256-68d8c80f43908b02daa285e55547131870a1d36b3ffe272c26d7d8f4d52d1e5c) | N/A | • Initially configures the "files" bucket<br/>• Runs only once during initialization |
-| postgres (Database) | [bitnami/postgresql:17.2.0](https://hub.docker.com/layers/bitnami/postgresql/17.2.0/images/sha256-29c614afad4f514b12b5c0f4d006f38c98fa4b18c3582732ff93b3fe9a79d875) | **5432** | • PostgreSQL database<br/>• Persistent volume for data |
+| **Service**         | **Image**                                                                                                                                                                                         | **Exposed Ports**                   | **Main Features**                                                                                                                      |
+| ------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------- |
+| palmr               | [kyantech/palmr:latest](https://hub.docker.com/repository/docker/kyantech/palmr/general)                                                                                                          | **3333** (API)<br/>**5487** (Web)   | • Combined backend API and frontend service<br/>• Depends on services: postgres and minio<br/>• Has healthcheck to ensure availability |
+| minio (Storage)     | [minio/minio:RELEASE.2025-03-12T18-04-18Z](https://hub.docker.com/layers/minio/minio/RELEASE.2025-03-12T18-04-18Z/images/sha256-85f3e4cd1ca92a2711553ab79f222bcd8b75aa2c77a1a0b0ccf80d38e8ab2fe5) | **6421**(API)<br/>**6422**(Console) | • File storage service<br/>• Persistent volume for data                                                                                |
+| minio-init (Config) | [minio/mc:RELEASE.2025-03-12T17-29-24Z](https://hub.docker.com/layers/minio/mc/RELEASE.2025-03-12T17-29-24Z/images/sha256-68d8c80f43908b02daa285e55547131870a1d36b3ffe272c26d7d8f4d52d1e5c)       | N/A                                 | • Initially configures the "files" bucket<br/>• Runs only once during initialization                                                   |
+| postgres (Database) | [bitnami/postgresql:17.2.0](https://hub.docker.com/layers/bitnami/postgresql/17.2.0/images/sha256-29c614afad4f514b12b5c0f4d006f38c98fa4b18c3582732ff93b3fe9a79d875)                               | **5432**                            | • PostgreSQL database<br/>• Persistent volume for data                                                                                 |

 ---

@@ -151,27 +160,25 @@ Palmr. consists of four main services, each with specific responsibilities. Belo

 The table below shows all environment variables that can be set

-| **Variable** | **Default Value** | **Description** |
-| --- | --- | --- |
-| API_INTERNAL_PORT | 3333 | Internal API port in container |
-| API_EXTERNAL_PORT | 3333 | Exposed port on host for API |
-| POSTGRES_PASSWORD | postgresRootPassword | PostgreSQL database password |
-| APP_EXTERNAL_PORT | 5487 | Exposed port on host for frontend |
-| APP_URL | http://localhost:5487 | Complete frontend URL |
-| SERVER_IP | localhost | IP of the server where the application is running |
-| MINIO_ROOT_USER | minio_root_user | MinIO admin user |
-| MINIO_ROOT_PASSWORD | minioRootPassword | MinIO admin password |
-| MINIO_INTERNAL_API_PORT | 6421 | Internal MinIO API port |
-| MINIO_INTERNAL_CONSOLE_PORT | 6422 | Internal MinIO console port |
-| MINIO_EXTERNAL_API_PORT | 6421 | Exposed port on host for MinIO API |
-| MINIO_EXTERNAL_CONSOLE_PORT | 6422 | Exposed port on host for MinIO console |
-| POSTGRESQL_USERNAME | postgres | PostgreSQL user |
-| POSTGRESQL_DATABASE | palmr_db | Database name |
-| MAX_FILESIZE | 1073741824 | Max Uploadsize per file. Unit in Bytes |
-
-> *All these variables can be configured through a .env file in the project root or defined directly in the environment where docker-compose will be executed. The best way to do this is up to you. But be careful to replace correctly if doing directly in the compose instead of providing an environment var.*
->
+| **Variable**                | **Default Value**     | **Description**                                   |
+| --------------------------- | --------------------- | ------------------------------------------------- |
+| API_INTERNAL_PORT           | 3333                  | Internal API port in container                    |
+| API_EXTERNAL_PORT           | 3333                  | Exposed port on host for API                      |
+| POSTGRES_PASSWORD           | postgresRootPassword  | PostgreSQL database password                      |
+| APP_EXTERNAL_PORT           | 5487                  | Exposed port on host for frontend                 |
+| APP_URL                     | http://localhost:5487 | Complete frontend URL                             |
+| SERVER_IP                   | localhost             | IP of the server where the application is running |
+| MINIO_ROOT_USER             | minio_root_user       | MinIO admin user                                  |
+| MINIO_ROOT_PASSWORD         | minioRootPassword     | MinIO admin password                              |
+| MINIO_INTERNAL_API_PORT     | 6421                  | Internal MinIO API port                           |
+| MINIO_INTERNAL_CONSOLE_PORT | 6422                  | Internal MinIO console port                       |
+| MINIO_EXTERNAL_API_PORT     | 6421                  | Exposed port on host for MinIO API                |
+| MINIO_EXTERNAL_CONSOLE_PORT | 6422                  | Exposed port on host for MinIO console            |
+| POSTGRESQL_USERNAME         | postgres              | PostgreSQL user                                   |
+| POSTGRESQL_DATABASE         | palmr_db              | Database name                                     |
+| MAX_FILESIZE                | 1073741824            | Max Uploadsize per file. Unit in Bytes            |

+> _All these variables can be configured through a .env file in the project root or defined directly in the environment where docker-compose will be executed. The best way to do this is up to you. But be careful to replace correctly if doing directly in the compose instead of providing an environment var._

 #### 🗂️ Persistent Volumes

@@ -196,8 +203,7 @@ This will execute all necessary services and give you access to the following UR
 - **MinIO Console:** [http://localhost:6422](http://localhost:6422)
 - **Postgres Database:** [http://localhost:5432](http://localhost:5432/) (Connection only)

-> *If you have changed any port, simply access the URL with the port you configured.*
-> 
+> _If you have changed any port, simply access the URL with the port you configured._

 ---

@@ -217,6 +223,7 @@ To generate a .env file with just the `server_ip` configuration, you can run thi
 ```bash
 curl -fsSL https://gist.githubusercontent.com/danielalves96/5a68913d70e5e31b68b7331dc17dfa9c/raw | bash
 ```
+
 > execute this command in your server terminal, at same path of docker-compose.yaml.

 Basically, by paying attention to these points, you can quickly execute the project with the same command we used for localhost:
@@ -229,8 +236,7 @@ docker compose pull && docker compose up -d

 At this stage, if you encounter any errors, it's worth reviewing your `docker-compose.yaml` and trying again, paying close attention to the points mentioned above.

-> *First test without using reverse proxies like Caddy, Traefik, etc... if you plan to use them. Access the services via `server_ip:port` after confirming they work, then make the necessary routing configurations as desired.*
-> 
+> _First test without using reverse proxies like Caddy, Traefik, etc... if you plan to use them. Access the services via `server_ip:port` after confirming they work, then make the necessary routing configurations as desired._

 If you haven't changed the execution ports, you'll have access on your server at:

@@ -240,8 +246,7 @@ If you haven't changed the execution ports, you'll have access on your server at
 - **MinIO Console:** `[server_ip]:6422`
 - **Postgres Database:** `[server_ip]:5432` (Connection only)

-> *If you've changed any port, simply access the URL with the port you configured.*
-> 
+> _If you've changed any port, simply access the URL with the port you configured._

 It's worth noting that this is just a quick start and we're not going into details about any of the developed services, but it's recommended for execution in any environment. However, if your focus is on using Palmr. with high availability in mind, it's recommended to use a container orchestrator prepared for this, such as Kubernetes or similar, but we don't cover this type of configuration in our documentation.

--- a/apps/docs/content/docs/2.0.0-beta/manual-installation.mdx
+++ b/apps/docs/content/docs/2.0.0-beta/manual-installation.mdx
@@ -31,7 +31,6 @@ Before proceeding with the installation, it's essential to ensure that your deve

 ⚠️ <strong>A critical note regarding package management:</strong> This repository has been specifically developed and thoroughly tested using the pnpm package manager. While technically possible to use alternative package managers such as `npm`, `yarn`, or `bun`, we strongly advise against this approach.

-
 ---

 ## Running the Application
--- a/apps/docs/content/docs/2.0.0-beta/meta.json
+++ b/apps/docs/content/docs/2.0.0-beta/meta.json
@@ -1,7 +1,5 @@
 {
-  "title": "v2.0.0-beta",
  "description": "(Deprecated)",
-  "root": true,
  "icon": "Trash2",
  "pages": [
    "---Introduction---",
@@ -25,5 +23,7 @@
    "gh-star",
    "gh-sponsor",
    "..."
-  ]
+  ],
+  "root": true,
+  "title": "v2.0.0-beta"
 }
--- a/apps/docs/content/docs/2.0.0-beta/open-an-issue.mdx
+++ b/apps/docs/content/docs/2.0.0-beta/open-an-issue.mdx
@@ -53,6 +53,7 @@ To access the issues section:
 4. You'll see a list of all existing issues, both open and closed

 The issues tab shows important information like:
+
 - Number of open issues
 - Issue labels and categories
 - Issue status (open/closed)
@@ -74,6 +75,7 @@ To start creating a new issue:
 5. Make sure you have all necessary information ready before starting

 Pro Tips:
+
 - Before creating a new issue, search existing issues to avoid duplicates
 - Review any contribution guidelines or issue templates
 - Consider adding relevant labels when creating your issue
@@ -107,6 +109,7 @@ Once you've filled out the form, click the **Create** button at the bottom of th
 ### 💡 Tips for Issues

 To ensure your issue is addressed quickly and effectively, follow these tips:
+
 - **Be Clear and Specific**: Provide as much detail as possible.
 - **Use a Descriptive Title**: A good title helps maintainers understand the issue at a glance.
 - **Include Steps to Reproduce**: If it’s a bug, explain how to reproduce it.
@@ -117,6 +120,7 @@ To ensure your issue is addressed quickly and effectively, follow these tips:
 ### ⭐ Why Issues Matter

 Opening issues is a key part of contributing to open-source projects. Here’s why it matters:
+
 1. **Improves the Project**: Your feedback helps identify bugs and suggest new features.
 2. **Helps Maintainers**: Clear and detailed issues make it easier for maintainers to address problems.
 3. **Encourages Collaboration**: Issues can spark discussions and attract contributors to help solve problems.
--- a/apps/docs/content/docs/2.0.0-beta/uploading-files.mdx
+++ b/apps/docs/content/docs/2.0.0-beta/uploading-files.mdx
@@ -20,7 +20,6 @@ To begin the upload process, locate and click the "Upload File" button. This act

 ![Upload File Button](/assets/v1/main/upload/upload-file-button.png)

-
 **Example with an image:**

 ![Preview Example](/assets/v1/main/upload/preview-example.png)
--- a/apps/docs/content/docs/3.0-beta/configuring-smtp.mdx
+++ b/apps/docs/content/docs/3.0-beta/configuring-smtp.mdx
@@ -1,148 +0,0 @@
---
-title: Configuring SMTP
-icon: Mail
---
-
-For Palmr to function with all its best features, you need to configure an email server. To make this process easier, there's a built-in configuration panel inside **Settings** in Palmr. However, only users with an **ADMIN** profile can access and configure these settings.
-
-This guide walks you through the complete process of setting up SMTP for your Palmr installation, ensuring that email-dependent features work seamlessly.
-
-## Why configure SMTP?
-
-Configuring SMTP is essential for enabling key email functionalities that enhance the user experience and ensure proper system operation.
-
-The main functionalities that depend on SMTP configuration are:
-
- **Password Reset** – Users who forget their password and cannot access the **Settings** panel need this feature to regain access to their accounts.
- **Email Notifications** – Recipients will receive email notifications when new shares are sent to them, keeping them informed about shared content.
-
-Without proper SMTP configuration, these features will not work, potentially leaving users unable to recover their accounts or stay informed about shared files.
-
-Now, let's go through the step-by-step process to configure the **SMTP Server**.
-
---
-
-## Accessing SMTP settings
-
-To configure SMTP settings, you'll need administrative access to the Palmr settings panel.
-
-### Prerequisites
-
-Before beginning the configuration process:
-
- Ensure you have **ADMIN** user privileges in Palmr
- Have your SMTP server credentials ready
- For Gmail users, prepare to generate an App Password
-
-### Navigating to settings
-
-To access **Settings**, an **ADMIN** user must click on the profile picture in the **header** and select **Settings** from the dropdown menu.
-
-![Dropdown Menu](/assets/v3/smtp/dropdown-menu.png)
-
-Once inside the **Settings** panel, click on the **Email** card to expand the SMTP configuration options.
-
-![Closed Settings Card](/assets/v3/smtp/closed-card.png)
-
-After expanding the card, the following SMTP configuration fields will appear:
-
-![Opened Settings Card](/assets/v3/smtp/opened-card.png)
-
---
-
-## Configuring SMTP server
-
-The SMTP configuration process involves enabling the service and configuring the necessary connection details.
-
-### Enabling SMTP
-
-The first step is to **enable SMTP** by selecting "Yes" in the **SMTP Enabled** field.
-
-![SMTP Enabled](/assets/v3/smtp/smtp-enabled.png)
-
-### Configuration fields
-
-Once SMTP is enabled, you can configure the other necessary fields:
-
-**Sender Name** – This will appear as the sender's name in all outgoing emails. Use a recognizable name like "Palmr" or your organization name.
-
-**Sender Email** – The email address from which notifications will be sent. Use a professional address like "noreply@palmr.app" or "notifications@yourdomain.com".
-
-**SMTP Server** – The SMTP server address provided by your email service. For Gmail, use `smtp.gmail.com` (this is the recommended option and set as default).
-
-**SMTP Port** – The server port used for connections. For Gmail, the standard port is **587** (TLS encryption).
-
-**SMTP Username** – The username for authenticating with your SMTP server. For Gmail, enter your complete email address.
-
-**SMTP Password** – The password for SMTP authentication. For Gmail, you must use an **App Password** (not your regular email password).
-
-### Important security note
-
-**Important:** If using **Gmail**, you need to generate an **App Password** instead of using your standard email password. This provides better security and is required for applications like Palmr.
-
-For other email services, consult the official documentation of the service provider you are using. We recommend using Gmail for its simplicity, reliability, and reasonable email sending limits.
-
---
-
-## Generating a Gmail App Password
-
-Gmail requires App Passwords for third-party applications to ensure account security while maintaining functionality.
-
-### Step-by-step process
-
-To generate an App Password for Gmail:
-
-1. **Access Your Account**: Go to [Google My Account](https://myaccount.google.com/)
-2. **Navigate to Security**: Select the **Security** section from the menu
-3. **Find App Passwords**: Scroll down to locate **App Passwords** (you may need to enable 2-factor authentication first)
-4. **Generate Password**: Create a new password specifically for Palmr
-5. **Save Securely**: Copy and store the generated password safely
-
-### Additional resources
-
-For a complete guide with screenshots and detailed instructions, refer to: **[How to set up SMTP credentials with Gmail](https://medium.com/rails-to-rescue/how-to-set-up-smtp-credentials-with-gmail-for-your-app-send-email-cf236d11087d)**.
-
-### Gmail configuration summary
-
-When using Gmail, your final settings should be:
-
- **SMTP Server**: `smtp.gmail.com`
- **SMTP Port**: `587`
- **SMTP Username**: Your Gmail address
- **SMTP Password**: Generated App Password (16 characters)
-
---
-
-## Testing your configuration
-
-After completing the configuration, it's important to verify that everything works correctly.
-
-### Validation steps
-
-1. **Save Settings**: Apply your SMTP configuration in the Palmr interface
-2. **Test Password Reset**: Try the password reset feature with a test account to ensure emails are sent
-3. **Test Notifications**: Create a test share to verify that notification emails are delivered
-4. **Check Email Delivery**: Confirm that emails arrive in the recipient's inbox (not spam folder)
-
-### Troubleshooting common issues
-
-If emails are not being sent:
-
- Verify that all fields are filled correctly
- For Gmail, ensure you're using the App Password, not your regular password
- Check that your email provider allows SMTP connections
- Confirm that port 587 is not blocked by your firewall
-
---
-
-## Finalizing SMTP configuration
-
-After entering the correct information and testing the functionality, save the settings.
-
-Your Palmr installation is now ready to:
-
- Send password reset emails to users who need account recovery
- Deliver share notifications to recipients automatically
- Provide a complete user experience with reliable email communication
-
-With SMTP properly configured, users can take full advantage of Palmr's email-dependent features, ensuring a smooth and professional experience when sharing files and managing their accounts.
--- a/apps/docs/content/docs/3.0-beta/oidc-authentication.mdx
+++ b/apps/docs/content/docs/3.0-beta/oidc-authentication.mdx
@@ -1,299 +0,0 @@
---
-title: OIDC Authentication
-icon: Key
---
-
-Palmr supports OpenID Connect (OIDC) authentication, allowing users to sign in using external identity providers such as Google, Microsoft Azure AD, Keycloak, Auth0, and other OIDC-compliant services. This feature provides seamless single sign-on (SSO) capabilities and centralized user management.
-
-OIDC authentication in Palmr is built using the industry-standard OpenID Connect protocol with PKCE (Proof Key for Code Exchange) for enhanced security. The implementation supports automatic user provisioning, role mapping, and flexible configuration options.
-
-## Why use OIDC authentication?
-
-OIDC authentication provides several advantages for organizations and users:
-
-**Centralized Authentication**: Users can authenticate using their existing organizational credentials without creating separate accounts for Palmr.
-
-**Enhanced Security**: OIDC provides robust security features including token-based authentication, PKCE flow, and standardized protocols.
-
-**Single Sign-On**: Users can access Palmr seamlessly if they're already authenticated with their identity provider.
-
-**User Management**: Administrators can manage user access centrally through their existing identity provider.
-
-**Compliance**: OIDC helps meet organizational security and compliance requirements by leveraging existing identity infrastructure.
-
---
-
-## Prerequisites
-
-Before configuring OIDC authentication, ensure you have:
-
- **Administrative Access**: ADMIN privileges in Palmr to configure OIDC settings
- **Identity Provider**: An OIDC-compliant identity provider (Google, Azure AD, Keycloak, etc.)
- **Application Registration**: Your Palmr application registered with your identity provider
- **OIDC Credentials**: Client ID, Client Secret, and Issuer URL from your identity provider
-
-### Supported identity providers
-
-Palmr's OIDC implementation is compatible with any OpenID Connect 1.0 compliant provider, including:
-
- **Google Workspace / Google Cloud Identity**
- **Microsoft Azure Active Directory / Entra ID**
- **Keycloak**
- **Auth0**
- **Okta**
- **AWS Cognito**
- **Custom OIDC providers**
-
---
-
-## Configuring OIDC settings
-
-OIDC configuration is managed through Palmr's administrative settings panel, accessible only to users with ADMIN privileges.
-
-### Accessing OIDC configuration
-
-To configure OIDC authentication:
-
-1. **Access Settings**: Click on your profile picture in the header and select **Settings**
-2. **Navigate to Authentication**: Find the **Authentication** or **OIDC** configuration section
-3. **Enable OIDC**: Toggle the OIDC authentication option to enable it
-
-![OIDC Settings Panel](/assets/v3/oidc/provider-setup.png)
-
-### Required configuration fields
-
-Configure the following essential fields for OIDC authentication:
-
-**OIDC Enabled**: Enable or disable OIDC authentication for your Palmr instance.
-
-**Issuer URL**: The base URL of your OIDC identity provider. This is typically the discovery endpoint URL without the `/.well-known/openid-configuration` suffix.
-
- Example: `https://accounts.google.com`
- Example: `https://login.microsoftonline.com/{tenant-id}/v2.0`
-
-**Client ID**: The unique identifier for your Palmr application as registered with your identity provider.
-
-**Client Secret**: The secret key provided by your identity provider for your Palmr application. Store this securely and never share it.
-
-**Redirect URI**: The callback URL where users will be redirected after authentication. This is typically auto-detected but can be manually configured if needed.
-
- Format: `https://your-palmr-domain.com/api/auth/oidc/callback`
-
-**Scope**: The OpenID Connect scopes to request from the identity provider. Default is `openid profile email`.
-
-![OIDC Configuration Fields](/assets/v3/oidc/provider setup.png)
-
-### Advanced configuration options
-
-**Auto-Registration**: Configure whether new users can be automatically created when they authenticate via OIDC for the first time.
-
-**Admin Email Domains**: Specify email domains that should automatically receive admin privileges when registering via OIDC.
-
-**User Attribute Mapping**: Configure how user attributes from the OIDC provider map to Palmr user fields.
-
---
-
-## Setting up identity providers
-
-The setup process varies depending on your chosen identity provider. Here are examples for common providers:
-
-### Google Workspace / Google Cloud
-
-1. **Create Project**: Go to the [Google Cloud Console](https://console.cloud.google.com/) and create a new project
-2. **Enable APIs**: Enable the Google+ API and OpenID Connect API
-3. **Create Credentials**: Create OAuth 2.0 credentials for a web application
-4. **Configure Redirect URI**: Add your Palmr callback URL to authorized redirect URIs
-5. **Note Credentials**: Copy the Client ID and Client Secret for Palmr configuration
-
-**Configuration values:**
-
- **Issuer URL**: `https://accounts.google.com`
- **Scope**: `openid profile email`
-
-### Microsoft Azure AD / Entra ID
-
-1. **Register Application**: Go to Azure Portal > Azure Active Directory > App registrations
-2. **Create Registration**: Register a new application with web platform
-3. **Configure Authentication**: Add your Palmr callback URL to redirect URIs
-4. **Create Secret**: Generate a client secret in Certificates & secrets
-5. **Note Configuration**: Copy Application (client) ID and Directory (tenant) ID
-
-**Configuration values:**
-
- **Issuer URL**: `https://login.microsoftonline.com/{tenant-id}/v2.0`
- **Scope**: `openid profile email`
-
-### Keycloak
-
-1. **Create Client**: In your Keycloak realm, create a new OpenID Connect client
-2. **Configure Client**: Set access type to confidential and enable standard flow
-3. **Set Redirect URI**: Add your Palmr callback URL to valid redirect URIs
-4. **Generate Secret**: Note the client secret from the Credentials tab
-
-**Configuration values:**
-
- **Issuer URL**: `https://your-keycloak-domain.com/realms/{realm-name}`
- **Scope**: `openid profile email`
-
-![Identity Provider Setup](/assets/v3/oidc/provider-setup.png)
-
---
-
-## Testing OIDC configuration
-
-After configuring OIDC settings, it's important to test the authentication flow to ensure everything works correctly.
-
-### Validation steps
-
-1. **Save Configuration**: Apply your OIDC settings in the Palmr admin panel
-2. **Check Status**: Verify that OIDC is enabled and properly configured
-3. **Test Login Flow**: Attempt to log in using the OIDC provider
-4. **Verify User Creation**: Confirm that user accounts are created or updated correctly
-
-### Testing the authentication flow
-
-1. **Access Login Page**: Navigate to your Palmr login page
-2. **OIDC Login Option**: Look for the OIDC/SSO login button or option
-3. **Provider Redirect**: Click the OIDC login option to redirect to your identity provider
-4. **Authenticate**: Complete authentication with your identity provider
-5. **Return to Palmr**: Verify successful redirect back to Palmr with authentication
-
-![OIDC Login Flow](/assets/v3/oidc/login-flow.png)
-
-### Troubleshooting common issues
-
-**Configuration Errors**:
-
- Verify that all required fields are filled correctly
- Check that the Issuer URL is accessible and returns valid OIDC metadata
- Ensure Client ID and Client Secret match your identity provider configuration
-
-**Redirect URI Mismatches**:
-
- Confirm that the redirect URI in Palmr matches what's configured in your identity provider
- Check for protocol mismatches (HTTP vs HTTPS)
- Verify that the domain and path are exactly correct
-
-**Authentication Failures**:
-
- Check that the user exists in your identity provider
- Verify that required scopes are granted
- Ensure the user has necessary permissions in the identity provider
-
-**User Creation Issues**:
-
- Confirm that auto-registration is enabled if you want new users to be created automatically
- Check that email addresses are provided by the identity provider
- Verify admin domain configuration if users should receive admin privileges
-
---
-
-## User experience
-
-Once OIDC is properly configured, users will have a seamless authentication experience integrated into Palmr's login flow.
-
-### Login process
-
-1. **Access Palmr**: Users navigate to the Palmr login page
-2. **Choose OIDC**: Users select the OIDC/SSO login option
-3. **Provider Authentication**: Users are redirected to authenticate with their identity provider
-4. **Automatic Return**: After successful authentication, users are automatically redirected back to Palmr
-5. **Dashboard Access**: Users gain immediate access to their Palmr dashboard
-
-### User account management
-
-**Automatic Provisioning**: New users are automatically created when they first authenticate via OIDC (if auto-registration is enabled).
-
-**Profile Synchronization**: User profile information (name, email) is synchronized from the identity provider during each login.
-
-**Role Assignment**: User roles and permissions can be automatically assigned based on identity provider attributes or configured rules.
-
-### Account unification
-
-**Email-Based Matching**: If a user authenticates via OIDC using the same email address as an existing credential-based account, both authentication methods will be linked to the same user account.
-
-**Dual Authentication Options**: Users who have both credential-based and OIDC authentication set up can choose either method to log in:
-
- Traditional email/password authentication
- OIDC/SSO authentication through their identity provider
-
-**Seamless Experience**: Regardless of which authentication method is used, users will access the same account with all their files, shares, and settings preserved.
-
-**Account Consolidation**: This feature ensures that users don't accidentally create duplicate accounts and can transition smoothly between authentication methods as organizational requirements change.
-
-![User Dashboard After OIDC Login](/assets/v3/oidc/user-dashboard.png)
-
---
-
-## Security considerations
-
-OIDC authentication in Palmr implements several security best practices to ensure safe and secure authentication.
-
-### Security features
-
-**PKCE Flow**: Palmr uses Proof Key for Code Exchange (PKCE) to prevent authorization code interception attacks.
-
-**State Parameter**: Random state parameters are used to prevent CSRF attacks during the authentication flow.
-
-**Token Validation**: All tokens are properly validated according to OIDC specifications.
-
-**Secure Storage**: Sensitive configuration data is securely stored and never exposed to client-side code.
-
-### Best practices
-
-**Use HTTPS**: Always configure Palmr and your identity provider to use HTTPS in production environments.
-
-**Rotate Secrets**: Regularly rotate client secrets and update them in both your identity provider and Palmr configuration.
-
-**Monitor Access**: Regularly review user access and authentication logs to detect any suspicious activity.
-
-**Limit Scopes**: Only request the minimum necessary scopes from your identity provider.
-
-**Validate Domains**: Configure admin email domains carefully to prevent unauthorized privilege escalation.
-
---
-
-## API endpoints
-
-Palmr provides several API endpoints for OIDC authentication that can be used for integration or troubleshooting.
-
-### Available endpoints
-
-**GET /api/auth/oidc/config**: Retrieve OIDC configuration and status information.
-
-**GET /api/auth/oidc/authorize**: Initiate the OIDC authorization flow.
-
-**GET /api/auth/oidc/callback**: Handle the callback from the identity provider after authentication.
-
-## Finalizing OIDC configuration
-
-After completing the configuration and testing process, your Palmr installation will be ready to handle OIDC authentication seamlessly.
-
-### Configuration completion
-
-Once OIDC is properly configured:
-
-1. **Verify Settings**: Confirm all configuration fields are correct and saved
-2. **Test Authentication**: Perform end-to-end testing of the authentication flow
-3. **Document Configuration**: Keep a record of your OIDC settings for future reference
-4. **Inform Users**: Notify users about the new OIDC authentication option
-
-### Ongoing maintenance
-
-To maintain reliable OIDC authentication:
-
- **Monitor Authentication**: Regularly check that OIDC authentication is working correctly
- **Update Credentials**: Rotate client secrets periodically for security
- **Review User Access**: Audit user accounts and permissions regularly
- **Stay Updated**: Keep informed about changes to your identity provider's configuration
-
-### Next steps
-
-With OIDC properly configured, your Palmr installation now provides:
-
- Seamless single sign-on authentication for users
- Centralized user management through your identity provider
- Enhanced security through industry-standard protocols
- Improved user experience with reduced password management
-
-Users can now authenticate using their existing organizational credentials, providing a more streamlined and secure access experience to Palmr's file sharing capabilities.
--- a/apps/docs/content/docs/3.0-beta/uid-gid-configuration.mdx
+++ b/apps/docs/content/docs/3.0-beta/uid-gid-configuration.mdx
@@ -1,222 +0,0 @@
---
-title: UID/GID Configuration
-icon: "Users"
---
-
-Configure user and group permissions for seamless bind mount compatibility across different host systems, particularly NAS environments.
-
-## Overview
-
-Palmr. supports runtime UID/GID configuration to resolve permission conflicts when using bind mounts. This eliminates the need for manual permission management on your host system.
-
-**Default Configuration**: UID 1001, GID 1001
-
-## When to Configure
-
-UID/GID configuration is recommended when:
-
- Using bind mounts with different host user permissions
- Deploying on NAS systems (Synology, QNAP, etc.)
- Encountering "permission denied" errors
- Host system uses different default UID/GID values
-
-## Environment Variables
-
-Configure permissions using these optional environment variables:
-
-| Variable    | Description                      | Default | Example |
-| ----------- | -------------------------------- | ------- | ------- |
-| `PALMR_UID` | User ID for container processes  | `1001`  | `1000`  |
-| `PALMR_GID` | Group ID for container processes | `1001`  | `1000`  |
-
---
-
-## Finding Host UID/GID
-
-Determine your host system's user and group IDs:
-
-```bash
-# Check current user
-id
-
-# Output example
-uid=1000(user) gid=1000(group) groups=1000(group),27(sudo)
-```
-
-Use the `uid` and `gid` values for your configuration.
-
---
-
-## Configuration Examples
-
-### Standard Linux System
-
-```yaml
-services:
-  palmr:
-    image: kyantech/palmr:latest
-    container_name: palmr
-    environment:
-      - ENABLE_S3=false
-      - ENCRYPTION_KEY=your-secure-key-min-32-chars
-      - PALMR_UID=1000
-      - PALMR_GID=1000
-    ports:
-      - "5487:5487"
-    volumes:
-      - ./data:/app/server
-    restart: unless-stopped
-```
-
-### Synology NAS
-
-```yaml
-services:
-  palmr:
-    image: kyantech/palmr:latest
-    container_name: palmr
-    environment:
-      - ENABLE_S3=false
-      - ENCRYPTION_KEY=your-secure-key-min-32-chars
-      - PALMR_UID=1026
-      - PALMR_GID=100
-    ports:
-      - "5487:5487"
-    volumes:
-      - /volume1/docker/palmr:/app/server
-    restart: unless-stopped
-```
-
-### QNAP NAS
-
-```yaml
-services:
-  palmr:
-    image: kyantech/palmr:latest
-    container_name: palmr
-    environment:
-      - ENABLE_S3=false
-      - ENCRYPTION_KEY=your-secure-key-min-32-chars
-      - PALMR_UID=1000
-      - PALMR_GID=100
-    ports:
-      - "5487:5487"
-    volumes:
-      - /share/Container/palmr:/app/server
-    restart: unless-stopped
-```
-
---
-
-## Migration Guide
-
-### Existing Installations
-
-To add UID/GID configuration to running installations:
-
-1. **Stop the container**
-
-   ```bash
-   docker-compose down
-   ```
-
-2. **Backup your data**
-
-   ```bash
-   cp -r ./data ./data-backup
-   ```
-
-3. **Update configuration**
-   Add UID/GID variables to your `docker-compose.yaml`
-
-4. **Restart with new configuration**
-   ```bash
-   docker-compose up -d
-   ```
-
---
-
-## Verification
-
-### Check Configuration
-
-Verify UID/GID settings are applied correctly:
-
-```bash
-# View startup logs
-docker-compose logs palmr | head -20
-
-# Check file ownership
-docker exec palmr ls -la /app/server/
-
-# Verify process UID/GID
-docker exec palmr ps aux | grep node
-```
-
-### Troubleshooting
-
-**Permission issues persist:**
-
-```bash
-# Check environment variables
-docker exec palmr env | grep PALMR
-
-# Verify file ownership
-docker exec palmr stat /app/server/prisma/palmr.db
-
-# Review configuration logs
-docker-compose logs palmr | grep -E "🔧|🔐|🔽"
-```
-
-**NAS-specific debugging:**
-
-```bash
-# Synology - Check mount point ownership
-ls -la /volume1/docker/palmr/
-
-# QNAP - Check mount point ownership
-ls -la /share/Container/palmr/
-
-# Check NAS user configuration
-cat /etc/passwd | grep -v nobody
-```
-
---
-
-## Implementation Details
-
-The UID/GID configuration process:
-
-1. **Detection** - Environment variables are read during container startup
-2. **Ownership Update** - File permissions are adjusted to match target UID/GID
-3. **Privilege Drop** - Application runs with specified user permissions via `su-exec`
-4. **Logging** - Configuration changes are logged for verification
-
-This approach provides automatic permission management without user creation or system modification.
-
---
-
-## Build-Time Configuration
-
-For custom base images with different default values:
-
-```bash
-docker build \
-  --build-arg PALMR_UID=2000 \
-  --build-arg PALMR_GID=2000 \
-  -t palmr:custom .
-```
-
-Runtime environment variables override build-time defaults.
-
---
-
-## Benefits
-
- **Zero Configuration** - Works automatically when environment variables are set
- **Universal Compatibility** - Supports any valid UID/GID combination
- **NAS Optimized** - Tested with major NAS platforms
- **Backward Compatible** - Existing deployments continue without modification
- **Performance Optimized** - Lightweight implementation using `su-exec`
-
-For permission issues with bind mounts, add the appropriate `PALMR_UID` and `PALMR_GID` environment variables to resolve conflicts automatically.
--- a/apps/docs/content/docs/3.1-beta/api.mdx
+++ b/apps/docs/content/docs/3.1-beta/api.mdx
--- a/apps/docs/content/docs/3.1-beta/architecture.mdx
+++ b/apps/docs/content/docs/3.1-beta/architecture.mdx
@@ -9,10 +9,7 @@ import { ZoomableImage } from "@/components/ui/zoomable-image";

 Understanding the architecture of Palmr. is crucial for both deploying and scaling the application. The platform is designed with simplicity and flexibility in mind, offering a streamlined setup that can grow with your needs.

-<ZoomableImage
-  src="/assets/v3/architecture/architecture.png"
-  alt="Palmr. Architecture"
-/>
+<ZoomableImage src="/assets/v3/architecture/architecture.png" alt="Palmr. Architecture" />

 ## Technologies used

@@ -46,6 +43,16 @@ Palmr. uses **filesystem storage** as the default storage solution, keeping thin
 - Excellent performance for local file operations
 - Optional S3-compatible storage support for cloud deployments and scalability

+#### Performance Considerations with Encryption
+
+By default, filesystem storage uses encryption (AES-256-CBC) to protect files at rest, which adds CPU overhead during uploads (encryption) and downloads (decryption). This can make operations slower and consume more resources, particularly for large files or in resource-constrained environments like containers or low-end VMs.
+
+If performance is a priority and you don't need encryption (e.g., for non-sensitive data or testing), you can disable it by setting the environment variable `DISABLE_FILESYSTEM_ENCRYPTION=true` in your `.env` file or Docker configuration. Note that disabling encryption stores files in plaintext on disk, reducing security.
+
+For optimal performance with encryption enabled, ensure your hardware supports AES-NI acceleration (check with `cat /proc/cpuinfo | grep aes` on Linux).
+
+As an alternative, consider using S3-compatible object storage (e.g., AWS S3 or MinIO), which can offload file storage from the local filesystem and potentially reduce local CPU overhead for encryption/decryption. See [S3 Providers](/docs/3.1-beta/s3-providers) for setup instructions.
+
 ### Fastify + Zod + TypeScript

 The backend of Palmr. is powered by **Fastify**, **Zod**, and **TypeScript**, creating a robust and type-safe API layer. Fastify is a super-fast Node.js web framework optimized for performance and low overhead, designed to handle lots of concurrent requests with minimal resource usage. Zod provides runtime type validation and schema definition, ensuring all incoming data is properly validated before reaching business logic. TypeScript adds compile-time type safety throughout the entire backend codebase. This combination creates a highly reliable and maintainable backend that prevents bugs and security issues while maintaining excellent performance.
@@ -120,7 +127,7 @@ Palmr. is designed to be flexible in how you handle file storage:

 **Optional S3-compatible storage:**

- Enable S3 storage by setting `ENABLE_S3=true`, look at [S3 Providers](/docs/3.0-beta/s3-providers) for more information.
+- Enable S3 storage by setting `ENABLE_S3=true`, look at [S3 Providers](/docs/3.1-beta/s3-providers) for more information.
 - Compatible with AWS S3, MinIO, and other S3-compatible services
 - Ideal for cloud deployments and distributed setups
 - Provides additional scalability and redundancy options
--- a/apps/docs/content/docs/3.1-beta/available-languages.mdx
+++ b/apps/docs/content/docs/3.1-beta/available-languages.mdx
--- a/apps/docs/content/docs/3.1-beta/configuring-smtp.mdx
+++ b/apps/docs/content/docs/3.1-beta/configuring-smtp.mdx
@@ -0,0 +1,273 @@
+---
+title: Configuring SMTP
+icon: Mail
+---
+
+For Palmr to function with all its best features, you need to configure an email server. To make this process easier, there's a built-in configuration panel inside **Settings** in Palmr. However, only users with an **ADMIN** profile can access and configure these settings.
+
+This guide walks you through the complete process of setting up SMTP for your Palmr installation, ensuring that email-dependent features work seamlessly.
+
+## Why configure SMTP?
+
+Configuring SMTP is essential for enabling key email functionalities that enhance the user experience and ensure proper system operation.
+
+The main functionalities that depend on SMTP configuration are:
+
+- **Password Reset** – Users who forget their password and cannot access the **Settings** panel need this feature to regain access to their accounts.
+- **Email Notifications** – Recipients will receive email notifications when new shares are sent to them, keeping them informed about shared content.
+
+Without proper SMTP configuration, these features will not work, potentially leaving users unable to recover their accounts or stay informed about shared files.
+
+Now, let's go through the step-by-step process to configure the **SMTP Server**.
+
+---
+
+## Accessing SMTP settings
+
+To configure SMTP settings, you'll need administrative access to the Palmr settings panel.
+
+### Prerequisites
+
+Before beginning the configuration process:
+
+- Ensure you have **ADMIN** user privileges in Palmr
+- Have your SMTP server credentials ready
+- For Gmail users, prepare to generate an App Password
+
+### Navigating to settings
+
+To access **Settings**, an **ADMIN** user must click on the profile picture in the **header** and select **Settings** from the dropdown menu.
+
+Once inside the **Settings** panel, click on the **Email** card to expand the SMTP configuration options.
+
+![Closed Settings Card](/assets/v3/smtp/closed-card.png)
+
+After expanding the card, the following SMTP configuration fields will appear:
+
+![Opened Settings Card](/assets/v3/smtp/opened-card.png)
+
+---
+
+## Configuring SMTP server
+
+The SMTP configuration process involves enabling the service and configuring the necessary connection details.
+
+### Enabling SMTP
+
+The first step is to **enable SMTP** by selecting "Yes" in the **SMTP Enabled** field.
+
+![SMTP Enabled](/assets/v3/smtp/smtp-enabled.png)
+
+### Configuration fields
+
+Once SMTP is enabled, you can configure the following fields:
+
+#### Basic SMTP Configuration
+
+**SMTP Server** – The SMTP server address provided by your email service. For Gmail, use `smtp.gmail.com` (this is the recommended option and set as default).
+
+**SMTP Port** – The server port used for connections. For Gmail, the standard port is **587** (TLS encryption).
+
+**SMTP Username** – The username for authenticating with your SMTP server. For Gmail, enter your complete email address.
+
+**SMTP Password** – The password for SMTP authentication. For Gmail, you must use an **App Password** (not your regular email password).
+
+#### Email Sender Configuration
+
+**Sender Name** – This will appear as the sender's name in all outgoing emails. Use a recognizable name like "Palmr" or your organization name.
+
+**Sender Email** – The email address from which notifications will be sent. Use a professional address like "noreply@palmr.app" or "notifications@yourdomain.com".
+
+#### Advanced Configuration Options
+
+**Connection Security** – Choose the appropriate security method for your SMTP server:
+
+- **Auto (Recommended)** – Automatically selects the best security method based on the port
+- **SSL (Port 465)** – Uses SSL encryption for the entire connection
+- **STARTTLS (Port 587)** – Uses STARTTLS to upgrade a plain connection to TLS
+- **None (Insecure)** – Uses plain SMTP without encryption (only for development/testing)
+
+**No Authentication** – Enable this option for internal SMTP servers that don't require username/password authentication. When enabled, the username and password fields will be hidden.
+
+**Trust Self-Signed Certificates** – Enable this option to trust self-signed SSL/TLS certificates. This is particularly useful for development environments or internal SMTP servers with self-signed certificates.
+
+#### Field Behavior and Dependencies
+
+**Conditional Field Display**: The SMTP configuration uses intelligent field display:
+
+- **All SMTP fields** are hidden when SMTP is disabled
+- **Username and Password fields** are automatically hidden when "No Authentication" is enabled
+- **Test Connection button** only appears when SMTP is enabled
+
+**Field Validation**: The system provides real-time validation:
+
+- **Required fields** are checked before testing connections
+- **Authentication fields** are validated unless "No Authentication" is enabled
+- **Connection testing** validates all settings before saving
+
+#### Testing Configuration
+
+**Test SMTP Connection** – Use this button to test your SMTP configuration before saving. This will verify that all settings are correct and the connection works properly.
+
+**Test Button Features**:
+
+- **Real-time validation** of all required fields
+- **Informational tooltip** explaining the test process
+- **Loading state** with spinner during connection test
+- **Success/Error messages** with detailed feedback
+- **Uses form values** (not saved settings) for testing
+
+### Important security note
+
+**Important:** If using **Gmail**, you need to generate an **App Password** instead of using your standard email password. This provides better security and is required for applications like Palmr.
+
+For other email services, consult the official documentation of the service provider you are using. We recommend using Gmail for its simplicity, reliability, and reasonable email sending limits.
+
+---
+
+## Generating a Gmail App Password
+
+Gmail requires App Passwords for third-party applications to ensure account security while maintaining functionality.
+
+### Step-by-step process
+
+To generate an App Password for Gmail:
+
+1. **Access Your Account**: Go to [Google My Account](https://myaccount.google.com/)
+2. **Navigate to Security**: Select the **Security** section from the menu
+3. **Find App Passwords**: Scroll down to locate **App Passwords** (you may need to enable 2-factor authentication first)
+4. **Generate Password**: Create a new password specifically for Palmr
+5. **Save Securely**: Copy and store the generated password safely
+
+### Additional resources
+
+For a complete guide with screenshots and detailed instructions, refer to: **[How to set up SMTP credentials with Gmail](https://medium.com/rails-to-rescue/how-to-set-up-smtp-credentials-with-gmail-for-your-app-send-email-cf236d11087d)**.
+
+### Gmail configuration summary
+
+When using Gmail, your final settings should be:
+
+- **SMTP Server**: `smtp.gmail.com`
+- **SMTP Port**: `587`
+- **SMTP Username**: Your Gmail address
+- **SMTP Password**: Generated App Password (16 characters)
+- **Connection Security**: Auto (Recommended) or STARTTLS (Port 587)
+
+---
+
+## Other email provider configurations
+
+While Gmail is recommended for its simplicity, Palmr supports various email providers. Here are common configurations:
+
+### Outlook/Hotmail
+
+- **SMTP Server**: `smtp-mail.outlook.com`
+- **SMTP Port**: `587`
+- **Connection Security**: STARTTLS (Port 587)
+- **Authentication**: Username and password required
+
+### Yahoo Mail
+
+- **SMTP Server**: `smtp.mail.yahoo.com`
+- **SMTP Port**: `587` or `465`
+- **Connection Security**: STARTTLS (Port 587) or SSL (Port 465)
+- **Authentication**: App-specific password required
+
+### Custom SMTP Server
+
+- **SMTP Server**: Your server's hostname or IP address
+- **SMTP Port**: Usually `25`, `587`, or `465`
+- **Connection Security**: Choose based on your server's capabilities
+- **Authentication**: Configure according to your server's requirements
+- **Trust Self-Signed Certificates**: Enable if using self-signed certificates
+
+---
+
+## Testing your configuration
+
+After completing the configuration, it's important to verify that everything works correctly.
+
+### Using the Test Connection feature
+
+Palmr provides a built-in **Test SMTP Connection** button that allows you to verify your configuration before saving:
+
+1. **Fill in your SMTP settings** – Complete all required fields in the SMTP configuration
+2. **Click "Test Connection"** – This will attempt to connect to your SMTP server with the current settings
+3. **Review the results** – You'll see a success message if the connection works, or an error message with details if it fails
+4. **Save your settings** – Once the test is successful, save your configuration to make it permanent
+
+**Note:** The test connection uses the values currently entered in the form, not the saved settings. Make sure to save your configuration after a successful test.
+
+### Validation steps
+
+1. **Save Settings**: Apply your SMTP configuration in the Palmr interface
+2. **Test Password Reset**: Try the password reset feature with a test account to ensure emails are sent
+3. **Test Notifications**: Create a test share to verify that notification emails are delivered
+4. **Check Email Delivery**: Confirm that emails arrive in the recipient's inbox (not spam folder)
+
+### Troubleshooting common issues
+
+If emails are not being sent:
+
+- **Verify all fields are filled correctly** – Ensure all required fields have valid values
+- **For Gmail, ensure you're using the App Password** – Not your regular email password
+- **Check that your email provider allows SMTP connections** – Some providers require specific settings
+- **Confirm that port 587 is not blocked by your firewall** – Check both local and network firewall settings
+- **Verify the SMTP server address** – Double-check the hostname for typos
+- **Test with different security settings** – Try different Connection Security options if one fails
+
+### Troubleshooting self-signed certificate issues
+
+If you're using an SMTP server with self-signed certificates and encountering connection errors:
+
+1. **Enable Trust Self-Signed Certificates** – In the SMTP settings, enable the "Trust Self-Signed Certificates" option
+2. **Use Appropriate Security Method** – Choose the correct security method for your server:
+   - For servers requiring TLS: Use "STARTTLS (Port 587)" or "SSL (Port 465)"
+   - For development servers without encryption: Use "None (Insecure)"
+3. **Verify Server Configuration** – Ensure your SMTP server is properly configured to accept connections on the specified port
+4. **Test Connection** – Use the "Test Connection" button to verify your configuration before saving
+
+**Note:** The "None (Insecure)" option should only be used in development environments or with trusted internal servers, as it transmits data without encryption.
+
+### Troubleshooting authentication issues
+
+If you're experiencing authentication problems:
+
+- **Check username and password** – Ensure they are correct and match your email provider's requirements
+- **For Gmail users** – Make sure you're using an App Password, not your regular password
+- **Enable "No Authentication" if applicable** – For internal servers that don't require authentication
+- **Verify account settings** – Some providers require enabling "Less secure app access" or similar settings
+
+### Common error messages and solutions
+
+The SMTP configuration system provides specific error messages to help you troubleshoot issues:
+
+**"SMTP is not enabled. Please enable SMTP first."**
+
+- **Solution**: Enable the "SMTP Enabled" toggle before testing
+
+**"Please fill in SMTP Host and Port before testing."**
+
+- **Solution**: Ensure both SMTP Server and SMTP Port fields are filled
+
+**"Please fill in SMTP Username and Password, or enable 'No Authentication' option."**
+
+- **Solution**: Either provide authentication credentials or enable "No Authentication"
+
+**"SMTP connection failed: [specific error]"**
+
+- **Solution**: Check the specific error message for details about the connection issue
+
+---
+
+## Finalizing SMTP configuration
+
+After entering the correct information and testing the functionality, save the settings.
+
+Your Palmr installation is now ready to:
+
+- Send password reset emails to users who need account recovery
+- Deliver share notifications to recipients automatically
+- Provide a complete user experience with reliable email communication
+
+With SMTP properly configured, users can take full advantage of Palmr's email-dependent features, ensuring a smooth and professional experience when sharing files and managing their accounts.
--- a/apps/docs/content/docs/3.1-beta/contribute.mdx
+++ b/apps/docs/content/docs/3.1-beta/contribute.mdx
--- a/apps/docs/content/docs/3.1-beta/gh-sponsor.mdx
+++ b/apps/docs/content/docs/3.1-beta/gh-sponsor.mdx
--- a/apps/docs/content/docs/3.1-beta/gh-star.mdx
+++ b/apps/docs/content/docs/3.1-beta/gh-star.mdx
--- a/apps/docs/content/docs/3.1-beta/github-architecture.mdx
+++ b/apps/docs/content/docs/3.1-beta/github-architecture.mdx
@@ -3,7 +3,7 @@ title: GitHub Architecture
 icon: Github
 ---

-import { File, Folder, Files } from "fumadocs-ui/components/files";
+import { File, Files, Folder } from "fumadocs-ui/components/files";

 This guide provides a comprehensive overview of Palmr.'s GitHub repository structure, explaining how the different components are organized in the codebase. Understanding this architecture will help you navigate the repository, contribute effectively, and understand how the project is structured.

--- a/apps/docs/content/docs/3.1-beta/index.mdx
+++ b/apps/docs/content/docs/3.1-beta/index.mdx
@@ -3,7 +3,7 @@ title: Welcome to Palmr.
 icon: TreePalm
 ---

-import { Ban, Star, Shield, Palette, Users, Zap } from "lucide-react";
+import { Ban, Palette, Shield, Star, Users, Zap } from "lucide-react";

 ![Palmr Banner](/assets/v2.1/general/banner.png)

--- a/apps/docs/content/docs/3.1-beta/manual-installation.mdx
+++ b/apps/docs/content/docs/3.1-beta/manual-installation.mdx
@@ -5,7 +5,7 @@ icon: Cog

 Hey there! Looking to run **Palmr.** your way, with complete control over every piece of the stack? This manual installation guide is for you. No Docker, no pre-built containers just the raw source code to tweak, customize, and deploy as you see fit.

-> **Prefer a quicker setup?** If this hands-on approach feels like overkill, check out our [**Quick Start (Docker)**](/docs/3.0-beta/quick-start) guide for a fast, containerized deployment. This manual path is tailored for developers who want to dive deep, modify the codebase, or integrate custom services.
+> **Prefer a quicker setup?** If this hands-on approach feels like overkill, check out our [**Quick Start (Docker)**](/docs/3.1-beta/quick-start) guide for a fast, containerized deployment. This manual path is tailored for developers who want to dive deep, modify the codebase, or integrate custom services.

 Here's what you'll do at a glance:

@@ -23,8 +23,7 @@ We've broken down each step below feel free to jump to the section you're workin

 Let's make sure your environment is ready to roll. Check that you've got these tools installed and set up on your system:

- <span style={{ color: "#16a34a" }}>Node.js</span> *(Powers our JavaScript/TypeScript
-  apps)*
+- <span style={{ color: "#16a34a" }}>Node.js</span> *(Powers our JavaScript/TypeScript apps)*
 - <span style={{ color: "#16a34a" }}>pnpm</span> *(Our go-to package manager)*
 - <span style={{ color: "#16a34a" }}>Git</span> *(For cloning and managing the repo)*

@@ -233,10 +232,10 @@ pnpm serve

 Palmr. is now up and running locally . Here are some suggested next steps:

- **Manage Users**: Dive into the [Users Management](/docs/3.0-beta/manage-users) guide.
+- **Manage Users**: Dive into the [Users Management](/docs/3.1-beta/manage-users) guide.
 - **Switch to Object Storage**: Update `.env` variables to use an S3-compatible bucket (see Quick Notes above).
 - **Secure Your Instance**: Put Palmr. behind a reverse proxy like **Nginx** or **Caddy** and enable HTTPS.
- **Learn the Internals**: Explore how everything connects in the [Architecture](/docs/3.0-beta/architecture) overview.
+- **Learn the Internals**: Explore how everything connects in the [Architecture](/docs/3.1-beta/architecture) overview.

 Jump into whichever area fits your needs our docs are designed for exploration in any order.

--- a/apps/docs/content/docs/3.1-beta/meta.json
+++ b/apps/docs/content/docs/3.1-beta/meta.json
@@ -1,7 +1,5 @@
 {
-  "title": "v3.0-beta",
  "description": "Latest version",
-  "root": true,
  "icon": "Sparkles",
  "pages": [
    "---Introduction---",
@@ -18,14 +16,18 @@
    "reverse-proxy-configuration",
    "password-reset-without-smtp",
    "oidc-authentication",
+    "troubleshooting",
    "---Developers---",
    "architecture",
    "github-architecture",
    "api",
+    "translation-management",
    "contribute",
    "open-an-issue",
    "---Sponsor this project---",
    "gh-star",
    "gh-sponsor"
-  ]
+  ],
+  "root": true,
+  "title": "v3.1-beta"
 }
--- a/apps/docs/content/docs/3.1-beta/oidc-authentication/auth0.mdx
+++ b/apps/docs/content/docs/3.1-beta/oidc-authentication/auth0.mdx
@@ -0,0 +1,370 @@
+---
+title: Auth0
+icon: Lock
+---
+
+import { ZoomableImage } from "@/components/ui/zoomable-image";
+
+Auth0 is one of Palmr's officially supported OIDC providers, offering enterprise-grade authentication through Auth0's identity platform. This integration allows users to sign in to Palmr using Auth0's comprehensive authentication system, making it perfect for enterprise organizations, applications requiring advanced security features, and teams that need centralized identity management.
+
+<ZoomableImage src="/assets/v3/oidc/auth0/sign-in-with-auth0.png" alt="Sign in with Auth0" />
+
+## Why use Auth0 authentication?
+
+Auth0 authentication provides several advantages for enterprise and security-focused organizations:
+
+- **Enterprise-grade security** - Advanced security features like MFA, adaptive authentication, and threat detection
+- **Centralized identity management** - Single platform to manage users across multiple applications
+- **Flexible authentication options** - Support for social logins, enterprise SSO, and custom databases
+- **Compliance ready** - Built-in compliance with SOC 2, GDPR, HIPAA, and other standards
+- **Advanced customization** - Rules, hooks, and custom branding capabilities
+
+---
+
+## Prerequisites
+
+Before configuring Auth0 authentication, ensure you have:
+
+- **Auth0 account** - Ability to create applications and manage tenants
+- **Admin privileges in Palmr** - Required to configure OIDC settings
+- **Domain configuration** - For production deployments with custom domains
+
+> **Note:** Auth0 is pre-configured as an official provider in Palmr, which means the technical configuration is handled automatically. You only need to provide your OAuth credentials.
+
+---
+
+## Setting up Auth0 Application
+
+### Creating an Auth0 application
+
+To get started with Auth0 authentication, you'll need to create an application in your Auth0 Dashboard.
+
+1. **Navigate to Auth0 Dashboard**: Go to [manage.auth0.com](https://manage.auth0.com)
+
+<ZoomableImage src="/assets/v3/oidc/auth0/auth0-dashboard.png" alt="Auth0 Dashboard" />
+
+2. **Create new application**: Click **"Applications"** in the left sidebar, then click **"+ Create Application"**
+
+<ZoomableImage src="/assets/v3/oidc/auth0/create-application.png" alt="Auth0 Create Application" />
+
+3. **Select application type**: Choose **"Single Page Application"** for web-based Palmr instances
+
+<ZoomableImage
+  src="/assets/v3/oidc/auth0/application-type.png"
+  alt="Auth0 Application Type Selection"
+  legend="This is a fake application, you have to use your own."
+/>
+
+4. **Enter application details**:
+   - **Name**: Enter a descriptive name like "Palmr File Sharing"
+
+5. **Create application**: Click **"Create"** to generate your Auth0 application
+
+### Configuring application settings
+
+After creating your application, you'll need to configure the settings that Palmr will use. Navigate to the application page and click on the **"Settings"** tab.
+
+<ZoomableImage
+  src="/assets/v3/oidc/auth0/application-settings.png"
+  alt="Auth0 Application Settings"
+  legend="This is a fake application, you have to use your own."
+/>
+
+1. **Configure application URLs**:
+
+You'll need to configure several URLs in your Auth0 application settings. Here's what to add for each environment:
+
+### Application Login URIs
+
+| Environment | URL                                 |
+| ----------- | ----------------------------------- |
+| Production  | `https://yourdomain.com/login`      |
+| Development | Don't add anything here             |
+| Custom Port | `https://yourdomain.com:5487/login` |
+
+### Allowed Logout URLs
+
+| Environment | URL                           |
+| ----------- | ----------------------------- |
+| Production  | `https://yourdomain.com`      |
+| Development | `http://localhost:3000`       |
+| Custom Port | `https://yourdomain.com:5487` |
+
+### Allowed Web Origins
+
+| Environment | URL                           |
+| ----------- | ----------------------------- |
+| Production  | `https://yourdomain.com`      |
+| Development | `http://localhost:3000`       |
+| Custom Port | `https://yourdomain.com:5487` |
+
+### Allowed Callback URLs
+
+| Environment | URL                                                             |
+| ----------- | --------------------------------------------------------------- |
+| Production  | `https://yourdomain.com/api/auth/providers/auth0/callback`      |
+| Development | `http://localhost:3000/api/auth/providers/auth0/callback`       |
+| Custom Port | `https://yourdomain.com:5487/api/auth/providers/auth0/callback` |
+
+> **Note:** Replace `yourdomain.com` with your actual domain name in all production and custom port URLs.
+
+<ZoomableImage
+  src="/assets/v3/oidc/auth0/config-urls.png"
+  alt="Auth0 Application URLs Configuration"
+  legend="This is a fake application, you have to use your own."
+/>
+
+2. **Save changes**: Click **"Save"** to apply your configuration
+
+### Getting OAuth credentials
+
+Now you'll get the credentials that Palmr will use to authenticate with Auth0.
+
+1. **Copy Domain**: Note your Auth0 domain (e.g., `your-tenant.auth0.com`) add `https://` at the beginning
+
+2. **Copy Client ID**: The Client ID is displayed in the **"Client ID"** field
+
+3. **Generate Client Secret**: Click **"Show"** next to Client Secret to reveal it
+
+<ZoomableImage
+  src="/assets/v3/oidc/auth0/oauth-credentials.png"
+  alt="Auth0 OAuth Credentials"
+  legend="The client ID and client secret shown in the image are examples only (fake credentials). You must use your own credentials from Auth0."
+/>
+
+4. **Save credentials**: Copy the **Domain**, **Client ID**, and **Client Secret** for later use
+
+> **Important:** Replace `yourdomain.com` with your actual domain. You can add multiple callback URLs for different environments (development, staging, production).
+
+---
+
+## Configuring Palmr
+
+### Accessing OIDC settings
+
+To configure Auth0 authentication in Palmr, you need administrator access to the settings panel.
+
+1. **Login as administrator**: Sign in to Palmr with an admin account
+
+2. **Access settings**: Click your profile picture in the header and select **Settings**
+
+3. **Navigate to authentication**: Find and click on the **Authentication Providers** configuration section
+
+<ZoomableImage src="/assets/v3/oidc/auth-providers.png" alt="Palmr Authentication Providers" />
+
+### Enabling Auth0 provider
+
+Auth0 comes pre-configured as an official provider, so the setup process is streamlined.
+
+1. **Locate Auth0 provider**: Find Auth0 in the list of available providers
+
+2. **Enable the provider**: Toggle the status to **Enabled**
+
+<ZoomableImage src="/assets/v3/oidc/auth0/enabled-auth0.png" alt="Palmr Auth0 Provider Enabled" />
+
+After enabling the provider, click on the pen icon to configure the provider.
+
+3. **Configure credentials**:
+   - **Provider URL**: Paste your Auth0 domain (e.g., `https://your-tenant.auth0.com`) remember to add the `https://` at the beginning
+   - **Client ID**: Paste the Client ID from Auth0 application
+   - **Client Secret**: Paste the Client Secret from Auth0 application
+   - **Scopes**: Add the scopes you want to use. The default scopes are `openid`, `profile`, and `email`.
+
+<ZoomableImage
+  src="/assets/v3/oidc/auth0/edit-auth0.png"
+  alt="Edit Auth0 Provider"
+  legend="This is a fake application, you have to use your own."
+/>
+
+### Advanced configuration options
+
+Configure additional settings to customize the authentication behavior:
+
+**Auto Registration**: Enable this to automatically create user accounts when someone authenticates for the first time.
+
+**Sort Order**: Control where the Auth0 login button appears relative to other authentication providers.
+
+**Icon**: you can choose the icon you want to use for the Auth0 login button (default is `SiAuth0`).
+
+<ZoomableImage src="/assets/v3/oidc/auth0/auth0-icon.png" alt="Auth0 Icon" />
+
+> **Enterprise tip:** Auth0 authentication works great for enterprise organizations requiring advanced security features and centralized identity management.
+
+---
+
+## Account linking
+
+By default, if a user is already registered in Palmr with their Auth0 email, they will be automatically linked to their Palmr account.
+
+> **Note:** You can't disable account linking. If you want to unlink a user from their Auth0 account, you need to delete the user from Palmr.
+
+---
+
+## Technical configuration
+
+Auth0's technical configuration is handled automatically, but understanding the setup can help with troubleshooting:
+
+```yaml
+Provider Type: OAuth 2.0 with OIDC Discovery
+Issuer URL: https://your-tenant.auth0.com
+Authorization Endpoint: /authorize
+Token Endpoint: /oauth/token
+UserInfo Endpoint: /userinfo
+Scopes: openid profile email
+```
+
+### Field mappings
+
+Palmr automatically maps Auth0 user information to local user accounts:
+
+- **User ID**: Maps from Auth0's `sub` field
+- **Email**: Maps from Auth0's `email` field
+- **Full Name**: Maps from Auth0's `name` field
+- **First Name**: Maps from Auth0's `given_name` field
+- **Last Name**: Maps from Auth0's `family_name` field
+- **Avatar**: Maps from Auth0's `picture` field
+- **Username**: Maps from Auth0's `nickname` field
+
+### Auth0-specific features
+
+- **Custom Claims**: Can include custom user metadata and app metadata
+- **Connection Support**: Works with database, social, and enterprise connections
+- **Rules and Hooks**: Can customize authentication flow with custom logic
+- **Multi-factor Authentication**: Supports Auth0's MFA features
+- **Enterprise SSO**: Integrates with SAML, LDAP, and other enterprise systems
+
+---
+
+## Testing the configuration
+
+### Verifying the setup
+
+After configuring Auth0 authentication, test the integration to ensure everything works correctly.
+
+1. **Check login page**: Navigate to your Palmr login page and verify the "Sign in with Auth0" button appears
+
+2. **Test authentication flow**: Click the Auth0 sign-in button and complete the authentication process
+
+3. **Verify user creation**: Confirm that a new user account is created (if auto-registration is enabled)
+
+### Login flow verification
+
+The complete authentication process should work as follows:
+
+1. **User clicks "Sign in with Auth0"**: The browser redirects to Auth0's authorization page
+2. **User authenticates**: User completes authentication through Auth0 (login, MFA, etc.)
+3. **Auth0 redirects back to Palmr**: User returns to Palmr with authentication tokens
+4. **Palmr creates or updates user**: User account is automatically managed with Auth0 information
+5. **User accesses Palmr**: User is logged in with their Auth0 identity
+
+---
+
+## Troubleshooting common issues
+
+### Redirect URI mismatch error
+
+**Error message**: `invalid_redirect_uri`
+
+**Cause**: The redirect URI in your request doesn't match what's configured in Auth0 application.
+
+**Solution**:
+
+1. Check the exact URL in the error message
+2. Add this exact URL to your Auth0 application's callback URLs
+3. Ensure you include the correct protocol (http/https) and port
+4. Remove any trailing slashes unless they're in the callback URL
+
+### Access denied error
+
+**Error message**: `access_denied`
+
+**Cause**: User denied permissions or the application isn't properly configured.
+
+**Solution**:
+
+1. Verify that your Auth0 application requests the correct scopes
+2. Check that users are granting permissions during the authorization flow
+3. Ensure your application is not restricted or disabled
+4. Verify the application has proper permissions set up
+
+### Invalid client error
+
+**Error message**: `invalid_client`
+
+**Cause**: Incorrect Client ID, Client Secret, or Domain.
+
+**Solution**:
+
+1. Double-check that you've copied the credentials correctly from Auth0
+2. Ensure there are no extra spaces or characters in the credentials
+3. Verify you're using the correct domain format (e.g., `your-tenant.auth0.com`)
+4. Generate a new Client Secret if necessary
+
+### Domain configuration issues
+
+**Error message**: Domain not found or invalid
+
+**Cause**: Incorrect Auth0 domain or tenant configuration.
+
+**Solution**:
+
+1. Verify your Auth0 domain is correct (e.g., `your-tenant.auth0.com`)
+2. Check that your Auth0 tenant is active and not suspended
+3. Ensure you're using the correct region for your tenant
+4. Verify DNS resolution for your Auth0 domain
+
+### Custom claims not available
+
+**Cause**: Custom claims not properly configured in Auth0 rules or actions.
+
+**Solution**:
+
+1. Check Auth0 rules and actions for custom claim configuration
+2. Verify that custom claims are included in the ID token
+3. Ensure the claims are properly formatted and accessible
+4. Test with a user that has the expected custom claims
+
+---
+
+## Security best practices
+
+### Credential management
+
+- **Never expose secrets**: Keep your Client Secret secure and never commit it to version control
+- **Rotate credentials regularly**: Generate new Client Secrets periodically for enhanced security
+- **Use environment variables**: Store sensitive configuration in environment variables, not config files
+- **Monitor access logs**: Regularly review authentication logs for suspicious activity
+
+### Scope and permission management
+
+- **Minimal scopes**: Only request `openid`, `profile`, and `email` scopes as required by Palmr
+- **User consent**: Ensure users understand what permissions they're granting
+- **Regular audits**: Review which users have connected their Auth0 accounts
+- **Access reviews**: Periodically check user access and remove inactive accounts
+
+### Production considerations
+
+- **Use HTTPS**: Always use HTTPS in production environments
+- **Configure proper domains**: Use production domains in Auth0 application settings
+- **Test thoroughly**: Verify the complete authentication flow before going live
+- **Plan for failures**: Have fallback authentication methods available
+
+---
+
+## Next steps
+
+With Auth0 authentication configured, you might want to:
+
+- **Configure additional providers**: Set up other OIDC providers for more authentication options
+- **Customize user management**: Fine-tune auto-registration and admin assignment rules
+- **Review security settings**: Ensure your authentication setup meets your security requirements
+- **Monitor usage**: Keep track of authentication patterns and user activity
+
+For more information about OIDC authentication in Palmr, see the [OIDC Authentication overview](/docs/3.1-beta/oidc-authentication).
+
+## Useful resources
+
+- [Auth0 Documentation](https://auth0.com/docs)
+- [Auth0 OAuth 2.0 Guide](https://auth0.com/docs/protocols/oauth2)
+- [Auth0 OpenID Connect](https://auth0.com/docs/protocols/openid-connect)
+- [Auth0 Dashboard](https://manage.auth0.com)
--- a/apps/docs/content/docs/3.1-beta/oidc-authentication/authentik.mdx
+++ b/apps/docs/content/docs/3.1-beta/oidc-authentication/authentik.mdx
@@ -0,0 +1,384 @@
+---
+title: Authentik
+icon: Key
+---
+
+import { ZoomableImage } from "@/components/ui/zoomable-image";
+
+Authentik is one of Palmr's officially supported OIDC providers, offering enterprise-grade authentication through Authentik's identity platform. This integration allows users to sign in to Palmr using Authentik's comprehensive authentication system, making it perfect for enterprise organizations, applications requiring advanced security features, and teams that need centralized identity management with complete control over their authentication infrastructure.
+
+<ZoomableImage src="/assets/v3/oidc/authentik/sign-in-with-authentik.png" alt="Sign in with Authentik" />
+
+## Why use Authentik authentication?
+
+Authentik authentication provides several advantages for enterprise and security-focused organizations:
+
+- **Complete self-hosted control** - Full control over your authentication infrastructure and data
+- **Enterprise-grade security** - Advanced security features like MFA, adaptive authentication, and threat detection
+- **Centralized identity management** - Single platform to manage users across multiple applications
+- **Compliance ready** - Built-in compliance with GDPR, SOC 2, and other enterprise standards
+- **Advanced customization** - Policies, flows, and custom branding capabilities
+
+---
+
+## Prerequisites
+
+Before configuring Authentik authentication, ensure you have:
+
+- **Authentik instance** - Self-hosted Authentik installation running and accessible
+- **Admin privileges in Palmr** - Required to configure OIDC settings
+- **Domain configuration** - For production deployments with custom domains
+
+> **Note:** Authentik is pre-configured as an official provider in Palmr, which means the technical configuration is handled automatically. You only need to provide your OAuth credentials.
+
+---
+
+## Setting up Authentik OAuth2/OpenID Provider
+
+### Creating an Authentik OAuth2/OpenID Provider
+
+To get started with Authentik authentication, you'll need to create an OAuth2/OpenID Provider in your Authentik Admin Interface.
+
+1. **Navigate to Authentik Admin Interface**: Go to your Authentik instance URL (e.g., `https://your-authentik-domain.com`)
+
+<ZoomableImage src="/assets/v3/oidc/authentik/authentik-admin.png" alt="Authentik Admin Interface" />
+
+2. **Create new OAuth2/OpenID Provider**: Click **"Applications"** in the left sidebar, then click **"Providers"** and click **"+ Create"**
+
+<ZoomableImage src="/assets/v3/oidc/authentik/create-provider.png" alt="Authentik Create Provider" />
+
+3. **Select provider type**: Choose **"OAuth2/OpenID Provider"** for OIDC authentication and click on **"Next"** button.
+
+<ZoomableImage
+  src="/assets/v3/oidc/authentik/provider-type.png"
+  alt="Authentik Provider Type Selection"
+  legend="This is a fake application, you have to use your own."
+/>
+
+### Configuring provider settings
+
+1. **Enter provider details**:
+   - **Name**: Enter a descriptive name like "Palmr File Sharing"
+   - **Authorization Flow**: select **default-provider-authorization-explicit-consent (Authorize Application)**
+   - **Protocol Settings (Client type)**: select **Confidential**
+   - **Protocol Settings (Client ID)**: Copy the Client ID from Authentik field (You can edit it if you want) - `(Copy this value and save it for later use)`
+   - **Protocol Settings (Client Secret)**: Copy the Client Secret from Authentik field (You can edit it if you want) - `(Copy this value and save it for later use)`
+   - **Protocol Settings (Redirect URIs/Origins (RegEx))**: Select 'Strict' and add the redirect URI for your application (e.g. `https://your-palmr-domain.com/api/auth/providers/authentik/callback`) you can see below the field the example of the redirect URI.
+   - **Protocol Settings (Signing key)**: select **"authentik Self-signed Certificate"**
+
+<ZoomableImage
+  src="/assets/v3/oidc/authentik/provider-settings-1.png"
+  alt="Authentik Provider Settings"
+  legend="This is a fake application, you have to use your own."
+/>
+
+<ZoomableImage
+  src="/assets/v3/oidc/authentik/provider-settings-2.png"
+  alt="Authentik Provider Settings"
+  legend="This is a fake application, you have to use your own."
+/>
+
+2. **Configure provider URLs**:
+
+You'll need to configure several URLs in your Authentik provider settings. Here's what to add for each environment:
+
+### Redirect URIs
+
+| Environment | URL                                                                 |
+| ----------- | ------------------------------------------------------------------- |
+| Production  | `https://yourdomain.com/api/auth/providers/authentik/callback`      |
+| Development | `http://localhost:3000/api/auth/providers/authentik/callback`       |
+| Custom Port | `https://yourdomain.com:5487/api/auth/providers/authentik/callback` |
+
+> **Note:** Replace `yourdomain.com` with your actual domain name in all production and custom port URLs.
+> **Note:** You can add multiple redirect URIs for different environments (development, staging, production).
+
+**Save changes**: Click **"Finish"** to apply your configuration.
+
+> **Note:** You can configure other settings for provider if you want, but the necessary settings are already configured in this step.
+
+After clicking on **"Finish"** you will see your provider listed in the provider list, but with an warning message like this: ' Warning: Provider not assigned to any application.'.
+
+<ZoomableImage
+  src="/assets/v3/oidc/authentik/warning-message.png"
+  alt="Authentik Provider Warning Message"
+  legend="This is a fake application, you have to use your own."
+/>
+
+### Creating application with created provider
+
+After creating your provider, you need to create an application with the created provider. To do this, you need to click on the **"Applications"** in the left sidebar, then click on **"+ Create"**.
+
+<ZoomableImage
+  src="/assets/v3/oidc/authentik/applications-page.png"
+  alt="Authentik Applications Page"
+  legend="This is a fake application, you have to use your own."
+/>
+
+1. **Configure application**:
+
+- **Name**: Enter a descriptive name like "Palmr File Sharing"
+- **Slug**: Enter a unique identifier (e.g., `palmr-file-sharing`)
+- **Provider**: Select the provider you just created from the list of providers.
+
+<ZoomableImage
+  src="/assets/v3/oidc/authentik/application-modal.png"
+  alt="Authentik Application Modal"
+  legend="This is a fake application, you have to use your own."
+/>
+
+The other fields are not important for now, you can leave them as they are. But if you want to change something, you can change them.
+
+2. **Save application**: Click on **"Create"** to save the application.
+
+<ZoomableImage
+  src="/assets/v3/oidc/authentik/application-modal.png"
+  alt="Authentik Application Modal"
+  legend="This is a fake application, you have to use your own."
+/>
+
+### Final Authentik step
+
+The last step in Authentik is grab your instance URL. You can find it clicking on the **"providers"** in the side menu on tab **"overview"**.
+
+<ZoomableImage
+  src="/assets/v3/oidc/authentik/provider-overview.png"
+  alt="Authentik Instance URL"
+  legend="This is a fake application, you have to use your own."
+/>
+
+You don't need copy the complete URL, just the domain name and protocol and port if you are using a custom port.
+For example: `https://your-authentik-domain.com`.
+
+> **Note:** In Authentik we finish the configuration. Let's go to Palmr to configure the provider. Remember you need `Client ID`, `Client Secret` and `Instance URL` to configure the provider in Palmr.
+
+---
+
+## Configuring Palmr
+
+### Accessing OIDC settings
+
+To configure Authentik authentication in Palmr, you need administrator access to the settings panel.
+
+1. **Login as administrator**: Sign in to Palmr with an admin account
+
+2. **Access settings**: Click your profile picture in the header and select **Settings**
+
+3. **Navigate to authentication**: Find and click on the **Authentication Providers** configuration section
+
+<ZoomableImage src="/assets/v3/oidc/auth-providers.png" alt="Palmr Authentication Providers" />
+
+### Enabling Authentik provider
+
+Authentik comes pre-configured as an official provider, so the setup process is streamlined.
+
+1. **Locate Authentik provider**: Find Authentik in the list of available providers
+
+2. **Enable the provider**: Toggle the status to **Enabled**
+
+<ZoomableImage src="/assets/v3/oidc/authentik/enabled-authentik.png" alt="Palmr Authentik Provider Enabled" />
+
+After enabling the provider, click on the pen icon to configure the provider.
+
+3. **Configure credentials**:
+   - **Provider URL**: Paste your Authentik instance URL (e.g., `https://your-authentik-domain.com`)
+   - **Client ID**: Paste the Client ID from Authentik provider
+   - **Client Secret**: Paste the Client Secret from Authentik provider
+   - **Scopes**: Add the scopes you want to use. The default scopes are `openid`, `profile`, and `email`. You don't need change this if you are not sure.
+
+<ZoomableImage
+  src="/assets/v3/oidc/authentik/edit-authentik.png"
+  alt="Edit Authentik Provider"
+  legend="This is a fake application, you have to use your own."
+/>
+
+### Advanced configuration options
+
+Configure additional settings to customize the authentication behavior:
+
+**Auto Registration**: Enable this to automatically create user accounts when someone authenticates for the first time.
+
+**Sort Order**: Control where the Authentik login button appears relative to other authentication providers.
+
+**Icon**: you can choose the icon you want to use for the Authentik login button (default is `FaShieldAlt`).
+
+<ZoomableImage src="/assets/v3/oidc/authentik/authentik-icon.png" alt="Authentik Icon" />
+
+---
+
+## Account linking
+
+By default, if a user is already registered in Palmr with their Authentik email, they will be automatically linked to their Palmr account.
+
+> **Note:** You can't disable account linking. If you want to unlink a user from their Authentik account, you need to delete the user from Palmr.
+
+---
+
+## Technical configuration
+
+Authentik's technical configuration is handled automatically, but understanding the setup can help with troubleshooting:
+
+```yaml
+Provider Type: OAuth 2.0 with OIDC Discovery
+Issuer URL: https://your-authentik-domain.com
+Authorization Endpoint: /application/o/authorize
+Token Endpoint: /application/o/token
+UserInfo Endpoint: /application/o/userinfo
+Scopes: openid profile email
+```
+
+### Field mappings
+
+Palmr automatically maps Authentik user information to local user accounts:
+
+- **User ID**: Maps from Authentik's `sub` field
+- **Email**: Maps from Authentik's `email` field
+- **Full Name**: Maps from Authentik's `name` field
+- **First Name**: Maps from Authentik's `given_name` field
+- **Last Name**: Maps from Authentik's `family_name` field
+- **Avatar**: Maps from Authentik's `picture` field
+- **Username**: Maps from Authentik's `preferred_username` field
+
+### Authentik-specific features
+
+- **Custom Claims**: Can include custom user metadata and app metadata
+- **Policies Support**: Can customize authentication flow with custom policies
+- **Multi-factor Authentication**: Supports Authentik's MFA features
+- **Enterprise SSO**: Integrates with SAML, LDAP, and other enterprise systems
+- **Self-hosted Only**: Complete control over your authentication infrastructure
+
+---
+
+## Testing the configuration
+
+### Verifying the setup
+
+After configuring Authentik authentication, test the integration to ensure everything works correctly.
+
+1. **Check login page**: Navigate to your Palmr login page and verify the "Sign in with Authentik" button appears
+
+2. **Test authentication flow**: Click the Authentik sign-in button and complete the authentication process
+
+3. **Verify user creation**: Confirm that a new user account is created (if auto-registration is enabled)
+
+### Login flow verification
+
+The complete authentication process should work as follows:
+
+1. **User clicks "Sign in with Authentik"**: The browser redirects to Authentik's authorization page
+2. **User authenticates**: User completes authentication through Authentik (login, MFA, etc.)
+3. **Authentik redirects back to Palmr**: User returns to Palmr with authentication tokens
+4. **Palmr creates or updates user**: User account is automatically managed with Authentik information
+5. **User accesses Palmr**: User is logged in with their Authentik identity
+
+---
+
+## Troubleshooting common issues
+
+### Redirect URI mismatch error
+
+**Error message**: `invalid_redirect_uri`
+
+**Cause**: The redirect URI in your request doesn't match what's configured in Authentik provider.
+
+**Solution**:
+
+1. Check the exact URL in the error message
+2. Add this exact URL to your Authentik provider's redirect URIs
+3. Ensure you include the correct protocol (http/https) and port
+4. Remove any trailing slashes unless they're in the callback URL
+
+### Access denied error
+
+**Error message**: `access_denied`
+
+**Cause**: User denied permissions or the provider isn't properly configured.
+
+**Solution**:
+
+1. Verify that your Authentik provider requests the correct scopes
+2. Check that users are granting permissions during the authorization flow
+3. Ensure your provider is not restricted or disabled
+4. Verify the provider has proper permissions set up
+
+### Invalid client error
+
+**Error message**: `invalid_client`
+
+**Cause**: Incorrect Client ID, Client Secret, or Instance URL.
+
+**Solution**:
+
+1. Double-check that you've copied the credentials correctly from Authentik
+2. Ensure there are no extra spaces or characters in the credentials
+3. Verify you're using the correct instance URL format
+4. Generate a new Client Secret if necessary
+
+### Instance URL configuration issues
+
+**Error message**: Instance not found or invalid
+
+**Cause**: Incorrect Authentik instance URL or instance configuration.
+
+**Solution**:
+
+1. Verify your Authentik instance URL is correct
+2. Check that your Authentik instance is active and accessible
+3. Ensure you're using the correct protocol (https://)
+4. Verify DNS resolution for your Authentik instance
+
+### Self-hosted connectivity issues
+
+**Cause**: Network connectivity problems with self-hosted Authentik instance.
+
+**Solution**:
+
+1. Check server firewall and network connectivity
+2. Verify DNS resolution from your server to the Authentik instance
+3. Ensure the Authentik instance is properly configured and running
+4. Check SSL certificate validity for the Authentik instance
+
+---
+
+## Security best practices
+
+### Credential management
+
+- **Never expose secrets**: Keep your Client Secret secure and never commit it to version control
+- **Rotate credentials regularly**: Generate new Client Secrets periodically for enhanced security
+- **Use environment variables**: Store sensitive configuration in environment variables, not config files
+- **Monitor access logs**: Regularly review authentication logs for suspicious activity
+
+### Scope and permission management
+
+- **Minimal scopes**: Only request `openid`, `profile`, and `email` scopes as required by Palmr
+- **User consent**: Ensure users understand what permissions they're granting
+- **Regular audits**: Review which users have connected their Authentik accounts
+- **Access reviews**: Periodically check user access and remove inactive accounts
+
+### Production considerations
+
+- **Use HTTPS**: Always use HTTPS in production environments
+- **Configure proper domains**: Use production domains in Authentik provider settings
+- **Test thoroughly**: Verify the complete authentication flow before going live
+- **Plan for failures**: Have fallback authentication methods available
+
+---
+
+## Next steps
+
+With Authentik authentication configured, you might want to:
+
+- **Configure additional providers**: Set up other OIDC providers for more authentication options
+- **Customize user management**: Fine-tune auto-registration and admin assignment rules
+- **Review security settings**: Ensure your authentication setup meets your security requirements
+- **Monitor usage**: Keep track of authentication patterns and user activity
+
+For more information about OIDC authentication in Palmr, see the [OIDC Authentication overview](/docs/3.1-beta/oidc-authentication).
+
+## Useful resources
+
+- [Authentik Documentation](https://goauthentik.io/docs)
+- [Authentik OAuth2/OpenID Provider](https://goauthentik.io/docs/providers/oauth2)
+- [Authentik Installation Guide](https://goauthentik.io/docs/installation)
+- [Authentik Admin Interface](https://goauthentik.io/docs/administration)
--- a/apps/docs/content/docs/3.1-beta/oidc-authentication/discord.mdx
+++ b/apps/docs/content/docs/3.1-beta/oidc-authentication/discord.mdx
@@ -0,0 +1,342 @@
+---
+title: Discord
+icon: MessageSquare
+---
+
+import { ZoomableImage } from "@/components/ui/zoomable-image";
+
+Discord is one of Palmr's officially supported OIDC providers, offering secure authentication through Discord OAuth 2.0. This integration allows users to sign in to Palmr using their existing Discord accounts, making it perfect for gaming communities, developer teams, and organizations already using Discord.
+
+<ZoomableImage src="/assets/v3/oidc/discord/sign-in-with-discord.png" alt="Sign in with Discord" />
+
+## Why use Discord authentication?
+
+Discord authentication provides several advantages for community-focused organizations and teams:
+
+- **Community integration** - Perfect for gaming communities and Discord-centric organizations
+- **Familiar experience** - Users already trust and use Discord daily
+- **Rich user profiles** - Access to Discord usernames, avatars, and global names
+- **Developer-friendly** - Great for technical teams and open-source projects
+- **No additional accounts** - Users can access Palmr without creating new credentials
+
+---
+
+## Prerequisites
+
+Before configuring Discord authentication, ensure you have:
+
+- **Discord Developer Portal access** - Ability to create applications on Discord
+- **Admin privileges in Palmr** - Required to configure OIDC settings
+- **Server ownership or permissions** - If integrating with a Discord server
+
+> **Note:** Discord is pre-configured as an official provider in Palmr, which means the technical configuration is handled automatically. You only need to provide your OAuth credentials.
+
+---
+
+## Setting up Discord Developer Portal
+
+### Creating a Discord application
+
+To get started with Discord authentication, you'll need to create an application in Discord Developer Portal.
+
+1. **Navigate to Discord Developer Portal**: Go to [discord.com/developers/applications](https://discord.com/developers/applications)
+
+<ZoomableImage src="/assets/v3/oidc/discord/developer-portal-home.png" alt="Discord Developer Portal Home" />
+
+2. **Create new application**: Click **"New Application"** button
+3. **Enter application details**:
+   - **Name**: Enter a descriptive name like "Palmr File Sharing"
+   - **Accept Terms of Service and Developer Policy**: Check the box
+
+<ZoomableImage src="/assets/v3/oidc/discord/create-application-modal.png" alt="Discord Create Application Modal" />
+
+4. **Create application**: Click **"Create"** to generate your application
+
+### Configuring application settings
+
+After creating your application, you'll need to configure basic settings and branding.
+
+1. **Update application information**:
+   - **Description**: Add a clear description of your Palmr instance
+   - **Icon**: Upload your organization's logo or Palmr-related icon
+   - **Cover Image**: Optional banner image for better branding
+
+<ZoomableImage
+  src="/assets/v3/oidc/discord/application-settings.png"
+  alt="Discord Application Settings"
+  legend="This is a fake application, you have to use your own."
+/>
+
+2. **Configure application details**:
+   - **Tags**: Add relevant tags (optional)
+   - **Privacy Policy URL**: Add your privacy policy URL if required
+   - **Terms of Service URL**: Add your terms of service URL if required
+
+### Setting up OAuth2 configuration
+
+Now you'll configure the OAuth2 settings that Palmr will use to authenticate users.
+
+1. **Navigate to OAuth2**: In the left sidebar, click **"OAuth2"**
+
+<ZoomableImage src="/assets/v3/oidc/discord/oauth2-general.png" alt="Discord OAuth2 General Settings" />
+
+2. **Configure OAuth2 settings**:
+   - **Client Secret**: Click **"Reset Secret"** to generate a new client secret
+   - **Copy credentials**: Save both **Client ID** and **Client Secret** for later use
+
+3. **Add redirect URIs**: In the **"Redirects"** section, add your Palmr callback URLs:
+
+You'll need to configure several URLs in your Discord application settings. Here's what to add for each environment:
+
+### Redirect URIs
+
+| Environment | URL                                                               |
+| ----------- | ----------------------------------------------------------------- |
+| Production  | `https://yourdomain.com/api/auth/providers/discord/callback`      |
+| Development | `http://localhost:3000/api/auth/providers/discord/callback`       |
+| Custom Port | `https://yourdomain.com:5487/api/auth/providers/discord/callback` |
+
+> **Note:** Replace `yourdomain.com` with your actual domain name in all production and custom port URLs.
+> **Note:** You can add multiple redirect URIs for different environments (development, staging, production).
+
+4. **Select required scopes**:
+   - **`identify`** - Access to user's basic account information (required)
+   - **`email`** - Access to user's email address (required for Palmr)
+
+5. **Save changes**: Click **"Save Changes"** to apply your configuration
+
+<ZoomableImage
+  src="/assets/v3/oidc/discord/required-scopes.png"
+  alt="Discord Required Scopes"
+  legend="This is a fake application, you have to use your own."
+/>
+
+---
+
+## Configuring Palmr
+
+### Accessing OIDC settings
+
+To configure Discord authentication in Palmr, you need administrator access to the settings panel.
+
+1. **Login as administrator**: Sign in to Palmr with an admin account
+
+2. **Access settings**: Click your profile picture in the header and select **Settings**
+
+3. **Navigate to authentication**: Find and click on the **Authentication Providers** configuration section
+
+<ZoomableImage src="/assets/v3/oidc/auth-providers.png" alt="Palmr Authentication Providers" />
+
+### Enabling Discord provider
+
+Discord comes pre-configured as an official provider, so the setup process is streamlined.
+
+1. **Locate Discord provider**: Find Discord in the list of available providers
+
+2. **Enable the provider**: Toggle the status to **Enabled**
+
+<ZoomableImage src="/assets/v3/oidc/discord/palmr-enabled-discord.png" alt="Palmr Discord Provider Enabled" />
+
+After enabling the provider, click on the pen icon to configure the provider.
+
+3. **Configure credentials**:
+   - **Client ID**: Paste the Client ID from Discord Developer Portal
+   - **Client Secret**: Paste the Client Secret from Discord Developer Portal
+   - **Scopes**: Add the scopes you want to use. The default scopes are `identify` and `email`.
+
+<ZoomableImage
+  src="/assets/v3/oidc/discord/edit-discord.png"
+  alt="Edit Discord Provider"
+  legend="This is a fake application, you have to use your own."
+/>
+
+### Advanced configuration options
+
+Configure additional settings to customize the authentication behavior:
+
+**Auto Registration**: Enable this to automatically create user accounts when someone authenticates for the first time.
+
+**Admin Email Domains**: Specify domains that should automatically receive admin privileges. This is less common with Discord since users often use personal emails.
+
+**Sort Order**: Control where the Discord login button appears relative to other authentication providers.
+
+**Icon**: you can choose the icon you want to use for the Discord login button (default is `FaDiscord`).
+
+<ZoomableImage src="/assets/v3/oidc/discord/discord-icon.png" alt="Discord Icon" />
+
+> **Community tip:** Discord authentication works great for gaming communities and development teams. Consider enabling auto-registration for trusted Discord communities.
+
+---
+
+## Account linking
+
+By default, if a user is already registered in Palmr with their Discord email, they will be automatically linked to their Palmr account.
+
+> **Note:** You can't disable account linking. If you want to unlink a user from their Discord account, you need to delete the user from Palmr.
+
+---
+
+## Technical configuration
+
+Discord's technical configuration is handled automatically, but understanding the setup can help with troubleshooting:
+
+```yaml
+Provider Type: OAuth 2.0 (No OIDC Discovery)
+Issuer URL: https://discord.com
+Authorization Endpoint: /oauth2/authorize
+Token Endpoint: /api/oauth2/token
+UserInfo Endpoint: /api/users/@me
+Scopes: identify email
+```
+
+### Field mappings
+
+Palmr automatically maps Discord user information to local user accounts:
+
+- **User ID**: Maps from Discord's `id` field
+- **Email**: Maps from Discord's `email` field
+- **Display Name**: Maps from Discord's `global_name` or falls back to `username`
+- **Username**: Maps from Discord's `username` field
+- **Avatar**: Maps from Discord's `avatar` field (processed as Discord CDN URL)
+
+### Discord-specific features
+
+- **Global Names**: Supports Discord's new global name system while maintaining compatibility with legacy usernames
+- **Avatar Processing**: Automatically constructs Discord CDN URLs for user avatars
+- **No Discovery**: Uses manually configured endpoints for better reliability
+
+---
+
+## Testing the configuration
+
+### Verifying the setup
+
+After configuring Discord authentication, test the integration to ensure everything works correctly.
+
+1. **Check login page**: Navigate to your Palmr login page and verify the "Sign in with Discord" button appears
+
+2. **Test authentication flow**: Click the Discord sign-in button and complete the authentication process
+
+3. **Verify user creation**: Confirm that a new user account is created (if auto-registration is enabled)
+
+### Login flow verification
+
+The complete authentication process should work as follows:
+
+1. **User clicks "Sign in with Discord"**: The browser redirects to Discord's authorization page
+2. **User authorizes application**: User grants permissions for `identify` and `email` scopes
+3. **Discord redirects back to Palmr**: User returns to Palmr with authentication tokens
+4. **Palmr creates or updates user**: User account is automatically managed with Discord information
+5. **User accesses Palmr**: User is logged in with their Discord identity
+
+---
+
+## Troubleshooting common issues
+
+### Invalid redirect URI error
+
+**Error message**: `invalid_redirect_uri`
+
+**Cause**: The redirect URI in your request doesn't match what's configured in Discord Developer Portal.
+
+**Solution**:
+
+1. Check the exact URL in the error message
+2. Add this exact URL to your Discord application's redirect URIs
+3. Ensure you include the correct protocol (http/https) and port
+4. Remove any trailing slashes unless they're in the callback URL
+
+### Access denied error
+
+**Error message**: `access_denied`
+
+**Cause**: User denied permissions or the application doesn't have required scopes.
+
+**Solution**:
+
+1. Verify that your Discord application requests `identify` and `email` scopes
+2. Check that users are granting permissions during the authorization flow
+3. Ensure your application is not restricted or disabled in Discord Developer Portal
+4. Verify the application has proper permissions set up
+
+### Invalid client error
+
+**Error message**: `invalid_client`
+
+**Cause**: Incorrect Client ID or Client Secret.
+
+**Solution**:
+
+1. Double-check that you've copied the credentials correctly from Discord Developer Portal
+2. Ensure there are no extra spaces or characters in the credentials
+3. Generate a new Client Secret if necessary
+4. Verify you're using the correct application in Discord Developer Portal
+
+### Missing email scope error
+
+**Error message**: Email not provided or scope missing
+
+**Cause**: Discord application not configured with email scope or user's email is not verified.
+
+**Solution**:
+
+1. Verify that your Discord application requests the `email` scope
+2. Check that users have verified their email addresses on Discord
+3. Ensure the scope configuration matches what Palmr expects
+4. Test with a Discord account that has a verified email
+
+### User information not displaying correctly
+
+**Cause**: Discord username/global name mapping issues.
+
+**Solution**:
+
+1. Check that the user has set a global name in Discord (new feature)
+2. Verify field mappings are working correctly in Palmr logs
+3. Test with different Discord accounts (some may have legacy usernames)
+4. Update user information manually through Palmr admin interface if needed
+
+---
+
+## Security best practices
+
+### Credential management
+
+- **Never expose secrets**: Keep your Client Secret secure and never commit it to version control
+- **Rotate credentials regularly**: Generate new Client Secrets periodically for enhanced security
+- **Use environment variables**: Store sensitive configuration in environment variables, not config files
+- **Monitor access logs**: Regularly review authentication logs for suspicious activity
+
+### Scope and permission management
+
+- **Minimal scopes**: Only request `identify` and `email` scopes as required by Palmr
+- **User consent**: Ensure users understand what permissions they're granting
+- **Regular audits**: Review which users have connected their Discord accounts
+- **Access reviews**: Periodically check user access and remove inactive accounts
+
+### Production considerations
+
+- **Use HTTPS**: Always use HTTPS in production environments
+- **Configure proper domains**: Use production domains in Discord redirect URIs
+- **Test thoroughly**: Verify the complete authentication flow before going live
+- **Plan for failures**: Have fallback authentication methods available
+
+---
+
+## Next steps
+
+With Discord authentication configured, you might want to:
+
+- **Configure additional providers**: Set up other OIDC providers for more authentication options
+- **Customize user management**: Fine-tune auto-registration and admin assignment rules
+- **Review security settings**: Ensure your authentication setup meets your security requirements
+- **Monitor usage**: Keep track of authentication patterns and user activity
+
+For more information about OIDC authentication in Palmr, see the [OIDC Authentication overview](/docs/3.1-beta/oidc-authentication).
+
+## Useful resources
+
+- [Discord Developer Documentation](https://discord.com/developers/docs)
+- [Discord OAuth2 Guide](https://discord.com/developers/docs/topics/oauth2)
+- [Discord Applications](https://discord.com/developers/applications)
+- [Discord API Reference](https://discord.com/developers/docs/reference)
--- a/apps/docs/content/docs/3.1-beta/oidc-authentication/frontegg.mdx
+++ b/apps/docs/content/docs/3.1-beta/oidc-authentication/frontegg.mdx
@@ -0,0 +1,324 @@
+---
+title: Frontegg
+icon: Egg
+---
+
+import { ZoomableImage } from "@/components/ui/zoomable-image";
+
+Frontegg is one of Palmr's officially supported OIDC providers, offering enterprise-grade authentication through Frontegg's identity platform. This integration allows users to sign in to Palmr using Frontegg's comprehensive authentication system, making it perfect for enterprise organizations, applications requiring advanced security features, and teams that need centralized identity management with modern developer experience.
+
+<ZoomableImage src="/assets/v3/oidc/frontegg/sign-in-with-frontegg.png" alt="Sign in with Frontegg" />
+
+## Why use Frontegg authentication?
+
+Frontegg authentication provides several advantages for enterprise and developer-focused organizations:
+
+- **Modern developer experience** - Clean APIs, comprehensive SDKs, and developer-friendly tools
+- **Enterprise-grade security** - Advanced security features like MFA, adaptive authentication, and threat detection
+- **Centralized identity management** - Single platform to manage users across multiple applications
+- **Compliance ready** - Built-in compliance with GDPR, SOC 2, and other enterprise standards
+- **Advanced customization** - Themes, flows, and custom branding capabilities
+
+---
+
+## Prerequisites
+
+Before configuring Frontegg authentication, ensure you have:
+
+- **Frontegg account** - Ability to create applications and manage tenants
+- **Admin privileges in Palmr** - Required to configure OIDC settings
+- **Domain configuration** - For production deployments with custom domains
+
+> **Note:** Frontegg is pre-configured as an official provider in Palmr, which means the technical configuration is handled automatically. You only need to provide your OAuth credentials.
+
+---
+
+## Setting up Frontegg Application
+
+### Creating a Frontegg application
+
+To get started with Frontegg authentication, you'll need to create an application in your Frontegg Admin Portal.
+
+1. **Navigate to Frontegg Admin Portal**: Go to [https://portal.frontegg.com/development/applications](https://portal.frontegg.com/development/applications) for example. (Development environment) for production environment you need to go to [https://portal.frontegg.com/production/applications](https://portal.frontegg.com/production/applications) - This can change depending on your environment.
+
+<ZoomableImage src="/assets/v3/oidc/frontegg/frontegg-admin.png" alt="Frontegg Admin Portal" />
+
+2. **Create new application**: Click **"Create new"**
+
+3. **Fill application details**:
+   - **Name**: Enter a descriptive name like "Palmr File Sharing"
+   - **Description**: Add a clear description of your Palmr instance
+   - **Type**: Choose **"Web"** for web-based Palmr instances
+   - **Frontend stack**: Choose **"React"** for web-based Palmr instances
+   - **App URL**: Add the URL of your Palmr instance, see table below for the example of the URL.
+
+   | Environment | URL                                                                |
+   | ----------- | ------------------------------------------------------------------ |
+   | Production  | `https://yourdomain.com/api/auth/providers/frontegg/callback`      |
+   | Development | `http://localhost:3000/api/auth/providers/frontegg/callback`       |
+   | Custom Port | `https://yourdomain.com:5487/api/auth/providers/frontegg/callback` |
+
+   > **Note:** Replace `yourdomain.com` with your actual domain name in all production and custom port URLs.
+
+<ZoomableImage
+  src="/assets/v3/oidc/frontegg/application-details.png"
+  alt="Frontegg Application Details"
+  legend="This is a fake application, you have to use your own."
+/>
+
+5. **Create application**: Click **"Create"** to generate your Frontegg application
+
+### Configuring application settings
+
+After creating your application, you'll need to get the settings that Palmr will use. You gonna be redirected to the application page, where you can see the application details.
+
+<ZoomableImage
+  src="/assets/v3/oidc/frontegg/application-page.png"
+  alt="Frontegg Application Page"
+  legend="This is a fake application, you have to use your own."
+/>
+
+### Getting OAuth credentials
+
+Now you'll get the credentials that Palmr will use to authenticate with Frontegg.
+
+1. **Copy Domain**: Note your Frontegg domain (e.g., `your-tenant.frontegg.com`) - You can find it in the application page at field **"Login URL"**. But copy just the domain, without the path.
+
+2. **Copy Client ID**: You can find it in the application page at field **"ID"** in the application page.
+
+3. **Copy Client Secret**: You can find it in the application page at field **"API key"** in the application page.
+
+In Frontegg we finished the configuration, but we need to configure Palmr to use it.
+
+---
+
+## Configuring Palmr
+
+### Accessing OIDC settings
+
+To configure Frontegg authentication in Palmr, you need administrator access to the settings panel.
+
+1. **Login as administrator**: Sign in to Palmr with an admin account
+
+2. **Access settings**: Click your profile picture in the header and select **Settings**
+
+3. **Navigate to authentication**: Find and click on the **Authentication Providers** configuration section
+
+<ZoomableImage src="/assets/v3/oidc/auth-providers.png" alt="Palmr Authentication Providers" />
+
+### Enabling Frontegg provider
+
+Frontegg comes pre-configured as an official provider, so the setup process is streamlined.
+
+1. **Locate Frontegg provider**: Find Frontegg in the list of available providers
+
+2. **Enable the provider**: Toggle the status to **Enabled**
+
+<ZoomableImage src="/assets/v3/oidc/frontegg/enabled-frontegg.png" alt="Palmr Frontegg Provider Enabled" />
+
+After enabling the provider, click on the pen icon to configure the provider.
+
+3. **Configure credentials**:
+   - **Provider URL**: Paste your Frontegg domain (e.g., `https://your-tenant.frontegg.com`) - It's the same **"Login URL"** you copied in the previous step.
+   - **Client ID**: Paste the Client ID from Frontegg application - It's the same **"ID"** you copied in the previous step.
+   - **Client Secret**: Paste the Client Secret from Frontegg application - It's the same **"API key"** you copied in the previous step.
+   - **Scopes**: Add the scopes you want to use. The default scopes are `openid`, `profile`, and `email`. You don't need to change this, but you can if you want.
+
+<ZoomableImage
+  src="/assets/v3/oidc/frontegg/edit-frontegg.png"
+  alt="Edit Frontegg Provider"
+  legend="This is a fake application, you have to use your own."
+/>
+
+### Advanced configuration options
+
+Configure additional settings to customize the authentication behavior:
+
+**Auto Registration**: Enable this to automatically create user accounts when someone authenticates for the first time.
+
+**Sort Order**: Control where the Frontegg login button appears relative to other authentication providers.
+
+**Icon**: you can choose the icon you want to use for the Frontegg login button (default is `TbEggs`).
+
+<ZoomableImage src="/assets/v3/oidc/frontegg/frontegg-icon.png" alt="Frontegg Icon" />
+
+> **Developer tip:** Frontegg authentication works great for organizations requiring modern developer experience and enterprise-grade security features.
+
+---
+
+## Account linking
+
+By default, if a user is already registered in Palmr with their Frontegg email, they will be automatically linked to their Palmr account.
+
+> **Note:** You can't disable account linking. If you want to unlink a user from their Frontegg account, you need to delete the user from Palmr.
+
+---
+
+## Technical configuration
+
+Frontegg's technical configuration is handled automatically, but understanding the setup can help with troubleshooting:
+
+```yaml
+Provider Type: OAuth 2.0 with OIDC Discovery
+Issuer URL: https://your-tenant.frontegg.com
+Authorization Endpoint: /oauth/authorize
+Token Endpoint: /oauth/token
+UserInfo Endpoint: /oauth/userinfo
+Scopes: openid profile email
+```
+
+### Field mappings
+
+Palmr automatically maps Frontegg user information to local user accounts:
+
+- **User ID**: Maps from Frontegg's `sub` field
+- **Email**: Maps from Frontegg's `email` field
+- **Full Name**: Maps from Frontegg's `name` field
+- **First Name**: Maps from Frontegg's `given_name` field
+- **Last Name**: Maps from Frontegg's `family_name` field
+- **Avatar**: Maps from Frontegg's `picture` field
+- **Username**: Maps from Frontegg's `preferred_username` field
+
+### Frontegg-specific features
+
+- **Custom Claims**: Can include custom user metadata and app metadata
+- **Themes Support**: Can customize authentication UI with custom themes
+- **Multi-factor Authentication**: Supports Frontegg's MFA features
+- **Enterprise SSO**: Integrates with SAML, LDAP, and other enterprise systems
+- **Modern APIs**: Clean REST APIs and comprehensive SDKs
+
+---
+
+## Testing the configuration
+
+### Verifying the setup
+
+After configuring Frontegg authentication, test the integration to ensure everything works correctly.
+
+1. **Check login page**: Navigate to your Palmr login page and verify the "Sign in with Frontegg" button appears
+
+2. **Test authentication flow**: Click the Frontegg sign-in button and complete the authentication process
+
+3. **Verify user creation**: Confirm that a new user account is created (if auto-registration is enabled)
+
+### Login flow verification
+
+The complete authentication process should work as follows:
+
+1. **User clicks "Sign in with Frontegg"**: The browser redirects to Frontegg's authorization page
+2. **User authenticates**: User completes authentication through Frontegg (login, MFA, etc.)
+3. **Frontegg redirects back to Palmr**: User returns to Palmr with authentication tokens
+4. **Palmr creates or updates user**: User account is automatically managed with Frontegg information
+5. **User accesses Palmr**: User is logged in with their Frontegg identity
+
+---
+
+## Troubleshooting common issues
+
+### Redirect URI mismatch error
+
+**Error message**: `invalid_redirect_uri`
+
+**Cause**: The redirect URI in your request doesn't match what's configured in Frontegg application.
+
+**Solution**:
+
+1. Check the exact URL in the error message
+2. Add this exact URL to your Frontegg application's redirect URIs
+3. Ensure you include the correct protocol (http/https) and port
+4. Remove any trailing slashes unless they're in the callback URL
+
+### Access denied error
+
+**Error message**: `access_denied`
+
+**Cause**: User denied permissions or the application isn't properly configured.
+
+**Solution**:
+
+1. Verify that your Frontegg application requests the correct scopes
+2. Check that users are granting permissions during the authorization flow
+3. Ensure your application is not restricted or disabled
+4. Verify the application has proper permissions set up
+
+### Invalid client error
+
+**Error message**: `invalid_client`
+
+**Cause**: Incorrect Client ID, Client Secret, or Domain.
+
+**Solution**:
+
+1. Double-check that you've copied the credentials correctly from Frontegg
+2. Ensure there are no extra spaces or characters in the credentials
+3. Verify you're using the correct domain format (e.g., `your-tenant.frontegg.com`)
+4. Generate a new Client Secret if necessary
+
+### Domain configuration issues
+
+**Error message**: Domain not found or invalid
+
+**Cause**: Incorrect Frontegg domain or tenant configuration.
+
+**Solution**:
+
+1. Verify your Frontegg domain is correct (e.g., `your-tenant.frontegg.com`)
+2. Check that your Frontegg tenant is active and not suspended
+3. Ensure you're using the correct region for your tenant
+4. Verify DNS resolution for your Frontegg domain
+
+### Custom claims not available
+
+**Cause**: Custom claims not properly configured in Frontegg.
+
+**Solution**:
+
+1. Check Frontegg custom claims configuration
+2. Verify that custom claims are included in the ID token
+3. Ensure the claims are properly formatted and accessible
+4. Test with a user that has the expected custom claims
+
+---
+
+## Security best practices
+
+### Credential management
+
+- **Never expose secrets**: Keep your Client Secret secure and never commit it to version control
+- **Rotate credentials regularly**: Generate new Client Secrets periodically for enhanced security
+- **Use environment variables**: Store sensitive configuration in environment variables, not config files
+- **Monitor access logs**: Regularly review authentication logs for suspicious activity
+
+### Scope and permission management
+
+- **Minimal scopes**: Only request `openid`, `profile`, and `email` scopes as required by Palmr
+- **User consent**: Ensure users understand what permissions they're granting
+- **Regular audits**: Review which users have connected their Frontegg accounts
+- **Access reviews**: Periodically check user access and remove inactive accounts
+
+### Production considerations
+
+- **Use HTTPS**: Always use HTTPS in production environments
+- **Configure proper domains**: Use production domains in Frontegg application settings
+- **Test thoroughly**: Verify the complete authentication flow before going live
+- **Plan for failures**: Have fallback authentication methods available
+
+---
+
+## Next steps
+
+With Frontegg authentication configured, you might want to:
+
+- **Configure additional providers**: Set up other OIDC providers for more authentication options
+- **Customize user management**: Fine-tune auto-registration and admin assignment rules
+- **Review security settings**: Ensure your authentication setup meets your security requirements
+- **Monitor usage**: Keep track of authentication patterns and user activity
+
+For more information about OIDC authentication in Palmr, see the [OIDC Authentication overview](/docs/3.1-beta/oidc-authentication).
+
+## Useful resources
+
+- [Frontegg Documentation](https://docs.frontegg.com)
+- [Frontegg OAuth 2.0 Guide](https://docs.frontegg.com/oauth2)
+- [Frontegg OpenID Connect](https://docs.frontegg.com/openid-connect)
+- [Frontegg Admin Portal](https://admin.frontegg.com)
--- a/apps/docs/content/docs/3.1-beta/oidc-authentication/github.mdx
+++ b/apps/docs/content/docs/3.1-beta/oidc-authentication/github.mdx
@@ -0,0 +1,305 @@
+---
+title: GitHub
+icon: Github
+---
+
+import { ZoomableImage } from "@/components/ui/zoomable-image";
+
+GitHub is one of Palmr's officially supported OIDC providers, offering secure authentication through GitHub OAuth 2.0. This integration allows users to sign in to Palmr using their existing GitHub accounts, making it perfect for developer teams, open-source projects, and organizations already using GitHub for version control and collaboration.
+
+<ZoomableImage src="/assets/v3/oidc/github/sign-in-with-github.png" alt="Sign in with GitHub" />
+
+## Why use GitHub authentication?
+
+GitHub authentication provides several advantages for developer-focused organizations and teams:
+
+- **Developer-friendly** - Perfect for teams already using GitHub for development
+- **Open-source integration** - Ideal for open-source projects and communities
+- **Rich developer profiles** - Access to GitHub usernames, avatars, and organization memberships
+- **Repository access** - Can leverage GitHub's permission system for additional features
+- **No additional accounts** - Developers can access Palmr with their existing GitHub credentials
+
+---
+
+## Prerequisites
+
+Before configuring GitHub authentication, ensure you have:
+
+- **GitHub account** - Ability to create OAuth Apps on GitHub
+- **Admin privileges in Palmr** - Required to configure OIDC settings
+
+> **Note:** GitHub is pre-configured as an official provider in Palmr, which means the technical configuration is handled automatically. You only need to provide your OAuth credentials.
+
+---
+
+## Setting up GitHub OAuth App
+
+### Creating a GitHub OAuth App
+
+To get started with GitHub authentication, you'll need to create an OAuth App in your GitHub Developer Settings.
+
+1. **Navigate to GitHub Developer Settings**: Go to [github.com/settings/developers](https://github.com/settings/developers)
+
+2. **Create new OAuth App**: Click **"New OAuth App"** button
+
+<ZoomableImage src="/assets/v3/oidc/github/developer-settings.png" alt="GitHub Developer Settings" />
+
+3. **Enter application details**:
+   - **Application name**: Enter a descriptive name like "Palmr File Sharing"
+   - **Homepage URL**: Enter your Palmr instance URL (e.g., `https://yourdomain.com`)
+   - **Application description**: Add a clear description of your Palmr instance
+   - **Authorization callback URL**: Enter your callback URL (see below)
+
+<ZoomableImage
+  src="/assets/v3/oidc/github/oauth-app-details.png"
+  alt="GitHub OAuth App Details"
+  legend="This is a fake application, you have to use your own."
+/>
+
+**Set up callback URLs**: In the **"Authorization callback URL"** field, add your Palmr callback URL:
+
+You'll need to configure several URLs in your GitHub OAuth App settings. Here's what to add for each environment:
+
+### Authorization Callback URLs
+
+| Environment | URL                                                              |
+| ----------- | ---------------------------------------------------------------- |
+| Production  | `https://yourdomain.com/api/auth/providers/github/callback`      |
+| Development | `http://localhost:3000/api/auth/providers/github/callback`       |
+| Custom Port | `https://yourdomain.com:5487/api/auth/providers/github/callback` |
+
+> **Note:** Replace `yourdomain.com` with your actual domain name in all production and custom port URLs.
+> **Note:** You can add multiple callback URLs for different environments (development, staging, production).
+
+4. **Create application**: Click **"Register application"** to generate your OAuth App
+
+### Getting OAuth credentials
+
+Now you'll get the credentials that Palmr will use to authenticate with GitHub.
+
+1. **Copy Client ID**: The Client ID is displayed on your OAuth App page
+
+2. **Generate Client Secret**: Click **"Generate a new client secret"** to create a new secret
+
+<ZoomableImage
+  src="/assets/v3/oidc/github/oauth-credentials.png"
+  alt="GitHub OAuth Credentials"
+  legend="The client ID and client secret shown in the image are examples only (fake credentials). You must use your own credentials from GitHub."
+/>
+
+3. **Save credentials**: Copy both the **Client ID** and **Client Secret** for later use
+
+> **Important:** Replace `yourdomain.com` with your actual domain. You can add multiple callback URLs for different environments (development, staging, production) by creating separate OAuth Apps.
+
+---
+
+## Configuring Palmr
+
+### Accessing OIDC settings
+
+To configure GitHub authentication in Palmr, you need administrator access to the settings panel.
+
+1. **Login as administrator**: Sign in to Palmr with an admin account
+
+2. **Access settings**: Click your profile picture in the header and select **Settings**
+
+3. **Navigate to authentication**: Find and click on the **Authentication Providers** configuration section
+
+<ZoomableImage src="/assets/v3/oidc/auth-providers.png" alt="Palmr Authentication Providers" />
+
+### Enabling GitHub provider
+
+GitHub comes pre-configured as an official provider, so the setup process is streamlined.
+
+1. **Locate GitHub provider**: Find GitHub in the list of available providers
+
+2. **Enable the provider**: Toggle the status to **Enabled**
+
+<ZoomableImage src="/assets/v3/oidc/github/enabled-github.png" alt="Palmr GitHub Provider Enabled" />
+
+After enabling the provider, click on the pen icon to configure the provider.
+
+3. **Configure credentials**:
+   - **Client ID**: Paste the Client ID from GitHub OAuth App
+   - **Client Secret**: Paste the Client Secret from GitHub OAuth App
+   - **Scopes**: Add the scopes you want to use. The default scopes are `user:email`.
+
+<ZoomableImage
+  src="/assets/v3/oidc/github/edit-github.png"
+  alt="Edit GitHub Provider"
+  legend="This is a fake application, you have to use your own."
+/>
+
+### Advanced configuration options
+
+Configure additional settings to customize the authentication behavior:
+
+**Auto Registration**: Enable this to automatically create user accounts when someone authenticates for the first time.
+
+**Admin Email Domains**: Specify domains that should automatically receive admin privileges. For example, entering `yourcompany.com` will grant admin access to anyone with an email from that domain.
+
+**Sort Order**: Control where the GitHub login button appears relative to other authentication providers.
+
+**Icon**: you can choose the icon you want to use for the GitHub login button (default is `SiGithub`).
+
+<ZoomableImage src="/assets/v3/oidc/github/github-icon.png" alt="GitHub Icon" />
+
+> **Developer tip:** GitHub authentication works great for development teams and open-source projects.
+
+---
+
+## Account linking
+
+By default, if a user is already registered in Palmr with their GitHub email, they will be automatically linked to their Palmr account.
+
+> **Note:** You can't disable account linking. If you want to unlink a user from their GitHub account, you need to delete the user from Palmr.
+
+---
+
+## Technical configuration
+
+GitHub's technical configuration is handled automatically, but understanding the setup can help with troubleshooting:
+
+```yaml
+Provider Type: OAuth 2.0 with OIDC Discovery
+Issuer URL: https://github.com
+Authorization Endpoint: /login/oauth/authorize
+Token Endpoint: /login/oauth/access_token
+UserInfo Endpoint: https://api.github.com/user
+Scopes: user:email
+```
+
+### Field mappings
+
+Palmr automatically maps GitHub user information to local user accounts:
+
+- **User ID**: Maps from GitHub's `id` field
+- **Email**: Maps from GitHub's `email` field (from user:email scope)
+- **Full Name**: Maps from GitHub's `name` field
+- **Username**: Maps from GitHub's `login` field
+- **Avatar**: Maps from GitHub's `avatar_url` field
+
+---
+
+## Testing the configuration
+
+### Verifying the setup
+
+After configuring GitHub authentication, test the integration to ensure everything works correctly.
+
+1. **Check login page**: Navigate to your Palmr login page and verify the "Sign in with GitHub" button appears
+
+2. **Test authentication flow**: Click the GitHub sign-in button and complete the authentication process
+
+3. **Verify user creation**: Confirm that a new user account is created (if auto-registration is enabled)
+
+### Login flow verification
+
+The complete authentication process should work as follows:
+
+1. **User clicks "Sign in with GitHub"**: The browser redirects to GitHub's authorization page
+2. **User authorizes application**: User grants permissions for the requested scopes
+3. **GitHub redirects back to Palmr**: User returns to Palmr with authentication tokens
+4. **Palmr creates or updates user**: User account is automatically managed with GitHub information
+5. **User accesses Palmr**: User is logged in with their GitHub identity
+
+---
+
+## Troubleshooting common issues
+
+### Redirect URI mismatch error
+
+**Error message**: `The redirect_uri MUST match the registered callback URL for this application`
+
+**Cause**: The redirect URI in your request doesn't match what's configured in GitHub OAuth App.
+
+**Solution**:
+
+1. Check the exact URL in the error message
+2. Add this exact URL to your GitHub OAuth App's callback URL
+3. Ensure you include the correct protocol (http/https) and port
+4. Remove any trailing slashes unless they're in the callback URL
+
+### Access denied error
+
+**Error message**: `access_denied`
+
+**Cause**: User denied permissions or the OAuth App isn't properly configured.
+
+**Solution**:
+
+1. Verify that your GitHub OAuth App requests the correct scopes
+2. Check that users are granting permissions during the authorization flow
+3. Ensure your OAuth App is not restricted or disabled
+4. Verify the application has proper permissions set up
+
+### Invalid client error
+
+**Error message**: `invalid_client`
+
+**Cause**: Incorrect Client ID or Client Secret.
+
+**Solution**:
+
+1. Double-check that you've copied the credentials correctly from GitHub
+2. Ensure there are no extra spaces or characters in the credentials
+3. Generate a new Client Secret if necessary
+4. Verify you're using the correct OAuth App in GitHub
+
+### Email not available error
+
+**Error message**: Email not provided or scope missing
+
+**Cause**: GitHub OAuth App not configured with `user:email` scope or user's email is private.
+
+**Solution**:
+
+1. Verify that your GitHub OAuth App requests the `user:email` scope
+2. Check that users have public email addresses or have granted email access
+3. Ensure the scope configuration matches what Palmr expects
+4. Test with a GitHub account that has a public email address
+
+---
+
+## Security best practices
+
+### Credential management
+
+- **Never expose secrets**: Keep your Client Secret secure and never commit it to version control
+- **Rotate credentials regularly**: Generate new Client Secrets periodically for enhanced security
+- **Use environment variables**: Store sensitive configuration in environment variables, not config files
+- **Monitor access logs**: Regularly review authentication logs for suspicious activity
+
+### Scope and permission management
+
+- **Minimal scopes**: Only request `user:email` scopes as required by Palmr
+- **User consent**: Ensure users understand what permissions they're granting
+- **Regular audits**: Review which users have connected their GitHub accounts
+- **Access reviews**: Periodically check user access and remove inactive accounts
+
+### Production considerations
+
+- **Use HTTPS**: Always use HTTPS in production environments
+- **Configure proper domains**: Use production domains in GitHub OAuth App
+- **Test thoroughly**: Verify the complete authentication flow before going live
+- **Plan for failures**: Have fallback authentication methods available
+
+---
+
+## Next steps
+
+With GitHub authentication configured, you might want to:
+
+- **Configure additional providers**: Set up other OIDC providers for more authentication options
+- **Customize user management**: Fine-tune auto-registration and admin assignment rules
+- **Review security settings**: Ensure your authentication setup meets your security requirements
+- **Monitor usage**: Keep track of authentication patterns and user activity
+
+For more information about OIDC authentication in Palmr, see the [OIDC Authentication overview](/docs/3.1-beta/oidc-authentication).
+
+## Useful resources
+
+- [GitHub OAuth Apps Documentation](https://docs.github.com/en/apps/oauth-apps)
+- [GitHub OAuth Scopes](https://docs.github.com/en/apps/oauth-apps/building-oauth-apps/scopes-for-oauth-apps)
+- [GitHub Developer Settings](https://github.com/settings/developers)
+- [GitHub API Documentation](https://docs.github.com/en/rest)
--- a/apps/docs/content/docs/3.1-beta/oidc-authentication/google.mdx
+++ b/apps/docs/content/docs/3.1-beta/oidc-authentication/google.mdx
@@ -0,0 +1,335 @@
+---
+title: Google
+icon: Chrome
+---
+
+import { ZoomableImage } from "@/components/ui/zoomable-image";
+
+Google is one of Palmr's officially supported OIDC providers, offering secure and reliable authentication through Google OAuth 2.0. This integration allows users to sign in to Palmr using their existing Google accounts, providing a seamless single sign-on experience.
+
+<ZoomableImage src="/assets/v3/oidc/google/sign-in-with-google.png" alt="Sign in with Google" />
+
+## Why use Google authentication?
+
+Google authentication provides several advantages for both administrators and users:
+
+- **Seamless login experience** - Users can access Palmr with their existing Google accounts
+- **Enhanced security** - Leverage Google's robust security infrastructure and two-factor authentication
+- **Reduced password fatigue** - No need to create and remember additional passwords
+- **Enterprise integration** - Perfect for organizations already using Google Workspace
+- **Automatic user provisioning** - New users are created automatically upon first login
+
+---
+
+## Prerequisites
+
+Before configuring Google authentication, ensure you have:
+
+- **Google Cloud Console access** - Ability to create and manage projects
+- **Admin privileges in Palmr** - Required to configure OIDC settings
+- **Domain ownership** - For production deployments with custom domains
+
+> **Note:** Google is pre-configured as an official provider in Palmr, which means the technical configuration is handled automatically. You only need to provide your OAuth credentials.
+
+---
+
+## Setting up Google Cloud Console
+
+### Creating a Google Cloud project
+
+To get started with Google authentication, you'll need to set up a project in Google Cloud Console.
+
+1. **Navigate to Google Cloud Console**: Go to [console.cloud.google.com](https://console.cloud.google.com/)
+
+<ZoomableImage src="/assets/v3/oidc/google/cloud-console-home.png" alt="Google Cloud Console Home" />
+
+2. **Create or select a project**: Choose an existing project or create a new one for your Palmr installation
+
+<ZoomableImage src="/assets/v3/oidc/google/select-project-modal.png" alt="Google Cloud Console Select Project Modal" />
+
+3. **Enable the project**: Ensure the project is active and selected
+
+### Configuring OAuth consent screen
+
+The OAuth consent screen is what users see when they authenticate with Google.
+
+1. **Access OAuth consent screen**: Navigate to **APIs & Services** > **OAuth consent screen**
+
+<ZoomableImage
+  src="/assets/v3/oidc/google/oauth-consent-dropdown.png"
+  alt="Google Cloud Console OAuth Consent Dropdown"
+/>
+
+2. **Choose user type**:
+   - **Internal** - For Google Workspace organizations (users within your domain only)
+   - **External** - For public use (any Google user can authenticate)
+
+<ZoomableImage src="/assets/v3/oidc/google/user-type-select.png" alt="Google Cloud Console User Type Select" />
+
+3. **Fill required information**:
+   - **Application name**: Enter a descriptive name like "Palmr File Sharing"
+   - **User support email**: Provide a valid support email address
+   - **Developer contact information**: Add your contact email for Google communications
+
+> **Tip:** For business use, choose "Internal" if you have Google Workspace. This restricts access to your organization's users and simplifies the approval process.
+
+### Creating OAuth 2.0 credentials
+
+Now you'll create the actual credentials that Palmr will use to authenticate with Google.
+
+1. **Navigate to Credentials**: Go to **APIs & Services** > **Credentials**
+
+<ZoomableImage src="/assets/v3/oidc/google/credentials-select.png" alt="Google Cloud Console Credentials select" />
+
+2. **Create OAuth client**: Click **+ CREATE CREDENTIALS** > **OAuth client ID**
+
+<ZoomableImage
+  src="/assets/v3/oidc/google/create-oauth-client-id.png"
+  alt="Google Cloud Console Create OAuth Client ID"
+/>
+
+3. **Select application type**: Choose **Web application**
+
+<ZoomableImage src="/assets/v3/oidc/google/web-app-select.png" alt="Google Cloud Console Web App Select" />
+
+4. **Configure authorized URIs and authorized redirect URIs**:
+
+You'll need to configure several URLs in your Google Cloud Console credentials. Here's what to add for each environment:
+
+### Authorized URIs
+
+| Environment | URL                           |
+| ----------- | ----------------------------- |
+| Production  | `https://yourdomain.com`      |
+| Development | `http://localhost:3000`       |
+| Custom Port | `https://yourdomain.com:5487` |
+
+### Authorized Redirect URIs
+
+| Environment | URL                                                              |
+| ----------- | ---------------------------------------------------------------- |
+| Production  | `https://yourdomain.com/api/auth/providers/google/callback`      |
+| Development | `http://localhost:3000/api/auth/providers/google/callback`       |
+| Custom Port | `https://yourdomain.com:5487/api/auth/providers/google/callback` |
+
+> **Note:** Replace `yourdomain.com` with your actual domain name in all production and custom port URLs.
+> **Note:** You can add multiple redirect URIs for different environments (development, staging, production).
+
+<ZoomableImage src="/assets/v3/oidc/google/allowed-urls.png" alt="Google Cloud Console Allowed URLs" />
+
+5. **Create and save credentials**: Click **Create** and copy both the **Client ID** and **Client Secret**
+
+<ZoomableImage
+  src="/assets/v3/oidc/google/oauth-client-created.png"
+  alt="Google Cloud Console Client ID and Client Secret"
+  legend="The client ID and client secret shown in the image are examples only (fake credentials). You must use your own credentials from Google Cloud Console."
+/>
+
+> **Important:** Replace `yourdomain.com` with your actual domain. You can add multiple URIs for different environments (development, staging, production).
+
+---
+
+## Configuring Palmr
+
+### Accessing OIDC settings
+
+To configure Google authentication in Palmr, you need administrator access to the settings panel.
+
+1. **Login as administrator**: Sign in to Palmr with an admin account
+
+2. **Access settings**: Click your profile picture in the header and select **Settings**
+
+3. **Navigate to authentication**: Find and click on the **Authentication Providers** configuration section
+
+<ZoomableImage src="/assets/v3/oidc/auth-providers.png" alt="Palmr Authentication Providers" />
+
+### Enabling Google provider
+
+Google comes pre-configured as an official provider, so the setup process is streamlined.
+
+1. **Locate Google provider**: Find Google in the list of available providers
+
+2. **Enable the provider**: Toggle the status to **Enabled**
+
+<ZoomableImage src="/assets/v3/oidc/google/palmr-enabled-google.png" alt="Palmr Authentication Providers" />
+
+After enabling the provider, click on the pen icon to configure the provider.
+
+3. **Configure credentials**:
+   - **Client ID**: Paste the Client ID from Google Cloud Console
+   - **Client Secret**: Paste the Client Secret from Google Cloud Console
+   - **Scopes**: Add the scopes you want to use. The default scopes are `openid`, `profile`, and `email`.
+
+<ZoomableImage src="/assets/v3/oidc/google/edit-google.png" alt="Edit Google Provider" />
+
+### Advanced configuration options
+
+Configure additional settings to customize the authentication behavior:
+
+**Auto Registration**: Enable this to automatically create user accounts when someone authenticates for the first time.
+
+**Admin Email Domains**: Specify domains that should automatically receive admin privileges. For example, entering `yourcompany.com` will grant admin access to anyone with an email from that domain.
+
+**Sort Order**: Control where the Google login button appears relative to other authentication providers.
+
+**Icon**: you can choose the icon you want to use for the Google login button (default is `FcGoogle`).
+
+<ZoomableImage src="/assets/v3/oidc/google/google-icon.png" alt="Google Icon" />
+
+> **Security consideration:** Be cautious with auto-registration and admin domains. Only enable these if you trust the user base or have domain restrictions in place.
+
+---
+
+## Account linking
+
+By default, if a user is already registered in Palmr with their Google email, they will be automatically linked to their Palmr account.
+
+> **Note:** You can't disable account linking. If you want to unlink a user from their Google account, you need to delete the user from Palmr.
+
+---
+
+## Technical configuration
+
+Google's technical configuration is handled automatically, but understanding the setup can help with troubleshooting:
+
+```yaml
+Provider Type: OAuth 2.0 with OIDC Discovery
+Issuer URL: https://accounts.google.com
+Authorization Endpoint: /o/oauth2/v2/auth
+Token Endpoint: /o/oauth2/token
+UserInfo Endpoint: https://www.googleapis.com/oauth2/v3/userinfo
+Scopes: openid profile email
+```
+
+### Field mappings
+
+Palmr automatically maps Google user information to local user accounts:
+
+- **User ID**: Maps from Google's `sub` field
+- **Email**: Maps from Google's `email` field
+- **Full Name**: Maps from Google's `name` field
+- **First Name**: Maps from Google's `given_name` field
+- **Last Name**: Maps from Google's `family_name` field
+- **Avatar**: Maps from Google's `picture` field
+
+---
+
+## Testing the configuration
+
+### Verifying the setup
+
+After configuring Google authentication, test the integration to ensure everything works correctly.
+
+1. **Check login page**: Navigate to your Palmr login page and verify the "Sign in with Google" button appears
+
+2. **Test authentication flow**: Click the Google sign-in button and complete the authentication process
+
+3. **Verify user creation**: Confirm that a new user account is created (if auto-registration is enabled)
+
+### Login flow verification
+
+The complete authentication process should work as follows:
+
+1. **User clicks "Sign in with Google"**: The browser redirects to Google's authentication page
+2. **User authenticates with Google**: User enters their Google credentials or confirms existing session
+3. **Google redirects back to Palmr**: User returns to Palmr with authentication tokens
+4. **Palmr creates or updates user**: User account is automatically managed based on your configuration
+5. **User accesses Palmr**: User is logged in and can use all features according to their permissions
+
+---
+
+## Troubleshooting common issues
+
+### Redirect URI mismatch error
+
+**Error message**: `Error 400: redirect_uri_mismatch`
+
+**Cause**: The redirect URI in your request doesn't match what's configured in Google Cloud Console.
+
+**Solution**:
+
+1. Check the exact URL in the error message
+2. Add this exact URL to your Google Cloud Console credentials
+3. Ensure you include the correct protocol (http/https) and port
+4. Remove any trailing slashes unless they're in the error message
+
+### Access denied error
+
+**Error message**: `Error 403: access_denied`
+
+**Cause**: User denied permissions or the OAuth consent screen isn't properly configured.
+
+**Solution**:
+
+1. Verify the OAuth consent screen is published (for External user type)
+2. Check that required scopes are correctly configured
+3. For Internal applications, ensure the user belongs to your Google Workspace organization
+4. Review and simplify the permissions you're requesting
+
+### Invalid client error
+
+**Error message**: `Error 401: invalid_client`
+
+**Cause**: Incorrect Client ID or Client Secret.
+
+**Solution**:
+
+1. Double-check that you've copied the credentials correctly from Google Cloud Console
+2. Ensure there are no extra spaces or characters in the credentials
+3. Regenerate credentials if necessary
+4. Verify you're using the correct project in Google Cloud Console
+
+### Discovery endpoint issues
+
+**Cause**: Network connectivity problems or DNS resolution issues.
+
+**Solution**:
+
+1. Check server firewall and network connectivity
+2. Verify DNS resolution from your server
+3. Consider proxy or CDN configurations that might block the request
+
+---
+
+## Security best practices
+
+### Credential management
+
+- **Never expose secrets**: Keep your Client Secret secure and never commit it to version control
+- **Rotate credentials regularly**: Generate new credentials periodically for enhanced security
+- **Use environment variables**: Store sensitive configuration in environment variables, not config files
+- **Monitor access logs**: Regularly review authentication logs for suspicious activity
+
+### Domain and user restrictions
+
+- **Limit admin domains**: Only add trusted domains to the admin list
+- **Review auto-registration**: Consider disabling auto-registration if you need manual user approval
+- **Use Internal OAuth**: For organizations with Google Workspace, use Internal OAuth consent screen
+- **Regular access reviews**: Periodically review user access and remove inactive accounts
+
+### Production considerations
+
+- **Use HTTPS**: Always use HTTPS in production environments
+- **Configure proper domains**: Use production domains in Google Cloud Console
+- **Test thoroughly**: Verify the complete authentication flow before going live
+- **Plan for failures**: Have fallback authentication methods available
+
+---
+
+## Next steps
+
+With Google authentication configured, you might want to:
+
+- **Configure additional providers**: Set up other OIDC providers for more authentication options
+- **Customize user management**: Fine-tune auto-registration and admin assignment rules
+- **Review security settings**: Ensure your authentication setup meets your security requirements
+- **Monitor usage**: Keep track of authentication patterns and user activity
+
+For more information about OIDC authentication in Palmr, see the [OIDC Authentication overview](/docs/3.1-beta/oidc-authentication).
+
+## Useful resources
+
+- [Google Identity Platform Documentation](https://developers.google.com/identity)
+- [OAuth 2.0 for Web Server Applications](https://developers.google.com/identity/protocols/oauth2/web-server)
+- [OpenID Connect](https://developers.google.com/identity/protocols/oauth2/openid-connect)
+- [Google Cloud Console](https://console.cloud.google.com/apis/credentials)
--- a/apps/docs/content/docs/3.1-beta/oidc-authentication/index.mdx
+++ b/apps/docs/content/docs/3.1-beta/oidc-authentication/index.mdx
@@ -0,0 +1,86 @@
+---
+title: Introduction
+icon: IdCard
+---
+
+import { ZoomableImage } from "@/components/ui/zoomable-image";
+
+Palmr supports OpenID Connect (OIDC) authentication, allowing users to sign in using external identity providers such as Google, Zitadel, Auth0, and other OIDC-compliant services. This feature provides seamless single sign-on (SSO) capabilities and centralized user management.
+
+OIDC authentication in Palmr is built using the industry-standard OpenID Connect protocol. The implementation supports automatic user provisioning, and flexible configuration options.
+
+## Why use OIDC authentication?
+
+OIDC authentication provides several advantages for organizations and users:
+
+**Centralized Authentication**: Users can authenticate using their existing organizational credentials without creating separate accounts for Palmr.
+
+**Enhanced Security**: OIDC provides robust security features including token-based authentication, PKCE flow, and standardized protocols.
+
+**Single Sign-On**: Users can access Palmr. seamlessly if they're already authenticated with their identity provider.
+
+**User Management**: Administrators can manage user access centrally through their existing identity provider.
+
+**Compliance**: OIDC helps meet organizational security and compliance requirements by leveraging existing identity infrastructure.
+
+---
+
+## Prerequisites
+
+Before configuring OIDC authentication, ensure you have:
+
+- **Administrative Access**: ADMIN privileges in Palmr. to configure OIDC settings
+- **Identity Provider**: An OIDC-compliant identity provider (Google, Zitadel, Auth0, etc.)
+- **Application Registration**: Your Palmr. application registered with your identity provider
+- **OIDC Credentials**: Client ID, Client Secret, and Issuer URL from your identity provider
+
+### Supported identity providers
+
+Palmr's OIDC implementation is compatible with any OpenID Connect compliant provider, including as official providers:
+
+- **[Google](/docs/3.1-beta/oidc-authentication/google)**
+- **[Discord](/docs/3.1-beta/oidc-authentication/discord)**
+- **[Github](/docs/3.1-beta/oidc-authentication/github)**
+- **[Zitadel](/docs/3.1-beta/oidc-authentication/zitadel)**
+- **[Auth0](/docs/3.1-beta/oidc-authentication/auth0)**
+- **[Authentik](/docs/3.1-beta/oidc-authentication/authentik)**
+- **[Frontegg](/docs/3.1-beta/oidc-authentication/frontegg)**
+- **[Kinde Auth](/docs/3.1-beta/oidc-authentication/kinde-auth)**
+
+Although these are the official providers (internally tested with 100% success), you can connect any OIDC provider by providing your credentials and connection URL. We've developed a practical way to integrate virtually all OIDC providers available in the market. In this documentation, you can consult how to configure each of the official providers, as well as include other providers not listed as official. Just below, you will find instructions on how to access the OIDC provider configuration. For specific details about configuring each provider, select the desired option in the sidebar, in the "OIDC Authentication" section.
+
+<ZoomableImage
+  src="/assets/v3/oidc/all-providers.png"
+  alt="All OIDC Providers"
+  legend="You can use how many providers you want, but we recommend using at least 2 providers to ensure the best user experience."
+/>
+
+---
+
+## Configuring OIDC settings
+
+OIDC configuration is managed through Palmr's administrative settings panel, accessible only to users with ADMIN privileges.
+
+### Accessing OIDC configuration
+
+To configure OIDC authentication:
+
+1. **Access Settings**: Click on your profile picture in the header and select **Settings**
+2. **Navigate to Authentication**: Find the **Authentication Providers** configuration section
+3. **Enable OIDC**: Toggle the OIDC authentication option to enable it
+
+> **Note:** Consult the documentation of each provider to configure it.
+
+<ZoomableImage
+  src="/assets/v3/oidc/auth-providers.png"
+  alt="OIDC Settings"
+  legend="Consult the documentation of each provider to configure it."
+/>
+
+---
+
+## Next steps
+
+Select one of the cards below to continue configuring your authentication provider.
+
+<OIDCProviderCards />
--- a/apps/docs/content/docs/3.1-beta/oidc-authentication/kinde-auth.mdx
+++ b/apps/docs/content/docs/3.1-beta/oidc-authentication/kinde-auth.mdx
@@ -0,0 +1,369 @@
+---
+title: Kinde Auth
+icon: Users
+---
+
+import { ZoomableImage } from "@/components/ui/zoomable-image";
+
+Kinde Auth is one of Palmr's officially supported OIDC providers, offering modern authentication through Kinde's developer-friendly identity platform. This integration allows users to sign in to Palmr using Kinde's comprehensive authentication system, making it perfect for developers, startups, and organizations that need a modern, scalable authentication solution with excellent developer experience.
+
+<ZoomableImage src="/assets/v3/oidc/kinde/sign-in-with-kinde.png" alt="Sign in with Kinde" />
+
+## Why use Kinde Auth authentication?
+
+Kinde Auth authentication provides several advantages for modern applications and development teams:
+
+- **Developer-first experience** - Clean APIs, comprehensive SDKs, and excellent documentation
+- **Modern authentication** - Built with modern web standards and best practices
+- **Scalable infrastructure** - Enterprise-grade reliability with startup-friendly pricing
+- **Compliance ready** - Built-in compliance with GDPR, SOC 2, and other standards
+- **Advanced features** - Multi-factor authentication, social logins, and custom branding
+
+---
+
+## Prerequisites
+
+Before configuring Kinde Auth authentication, ensure you have:
+
+- **Kinde account** - Ability to create applications and manage tenants
+- **Admin privileges in Palmr** - Required to configure OIDC settings
+- **Domain configuration** - For production deployments with custom domains
+
+> **Note:** Kinde Auth is pre-configured as an official provider in Palmr, which means the technical configuration is handled automatically. You only need to provide your OAuth credentials.
+
+---
+
+## Setting up Kinde Auth Application
+
+### Creating a Kinde application
+
+To get started with Kinde Auth authentication, you'll need to create an application in your Kinde Dashboard.
+
+1. **Navigate to Kinde Dashboard**: Go to [your-tenant.kinde.com/admin](https://your-tenant.kinde.com/admin)
+
+<ZoomableImage src="/assets/v3/oidc/kinde/kinde-dashboard.png" alt="Kinde Dashboard" />
+
+2. **Create new application**: Click **"Add application"** button in the center of the page.
+
+3. **Select application type**: Choose **"Back-end web"** for web-based Palmr instances
+
+4. **Enter application details**:
+   - **Name**: Enter a descriptive name like "Palmr File Sharing"
+
+<ZoomableImage src="/assets/v3/oidc/kinde/application-type.png" alt="Kinde Application Type Selection" />
+
+5. **Create application**: Click **"Save"** to generate your Kinde application
+
+### Configuring application settings
+
+After creating your application, you'll be redirected to the application page.
+
+<ZoomableImage src="/assets/v3/oidc/kinde/application-page.png" alt="Kinde Application Page" />
+
+Click on the **"Details"** tab on the sidebar to configure the application settings and get the OAuth credentials.
+
+<ZoomableImage
+  src="/assets/v3/oidc/kinde/application-details.png"
+  alt="Kinde Application Details"
+  legend="This is a fake application, you have to use your own."
+/>
+
+### Getting OAuth credentials
+
+Now you'll get the credentials that Palmr will use to authenticate with Kinde.
+
+1. **Copy Domain**: Note your Kinde domain (e.g., `your-tenant.kinde.com`)
+
+2. **Copy Client ID**: The Client ID is displayed in the **"Client ID"** field
+
+3. **Copy Client Secret**: The Client Secret is displayed in the **"Client secret"** field
+
+<ZoomableImage
+  src="/assets/v3/oidc/kinde/oauth-credentials.png"
+  alt="Kinde OAuth Credentials"
+  legend="The client ID and client secret shown in the image are examples only (fake credentials). You must use your own credentials from Kinde."
+/>
+
+4. **Save credentials**: Copy the **Domain**, **Client ID**, and **Client Secret** for later use
+
+> **Note:** For now you only need this configuration, you can come back here later to configure the application as you want.
+
+###**Configure application URLs**:
+
+You'll need to configure several URLs in your Kinde application settings. Here's what to add for each environment:
+
+#### Allowed callback URLs
+
+| Environment | URL                                                             |
+| ----------- | --------------------------------------------------------------- |
+| Production  | `https://yourdomain.com/api/auth/providers/kinde/callback`      |
+| Development | `http://localhost:3000/api/auth/providers/kinde/callback`       |
+| Custom Port | `https://yourdomain.com:5487/api/auth/providers/kinde/callback` |
+
+#### Application homepage URI
+
+| Environment | URL                           |
+| ----------- | ----------------------------- |
+| Production  | `https://yourdomain.com`      |
+| Development | `http://localhost:3000`       |
+| Custom Port | `https://yourdomain.com:5487` |
+
+#### Application login URI
+
+| Environment | URL                                 |
+| ----------- | ----------------------------------- |
+| Production  | `https://yourdomain.com/login`      |
+| Development | `http://localhost:3000/login`       |
+| Custom Port | `https://yourdomain.com:5487/login` |
+
+#### Allowed logout redirect URLs
+
+| Environment | URL                           |
+| ----------- | ----------------------------- |
+| Production  | `https://yourdomain.com`      |
+| Development | `http://localhost:3000`       |
+| Custom Port | `https://yourdomain.com:5487` |
+
+> **Note:** Replace `yourdomain.com` with your actual domain name in all production and custom port URLs.
+> **Note:** You can add multiple redirect URIs for different environments (development, staging, production).
+
+<ZoomableImage
+  src="/assets/v3/oidc/kinde/config-urls.png"
+  alt="Kinde Application URLs Configuration"
+  legend="This is a fake application, you have to use your own."
+/>
+
+2. **Save changes**: Click **"Save"** on the top right corner to apply your configuration
+
+---
+
+## Configuring Palmr
+
+### Accessing OIDC settings
+
+To configure Kinde Auth authentication in Palmr, you need administrator access to the settings panel.
+
+1. **Login as administrator**: Sign in to Palmr with an admin account
+
+2. **Access settings**: Click your profile picture in the header and select **Settings**
+
+3. **Navigate to authentication**: Find and click on the **Authentication Providers** configuration section
+
+<ZoomableImage src="/assets/v3/oidc/auth-providers.png" alt="Palmr Authentication Providers" />
+
+### Enabling Kinde Auth provider
+
+Kinde Auth comes pre-configured as an official provider, so the setup process is streamlined.
+
+1. **Locate Kinde Auth provider**: Find Kinde Auth in the list of available providers
+
+2. **Enable the provider**: Toggle the status to **Enabled**
+
+<ZoomableImage src="/assets/v3/oidc/kinde/enabled-kinde.png" alt="Palmr Kinde Auth Provider Enabled" />
+
+After enabling the provider, click on the pen icon to configure the provider.
+
+3. **Configure credentials**:
+   - **Provider URL**: Paste your Kinde domain (e.g., `https://your-tenant.kinde.com`)
+   - **Client ID**: Paste the Client ID from Kinde application
+   - **Client Secret**: Paste the Client Secret from Kinde application
+   - **Scopes**: Add the scopes you want to use. The default scopes are `openid`, `profile`, and `email`. You don't need change this if you are not sure.
+
+<ZoomableImage
+  src="/assets/v3/oidc/kinde/edit-kinde.png"
+  alt="Edit Kinde Auth Provider"
+  legend="This is a fake application, you have to use your own."
+/>
+
+### Advanced configuration options
+
+Configure additional settings to customize the authentication behavior:
+
+**Auto Registration**: Enable this to automatically create user accounts when someone authenticates for the first time.
+
+**Sort Order**: Control where the Kinde Auth login button appears relative to other authentication providers.
+
+**Icon**: you can choose the icon you want to use for the Kinde Auth login button (default is `FaKey`).
+
+<ZoomableImage src="/assets/v3/oidc/kinde/kinde-icon.png" alt="Kinde Auth Icon" />
+
+> **Developer tip:** Kinde Auth authentication works great for modern applications requiring excellent developer experience and scalable authentication infrastructure.
+
+---
+
+## Account linking
+
+By default, if a user is already registered in Palmr with their Kinde Auth email, they will be automatically linked to their Palmr account.
+
+> **Note:** You can't disable account linking. If you want to unlink a user from their Kinde Auth account, you need to delete the user from Palmr.
+
+---
+
+## Technical configuration
+
+Kinde Auth's technical configuration is handled automatically, but understanding the setup can help with troubleshooting:
+
+```yaml
+Provider Type: OAuth 2.0 with OIDC Discovery
+Issuer URL: https://your-tenant.kinde.com
+Authorization Endpoint: /oauth2/auth
+Token Endpoint: /oauth2/token
+UserInfo Endpoint: /oauth2/user_profile
+Scopes: openid profile email
+```
+
+### Field mappings
+
+Palmr automatically maps Kinde Auth user information to local user accounts:
+
+- **User ID**: Maps from Kinde's `id` field
+- **Email**: Maps from Kinde's `preferred_email` field
+- **Full Name**: Maps from Kinde's `first_name` and `last_name` fields
+- **First Name**: Maps from Kinde's `first_name` field
+- **Last Name**: Maps from Kinde's `last_name` field
+- **Avatar**: Maps from Kinde's `picture` field
+- **Username**: Maps from Kinde's `preferred_username` field
+
+### Kinde Auth-specific features
+
+- **Custom Claims**: Can include custom user metadata and app metadata
+- **Social Logins**: Supports integration with various social providers
+- **Multi-factor Authentication**: Supports Kinde's MFA features
+- **Modern APIs**: Clean REST APIs and comprehensive SDKs
+- **Developer Tools**: Excellent documentation and developer experience
+
+---
+
+## Testing the configuration
+
+### Verifying the setup
+
+After configuring Kinde Auth authentication, test the integration to ensure everything works correctly.
+
+1. **Check login page**: Navigate to your Palmr login page and verify the "Sign in with Kinde" button appears
+
+2. **Test authentication flow**: Click the Kinde Auth sign-in button and complete the authentication process
+
+3. **Verify user creation**: Confirm that a new user account is created (if auto-registration is enabled)
+
+### Login flow verification
+
+The complete authentication process should work as follows:
+
+1. **User clicks "Sign in with Kinde"**: The browser redirects to Kinde's authorization page
+2. **User authenticates**: User completes authentication through Kinde (login, MFA, etc.)
+3. **Kinde redirects back to Palmr**: User returns to Palmr with authentication tokens
+4. **Palmr creates or updates user**: User account is automatically managed with Kinde information
+5. **User accesses Palmr**: User is logged in with their Kinde identity
+
+---
+
+## Troubleshooting common issues
+
+### Redirect URI mismatch error
+
+**Error message**: `invalid_redirect_uri`
+
+**Cause**: The redirect URI in your request doesn't match what's configured in Kinde application.
+
+**Solution**:
+
+1. Check the exact URL in the error message
+2. Add this exact URL to your Kinde application's redirect URIs
+3. Ensure you include the correct protocol (http/https) and port
+4. Remove any trailing slashes unless they're in the callback URL
+
+### Access denied error
+
+**Error message**: `access_denied`
+
+**Cause**: User denied permissions or the application isn't properly configured.
+
+**Solution**:
+
+1. Verify that your Kinde application requests the correct scopes
+2. Check that users are granting permissions during the authorization flow
+3. Ensure your application is not restricted or disabled
+4. Verify the application has proper permissions set up
+
+### Invalid client error
+
+**Error message**: `invalid_client`
+
+**Cause**: Incorrect Client ID, Client Secret, or Domain.
+
+**Solution**:
+
+1. Double-check that you've copied the credentials correctly from Kinde
+2. Ensure there are no extra spaces or characters in the credentials
+3. Verify you're using the correct domain format (e.g., `your-tenant.kinde.com`)
+4. Generate a new Client Secret if necessary
+
+### Domain configuration issues
+
+**Error message**: Domain not found or invalid
+
+**Cause**: Incorrect Kinde domain or tenant configuration.
+
+**Solution**:
+
+1. Verify your Kinde domain is correct (e.g., `your-tenant.kinde.com`)
+2. Check that your Kinde tenant is active and not suspended
+3. Ensure you're using the correct region for your tenant
+4. Verify DNS resolution for your Kinde domain
+
+### Custom claims not available
+
+**Cause**: Custom claims not properly configured in Kinde.
+
+**Solution**:
+
+1. Check Kinde custom claims configuration
+2. Verify that custom claims are included in the ID token
+3. Ensure the claims are properly formatted and accessible
+4. Test with a user that has the expected custom claims
+
+---
+
+## Security best practices
+
+### Credential management
+
+- **Never expose secrets**: Keep your Client Secret secure and never commit it to version control
+- **Rotate credentials regularly**: Generate new Client Secrets periodically for enhanced security
+- **Use environment variables**: Store sensitive configuration in environment variables, not config files
+- **Monitor access logs**: Regularly review authentication logs for suspicious activity
+
+### Scope and permission management
+
+- **Minimal scopes**: Only request `openid`, `profile`, and `email` scopes as required by Palmr
+- **User consent**: Ensure users understand what permissions they're granting
+- **Regular audits**: Review which users have connected their Kinde Auth accounts
+- **Access reviews**: Periodically check user access and remove inactive accounts
+
+### Production considerations
+
+- **Use HTTPS**: Always use HTTPS in production environments
+- **Configure proper domains**: Use production domains in Kinde application settings
+- **Test thoroughly**: Verify the complete authentication flow before going live
+- **Plan for failures**: Have fallback authentication methods available
+
+---
+
+## Next steps
+
+With Kinde Auth authentication configured, you might want to:
+
+- **Configure additional providers**: Set up other OIDC providers for more authentication options
+- **Customize user management**: Fine-tune auto-registration and admin assignment rules
+- **Review security settings**: Ensure your authentication setup meets your security requirements
+- **Monitor usage**: Keep track of authentication patterns and user activity
+
+For more information about OIDC authentication in Palmr, see the [OIDC Authentication overview](/docs/3.1-beta/oidc-authentication).
+
+## Useful resources
+
+- [Kinde Documentation](https://kinde.com/docs)
+- [Kinde OAuth 2.0 Guide](https://kinde.com/docs/developer-tools/oauth2)
+- [Kinde OpenID Connect](https://kinde.com/docs/developer-tools/openid-connect)
+- [Kinde Dashboard](https://app.kinde.com)
--- a/apps/docs/content/docs/3.1-beta/oidc-authentication/meta.json
+++ b/apps/docs/content/docs/3.1-beta/oidc-authentication/meta.json
@@ -0,0 +1,18 @@
+{
+  "defaultOpen": false,
+  "icon": "Key",
+  "pages": [
+    "index",
+    "google",
+    "discord",
+    "github",
+    "zitadel",
+    "auth0",
+    "authentik",
+    "frontegg",
+    "kinde-auth",
+    "pocket-id",
+    "other"
+  ],
+  "title": "OIDC Authentication"
+}
--- a/apps/docs/content/docs/3.1-beta/oidc-authentication/other.mdx
+++ b/apps/docs/content/docs/3.1-beta/oidc-authentication/other.mdx
@@ -0,0 +1,467 @@
+---
+title: Other Providers
+icon: Settings
+---
+
+import { ZoomableImage } from "@/components/ui/zoomable-image";
+
+Palmr supports custom OIDC (OpenID Connect) and OAuth 2.0 providers, allowing you to integrate with any identity provider that follows these standards. This flexibility enables organizations to use their existing identity infrastructure, whether it's a custom authentication system, enterprise SSO solution, or any other OIDC-compliant provider.
+
+<ZoomableImage src="/assets/v3/oidc/custom/custom-provider-login.png" alt="Custom OIDC Providers" />
+
+## Why use custom OIDC providers?
+
+Custom OIDC providers offer several advantages for organizations with specific authentication requirements:
+
+- **Flexibility** - Integrate with any OIDC-compliant identity provider
+- **Enterprise integration** - Connect with existing enterprise SSO systems
+- **Custom authentication flows** - Support for specialized authentication requirements
+- **No vendor lock-in** - Use your preferred identity provider
+- **Compliance** - Meet specific security and compliance requirements
+
+---
+
+## Prerequisites
+
+Before configuring a custom OIDC provider, ensure you have:
+
+- **OIDC/OAuth 2.0 provider** - A working identity provider that supports OIDC or OAuth 2.0
+- **Admin privileges in Palmr** - Required to configure authentication settings
+- **Provider documentation** - Access to your provider's OIDC configuration details
+
+> **Note:** The configuration process requires technical knowledge of OIDC/OAuth 2.0 standards. You'll need to obtain the necessary credentials and endpoints from your identity provider.
+
+---
+
+## Understanding OIDC Configuration
+
+### Configuration Methods
+
+Palmr supports two methods for configuring custom providers:
+
+#### 1. Auto Discovery
+
+For providers that support OIDC Discovery, Palmr can automatically discover the required endpoints using the issuer URL.
+
+**Requirements:**
+
+- Provider must support OIDC Discovery
+- Issuer URL must be accessible
+- Provider must expose a `.well-known/openid_configuration` endpoint
+
+#### 2. Manual Endpoint Configuration (Recommended)
+
+For providers that don't support OIDC Discovery or require custom endpoints.
+
+**Required endpoints:**
+
+- Authorization endpoint
+- Token endpoint
+- User info endpoint
+
+### Required Information
+
+You'll need the following information from your identity provider:
+
+- **Provider URL/Issuer URL** - The base URL of your identity provider
+- **Client ID** - The OAuth client identifier
+- **Client Secret** - The OAuth client secret
+- **Scopes** - The OAuth scopes required for authentication
+- **Endpoints** (if using manual configuration):
+  - Authorization endpoint
+  - Token endpoint
+  - User info endpoint
+
+---
+
+## Configuring Palmr
+
+### Accessing Authentication Settings
+
+To configure a custom OIDC provider in Palmr, you need administrator access to the settings panel.
+
+1. **Login as administrator**: Sign in to Palmr with an admin account
+
+2. **Access settings**: Click your profile picture in the header and select **Settings**
+
+3. **Navigate to authentication**: Find and click on the **Authentication Providers** configuration section
+
+<ZoomableImage src="/assets/v3/oidc/auth-providers.png" alt="Palmr Authentication Providers" />
+
+### Adding a Custom Provider
+
+1. **Add new provider**: Click the **"Add Provider"** button in the Authentication Providers section
+
+<ZoomableImage src="/assets/v3/oidc/custom/add-provider.png" alt="Add Provider" />
+
+2. **Configure basic information**:
+   - **Provider Name**: Enter a unique identifier (e.g., `custom-provider`)
+   - **Display Name**: Enter the name users will see (e.g., `Custom SSO`)
+   - **Type**: Select `OIDC` for OpenID Connect or `OAuth2` for OAuth 2.0
+   - **Icon**: Choose an appropriate icon for the login button
+
+<ZoomableImage src="/assets/v3/oidc/custom/provider-basic-info.png" alt="Provider Basic Info" />
+
+### Configuration Method Selection
+
+Choose between auto discovery and manual endpoint configuration:
+
+#### Auto Discovery Configuration
+
+1. **Select Auto Discovery**: Choose the "Auto Discovery" option
+2. **Provider URL**: Enter your identity provider's issuer URL (e.g., `https://your-provider.com`)
+3. **Palmr will try to automatically discover**:
+   - Authorization endpoint
+   - Token endpoint
+   - User info endpoint
+   - Supported scopes
+
+> **Note:** If the auto discovery fails, you can switch to manual endpoint configuration and fill the endpoints manually (recommended).
+
+#### Manual Endpoint Configuration
+
+1. **Select Manual Endpoints**: Choose the "Manual Endpoints" option
+2. **Provider URL**: Enter your identity provider's base URL
+3. **Configure endpoints**:
+   - **Authorization Endpoint**: The OAuth authorization endpoint
+   - **Token Endpoint**: The OAuth token endpoint
+   - **User Info Endpoint**: The user information endpoint
+
+<ZoomableImage src="/assets/v3/oidc/custom/manual-endpoints.png" alt="Manual Endpoints" />
+
+> **Note:** `User info endpoint` can be a full URL or a relative path. (e.g. `/userinfo` or `https://other-any-url.com/userinfo`)
+> **Note:** `Token endpoint` and `Authorization endpoint` must be just the path. (e.g. `/oauth/token` or `/oauth/authorize`), Palmr will automatically add the base URL to the endpoints based on the `Provider URL` you provided.
+
+### OAuth Credentials
+
+Configure the OAuth credentials obtained from your identity provider:
+
+1. **Client ID**: Enter the OAuth client identifier
+2. **Client Secret**: Enter the OAuth client secret
+3. **Scopes**: Configure the required OAuth scopes
+
+**Common OIDC scopes:**
+
+- `openid` - Required for OIDC
+- `profile` - Access to user profile information
+- `email` - Access to user email address
+
+**Common OAuth 2.0 scopes:**
+
+- `profile` - Access to user profile information
+- `email` - Access to user email address
+
+### Advanced Configuration
+
+Configure additional settings to customize the authentication behavior:
+
+**Auto Registration**: Enable this to automatically create user accounts when someone authenticates for the first time.
+
+**Admin Email Domains**: Specify domains that should automatically receive admin privileges. For example, entering `yourcompany.com` will grant admin access to anyone with an email from that domain.
+
+**Sort Order**: Control where the custom provider login button appears relative to other authentication providers.
+
+---
+
+## Callback URL Configuration
+
+Palmr will display the required callback URL that you need to configure in your identity provider:
+
+### Callback URL Format
+
+```
+https://yourdomain.com/api/auth/providers/{provider-name}/callback
+```
+
+### Environment-specific URLs
+
+| Environment | Callback URL                                                              |
+| ----------- | ------------------------------------------------------------------------- |
+| Production  | `https://yourdomain.com/api/auth/providers/custom-provider/callback`      |
+| Development | `http://localhost:3000/api/auth/providers/custom-provider/callback`       |
+| Custom Port | `https://yourdomain.com:5487/api/auth/providers/custom-provider/callback` |
+
+> **Important:** Replace `yourdomain.com` with your actual domain and `custom-provider` with your actual provider name.
+
+### Final Considerations
+
+> **Note:** Don't forget enable your provider in the `Authentication Providers` section after add it.
+
+After configuring your custom provider, it will be available in the `Authentication Providers` section.
+
+<ZoomableImage src="/assets/v3/oidc/custom/enabled-provider.png" alt="Enabled Provider" />
+
+---
+
+## Testing the Configuration
+
+### Verifying the Setup
+
+After configuring your custom provider, test the integration to ensure everything works correctly.
+
+1. **Check login page**: Navigate to your Palmr login page and verify your custom provider button appears
+
+2. **Test authentication flow**: Click the custom provider sign-in button and complete the authentication process
+
+3. **Verify user creation**: Confirm that a new user account is created (if auto-registration is enabled)
+
+### Troubleshooting
+
+Common issues and solutions:
+
+**"Invalid redirect URI" error:**
+
+- Verify the callback URL is correctly configured in your identity provider
+- Ensure the provider name in the callback URL matches your configured provider name
+
+**"Invalid client credentials" error:**
+
+- Verify the Client ID and Client Secret are correct
+- Ensure the credentials are for the correct application/environment
+
+**"Invalid scope" error:**
+
+- Verify the configured scopes are supported by your identity provider
+- Check that required scopes (like `openid` for OIDC) are included
+
+**"User info endpoint error":**
+
+- Verify the user info endpoint URL is correct
+- Ensure the endpoint returns the expected user information format
+
+---
+
+## Security Considerations
+
+When configuring custom OIDC providers, consider the following security best practices:
+
+### Credential Security
+
+- **Secure storage**: Ensure Client Secrets are stored securely
+- **Regular rotation**: Rotate Client Secrets periodically
+- **Environment separation**: Use different credentials for development and production
+
+### Provider Security
+
+- **HTTPS only**: Ensure all endpoints use HTTPS in production
+- **Valid certificates**: Verify SSL certificates are valid and trusted
+- **Access controls**: Implement appropriate access controls on your identity provider
+
+### Palmr Configuration
+
+- **Admin access**: Restrict access to authentication settings to authorized administrators
+- **Audit logging**: Monitor authentication events and user access
+- **Regular testing**: Periodically test the authentication flow
+
+---
+
+## Account Linking
+
+By default, if a user is already registered in Palmr with their email address, they will be automatically linked to their account when they authenticate through your custom provider.
+
+> **Note:** You can't disable account linking. If you want to unlink a user from their custom provider account, you need to delete the user from Palmr.
+
+---
+
+## Technical Configuration
+
+### OIDC Discovery
+
+If your provider supports OIDC Discovery, Palmr will automatically fetch the configuration from:
+
+```
+{issuer-url}/.well-known/openid_configuration
+```
+
+This endpoint should return a JSON document containing:
+
+```json
+{
+  "authorization_endpoint": "https://your-provider.com/oauth/authorize",
+  "grant_types_supported": ["authorization_code"],
+  "issuer": "https://your-provider.com",
+  "response_types_supported": ["code"],
+  "scopes_supported": ["openid", "profile", "email"],
+  "token_endpoint": "https://your-provider.com/oauth/token",
+  "userinfo_endpoint": "https://your-provider.com/oauth/userinfo"
+}
+```
+
+### Manual Configuration
+
+For manual endpoint configuration, ensure your endpoints follow OAuth 2.0/OIDC standards:
+
+- **Authorization Endpoint**: Handles user authentication and authorization
+- **Token Endpoint**: Exchanges authorization codes for access tokens
+- **User Info Endpoint**: Returns user information using the access token
+
+---
+
+## Support and Troubleshooting
+
+If you encounter issues with your custom OIDC provider configuration:
+
+1. **Check provider documentation**: Verify your configuration against your provider's documentation
+2. **Review logs**: Check Palmr server logs for detailed error messages
+3. **Test endpoints**: Verify all endpoints are accessible and return expected responses
+4. **Community support**: Seek help from the Palmr community or your provider's support team
+
+> **Note:** Custom provider configurations require technical expertise in OIDC/OAuth 2.0. Ensure you have access to your provider's technical documentation and support resources.
+
+## Requesting Provider Support
+
+If you've successfully configured a custom OIDC provider and would like to request it to be added as an officially supported provider in Palmr, you can open a detailed issue with all the necessary configuration information.
+
+### Why Request Official Support?
+
+Having your provider officially supported offers several benefits:
+
+- **Easier setup** - Pre-configured providers require minimal configuration
+- **Better documentation** - Official setup guides and troubleshooting
+- **Community support** - Others can benefit from your configuration
+- **Maintenance** - The Palmr team maintains and updates the provider
+
+### Before Opening an Issue
+
+Ensure you have:
+
+- **Working configuration** - Your provider must be fully functional and tested
+- **Complete documentation** - All setup steps and requirements documented
+- **Provider information** - All necessary URLs, endpoints, and configuration details
+- **Testing completed** - Thoroughly tested authentication flow and user management
+
+### Issue Template
+
+Use the following template when opening your issue. Copy and paste it, then fill in all the required information:
+
+```markdown
+## Provider Support Request: [Provider Name]
+
+### Provider Information
+
+**Provider Name:** [e.g., CustomOIDC, EnterpriseSSO, CompanyAuth]
+**Provider Type:** [OIDC / OAuth 2.0]
+**Provider Website:** [URL to provider's website]
+**Provider Documentation:** [URL to OIDC/OAuth documentation]
+
+### Configuration Details
+
+#### Basic Information
+
+- **Provider URL/Issuer:** `https://your-provider.com`
+- **Client ID:** [Your OAuth client ID]
+- **Client Secret:** [Your OAuth client secret]
+- **Scopes:** `openid profile email` [List all required scopes]
+
+#### Endpoints
+
+- **Authorization Endpoint:** `/oauth/authorize` [or full URL if different]
+- **Token Endpoint:** `/oauth/token` [or full URL if different]
+- **User Info Endpoint:** `/oauth/userinfo` [or full URL if different]
+- **Discovery Endpoint:** `/.well-known/openid_configuration` [if supported]
+
+#### OIDC Discovery Information
+
+**Does your provider support OIDC Discovery?** [Yes/No]
+**Discovery URL:** `https://your-provider.com/.well-known/openid_configuration` [if yes]
+
+### Setup Instructions
+
+#### Prerequisites
+
+- [List any required software, accounts, or permissions]
+- [Any specific requirements for the provider]
+
+#### Step-by-Step Configuration
+
+1. [Detailed step 1]
+2. [Detailed step 2]
+3. [Detailed step 3]
+4. [Continue with all necessary steps]
+
+#### Palmr Configuration
+
+**Provider Name:** `custom-provider` [suggested internal name]
+**Display Name:** `Custom SSO` [name users will see]
+**Icon:** [suggested icon or describe what icon to use]
+
+### Testing Information
+
+#### Tested Environments
+
+- **Operating Systems:** [Windows, macOS, Linux, etc.]
+- **Browsers:** [Chrome, Firefox, Safari, Edge, etc.]
+- **Palmr Version:** [Version you tested with]
+
+#### Authentication Flow
+
+- [ ] User can successfully authenticate
+- [ ] User account is created automatically (if enabled)
+- [ ] Admin domain restrictions work correctly
+- [ ] User profile information is retrieved correctly
+- [ ] Account linking works with existing users
+
+#### Known Issues
+
+[List any known limitations, restrictions, or special considerations]
+
+### Screenshots
+
+**Provider Login Page:** [Screenshot of the provider's login page]
+**Palmr Configuration:** [Screenshot of your Palmr provider configuration]
+**Authentication Flow:** [Screenshots of the authentication process]
+
+### Additional Information
+
+#### Special Requirements
+
+[Any special configuration requirements, custom headers, or unique settings]
+
+#### Security Considerations
+
+[Any security-specific requirements or recommendations]
+
+#### Performance Notes
+
+[Any performance implications or recommendations]
+
+### Contact Information
+
+**Your Name:** [Optional - for follow-up questions]
+**Email:** [Optional - for follow-up questions]
+**GitHub Username:** [Your GitHub username]
+
+### Checklist
+
+Before submitting this issue, please ensure:
+
+- [ ] All required information is provided
+- [ ] Configuration has been tested and works
+- [ ] Screenshots are included (if applicable)
+- [ ] Setup instructions are complete and accurate
+- [ ] No sensitive information (like actual client secrets) is included
+```
+
+### What Happens Next?
+
+1. **Issue Review** - The Palmr team will review your request
+2. **Additional Questions** - You may be asked for more information
+3. **Implementation** - If approved, the provider will be added to Palmr
+4. **Documentation** - Official documentation will be created
+5. **Release** - The provider will be available in the next release
+
+### Tips for a Successful Request
+
+- **Be thorough** - Include all necessary information
+- **Test everything** - Ensure your configuration works completely
+- **Provide screenshots** - Visual aids help with implementation
+- **Document clearly** - Write clear, step-by-step instructions
+- **Check existing providers** - Make sure your provider isn't already supported
+
+### Need Help?
+
+If you need assistance with your request:
+
+- **Check existing issues** - Review other provider requests for examples
+- **Join the community** - Participate in discussions and ask questions
+- **Read the documentation** - Ensure you understand the OIDC/OAuth requirements
--- a/apps/docs/content/docs/3.1-beta/oidc-authentication/pocket-id.mdx
+++ b/apps/docs/content/docs/3.1-beta/oidc-authentication/pocket-id.mdx
@@ -0,0 +1,279 @@
+---
+title: Pocket ID
+icon: IdCardLanyard
+---
+
+import { ZoomableImage } from "@/components/ui/zoomable-image";
+
+Pocket ID is one of Palmr's officially supported OIDC providers, offering a robust and flexible identity management solution. This integration allows users to sign in to Palmr using Pocket ID's authentication system, making it perfect for organizations that need a self-hosted identity provider with OIDC support.
+
+<ZoomableImage src="/assets/v3/oidc/pocket-id/sign-in-with-pocket-id.png" alt="Sign in with Pocket ID" />
+
+## Why use Pocket ID authentication?
+
+Pocket ID authentication provides several advantages for organizations seeking a self-hosted identity solution:
+
+- **Self-hosted control** - Full control over your authentication infrastructure and data
+- **OIDC compliance** - Standard OpenID Connect implementation for seamless integration
+- **Flexible deployment** - Deploy on any infrastructure that suits your needs
+- **Automatic discovery** - Supports OIDC discovery for streamlined configuration
+- **Simple configuration** - Intuitive setup process with minimal complexity
+- **Data sovereignty** - Keep all authentication data within your infrastructure
+- **Cost-effective** - No per-user pricing, perfect for growing organizations
+
+---
+
+## Prerequisites
+
+Before configuring Pocket ID authentication, ensure you have:
+
+- **Pocket ID instance** - A running Pocket ID server accessible via HTTPS
+- **Admin privileges in Palmr** - Required to configure OIDC settings
+- **Domain configuration** - For production deployments with custom domains
+
+> **Note:** Pocket ID is pre-configured as an official provider in Palmr, which means the technical configuration is handled automatically. You only need to provide your OAuth credentials.
+
+---
+
+## Setting up Pocket ID Application
+
+### Creating a Pocket ID application
+
+To get started with Pocket ID authentication, you'll need to create an application in your Pocket ID admin interface.
+
+1. **Navigate to Pocket ID Admin**: Go to your Pocket ID instance URL (e.g., `https://your-pocket-id.domain.com`)
+
+<ZoomableImage src="/assets/v3/oidc/pocket-id/pocket-id-console.png" alt="Pocket ID Console" />
+
+2. **Navigate to OIDC Clients**: Click **"OIDC Clients"** in the applications in the left sidebar, you will be redirected to the OIDC Clients page
+
+<ZoomableImage src="/assets/v3/oidc/pocket-id/oidc-clients.png" alt="OIDC Clients" />
+
+3. **Create a new OIDC Client**: Click **"Add OIDC Client"** button in the OIDC Clients page
+
+<ZoomableImage src="/assets/v3/oidc/pocket-id/create-oidc-client-button.png" alt="Create OIDC Client Button" />
+
+Configure the following settings:
+
+- **Name**: "Palmr File Sharing" (or your preferred name)
+- **Public Client**: "Diasabled"
+- **PKCE**: "Disabled"
+- **Logo**: "Upload a logo image"
+
+<ZoomableImage src="/assets/v3/oidc/pocket-id/create-oidc-client.png" alt="Create OIDC Client" />
+
+### Configuring application URLs
+
+You'll need to configure several URLs in your Pocket ID application settings. Here's what to add for each environment:
+
+### Redirect URIs
+
+| Environment | URL                                                                |
+| ----------- | ------------------------------------------------------------------ |
+| Production  | `https://yourdomain.com/api/auth/providers/pocketid/callback`      |
+| Development | `http://localhost:3000/api/auth/providers/pocketid/callback`       |
+| Custom Port | `https://yourdomain.com:5487/api/auth/providers/pocketid/callback` |
+
+### Post Logout Redirect URIs
+
+| Environment | URL                           |
+| ----------- | ----------------------------- |
+| Production  | `https://yourdomain.com`      |
+| Development | `http://localhost:3000`       |
+| Custom Port | `https://yourdomain.com:5487` |
+
+> **Note:** Replace `yourdomain.com` with your actual domain name in all production and custom port URLs.
+> **Note:** You can add multiple redirect URIs for different environments (development, staging, production).
+
+<ZoomableImage src="/assets/v3/oidc/pocket-id/config-urls.png" alt="Pocket ID Application URLs Configuration" />
+
+### Getting OAuth credentials
+
+After creating your application, you'll receive your OAuth credentials:
+
+<ZoomableImage
+  src="/assets/v3/oidc/pocket-id/credentials.png"
+  alt="Pocket ID OAuth Credentials"
+  legend="The client ID and client secret shown in the image are examples only (fake credentials). You must use your own credentials from Pocket ID."
+/>
+
+Save these credentials securely - you'll need them to configure Palmr:
+
+- Client ID
+- Client Secret
+- Provider URL (your Pocket ID instance URL)
+
+---
+
+## Configuring Palmr
+
+### Accessing OIDC settings
+
+To configure Pocket ID authentication in Palmr:
+
+1. **Login as administrator**: Sign in to Palmr with an admin account
+2. **Access settings**: Click your profile picture in the header and select **Settings**
+3. **Navigate to authentication**: Find and click on the **Authentication Providers** section
+
+<ZoomableImage src="/assets/v3/oidc/auth-providers.png" alt="Palmr Authentication Providers" />
+
+### Enabling Pocket ID provider
+
+1. **Locate Pocket ID**: Find Pocket ID in the list of available providers
+2. **Enable the provider**: Toggle the status to **Enabled**
+
+<ZoomableImage src="/assets/v3/oidc/pocket-id/enabled-pocket-id.png" alt="Palmr Pocket ID Provider Enabled" />
+
+3. **Configure credentials**:
+   - **Provider URL**: Your Pocket ID server URL (e.g., `https://auth.yourdomain.com`)
+   - **Client ID**: Paste the Client ID from your Pocket ID application
+   - **Client Secret**: Paste the Client Secret from your Pocket ID application
+
+<ZoomableImage
+  src="/assets/v3/oidc/pocket-id/edit-pocket-id.png"
+  alt="Edit Pocket ID Provider"
+  legend="This is a fake application, you have to use your own credentials."
+/>
+
+### Advanced configuration options
+
+Configure additional settings to customize the authentication behavior:
+
+**Auto Registration**: Enable to automatically create user accounts when someone authenticates for the first time.
+
+**Sort Order**: Control where the Pocket ID login button appears relative to other authentication providers.
+
+**Icon**: Choose a custom icon for the Pocket ID login button (default is `Key`).
+
+<ZoomableImage src="/assets/v3/oidc/pocket-id/pocket-id-icon.png" alt="Pocket ID Icon" />
+
+---
+
+## Account linking
+
+By default, if a user is already registered in Palmr with their Pocket ID email, they will be automatically linked to their Palmr account.
+
+> **Note:** You can't disable account linking. If you want to unlink a user from their Pocket ID account, you need to delete the user from Palmr.
+
+---
+
+## Technical configuration
+
+Pocket ID's technical configuration is handled automatically through OIDC discovery, but understanding the setup can help with troubleshooting:
+
+```yaml
+Provider Type: OAuth 2.0 with OIDC Discovery
+Issuer URL: https://your-pocket-id.domain.com
+Authorization Endpoint: /authorize
+Token Endpoint: /api/oidc/token
+UserInfo Endpoint: /api/oidc/userinfo
+Scopes: openid profile email
+```
+
+### Field mappings
+
+Palmr automatically maps Pocket ID user information to local user accounts:
+
+- **User ID**: Maps from Pocket ID's `sub` field
+- **Email**: Maps from Pocket ID's `email` field
+- **Name**: Maps from Pocket ID's `name` field, falls back to `preferred_username`
+- **First Name**: Maps from Pocket ID's `given_name` field
+- **Last Name**: Maps from Pocket ID's `family_name` field
+- **Avatar**: Maps from Pocket ID's `picture` field
+
+---
+
+## Testing the configuration
+
+### Verifying the setup
+
+After configuring Pocket ID authentication, test the integration:
+
+1. **Check login page**: Verify the "Sign in with Pocket ID" button appears
+2. **Test authentication flow**: Click the button and complete authentication
+3. **Verify user creation**: Confirm new user account creation (if auto-registration is enabled)
+
+### Login flow verification
+
+The complete authentication process should work as follows:
+
+1. User clicks "Sign in with Pocket ID"
+2. User is redirected to Pocket ID login page
+3. User authenticates with their credentials
+4. Pocket ID redirects back to Palmr
+5. Palmr creates or updates the user account
+6. User gains access to Palmr
+
+---
+
+## Troubleshooting common issues
+
+### Redirect URI mismatch
+
+**Error**: `invalid_redirect_uri`
+
+**Solution**:
+
+1. Verify the exact callback URL in your Pocket ID application
+2. Check for protocol mismatches (http vs https)
+3. Ensure no trailing slashes unless specified
+4. Add development URLs if testing locally
+
+### Authentication failures
+
+**Error**: `access_denied` or `unauthorized_client`
+
+**Solution**:
+
+1. Verify Client ID and Secret are correct
+2. Check if the application is enabled in Pocket ID
+3. Ensure required scopes are configured
+4. Verify the user has necessary permissions
+
+### Discovery endpoint issues
+
+**Error**: Cannot fetch OIDC configuration
+
+**Solution**:
+
+1. Verify your Pocket ID server is accessible
+2. Check if the discovery endpoint (`/.well-known/openid-configuration`) is available
+3. Ensure SSL certificates are valid
+4. Check network connectivity and firewall rules
+
+---
+
+## Security best practices
+
+### Credential management
+
+- **Secure storage**: Keep Client Secret secure and never commit to version control
+- **Regular rotation**: Periodically rotate Client Secret
+- **Environment variables**: Store credentials in environment variables
+- **Access monitoring**: Regular review of authentication logs
+
+### Production considerations
+
+- **HTTPS required**: Always use HTTPS in production
+- **Valid certificates**: Ensure SSL certificates are valid
+- **Regular updates**: Keep Pocket ID server updated
+- **Backup strategy**: Regular backups of Pocket ID configuration
+
+---
+
+## Next steps
+
+After configuring Pocket ID authentication:
+
+- **Monitor usage**: Track authentication patterns
+- **Configure MFA**: Set up multi-factor authentication if needed
+- **User management**: Review auto-registration settings
+- **Backup verification**: Test backup and restore procedures
+
+For more information about OIDC authentication in Palmr, see the [OIDC Authentication overview](/docs/3.1-beta/oidc-authentication).
+
+## Useful resources
+
+- [Pocket ID Documentation](https://docs.pocket-id.org)
+- [OIDC Specification](https://openid.net/specs/openid-connect-core-1_0.html)
+- [Palmr OIDC Overview](/docs/3.1-beta/oidc-authentication)
--- a/apps/docs/content/docs/3.1-beta/oidc-authentication/zitadel.mdx
+++ b/apps/docs/content/docs/3.1-beta/oidc-authentication/zitadel.mdx
@@ -0,0 +1,423 @@
+---
+title: Zitadel
+icon: Shield
+---
+
+import { ZoomableImage } from "@/components/ui/zoomable-image";
+
+Zitadel is one of Palmr's officially supported OIDC providers, offering enterprise-grade authentication through Zitadel's identity platform. This integration allows users to sign in to Palmr using Zitadel's comprehensive authentication system, making it perfect for enterprise organizations, applications requiring advanced security features, and teams that need centralized identity management with both cloud and self-hosted deployment options.
+
+<ZoomableImage src="/assets/v3/oidc/zitadel/sign-in-with-zitadel.png" alt="Sign in with Zitadel" />
+
+## Why use Zitadel authentication?
+
+Zitadel authentication provides several advantages for enterprise and security-focused organizations:
+
+- **Enterprise-grade security** - Advanced security features like MFA, adaptive authentication, and threat detection
+- **Flexible deployment** - Choose between cloud-hosted or self-hosted deployment options
+- **Centralized identity management** - Single platform to manage users across multiple applications
+- **Compliance ready** - Built-in compliance with GDPR, SOC 2, and other enterprise standards
+- **Advanced customization** - Actions, flows, and custom branding capabilities
+
+---
+
+## Prerequisites
+
+Before configuring Zitadel authentication, ensure you have:
+
+- **Zitadel instance** - Either cloud-hosted or self-hosted Zitadel installation
+- **Admin privileges in Palmr** - Required to configure OIDC settings
+- **Domain configuration** - For production deployments with custom domains
+
+> **Note:** Zitadel is pre-configured as an official provider in Palmr, which means the technical configuration is handled automatically. You only need to provide your OAuth credentials.
+
+---
+
+## Setting up Zitadel Application
+
+### Creating a Zitadel application
+
+To get started with Zitadel authentication, you'll need to create an application in your Zitadel Console.
+
+1. **Navigate to Zitadel Console**: Go to your Zitadel instance URL (e.g., `your-instance.zitadel.cloud` for cloud or `your self-hosted URL`)
+
+<ZoomableImage src="/assets/v3/oidc/zitadel/zitadel-console.png" alt="Zitadel Console" />
+
+2. **Create new application**: Click **"Create Application"** button in the home screen.
+3. **Enter application details**:
+
+- Enter a descriptive name like "Palmr File Sharing" for your project, ou select an existing project.
+- Select Framework: Select "`Other (OIDC, SAML, API)`"
+
+<ZoomableImage src="/assets/v3/oidc/zitadel/create-application.png" alt="Zitadel Create Application" />
+
+4. **Create application**: Click **"Create"** to generate your Zitadel application
+
+After creating your application, you'll be redirected to the application configuration page step-by-step. in this page you can configure your application.
+
+### Configuring application settings
+
+5. **Select application type**: in the first step:
+
+- Choose **"Web"** for web-based Palmr instances
+- Add a descriptive name for your application (e.g. "Palmr File Sharing")
+
+<ZoomableImage
+  src="/assets/v3/oidc/zitadel/step-1.png"
+  alt="Zitadel Application Type Selection"
+  legend="This is a fake application, you have to use your own."
+/>
+
+click on **"Continue"** to advance to the next step.
+
+6. **Select application type**: in the second step:
+
+- Choose **"CODE"** for authentication method and click on **"Continue"** to advance to the next step.
+
+<ZoomableImage
+  src="/assets/v3/oidc/zitadel/step-2.png"
+  alt="Zitadel Application Authentication Method Selection"
+  legend="This is a fake application, you have to use your own."
+/>
+
+7. **Configure application URLs**:
+
+You'll need to configure several URLs in your Zitadel application settings. Here's what to add for each environment:
+
+### Redirect URIs
+
+| Environment | URL                                                               |
+| ----------- | ----------------------------------------------------------------- |
+| Production  | `https://yourdomain.com/api/auth/providers/zitadel/callback`      |
+| Development | `http://localhost:3000/api/auth/providers/zitadel/callback`       |
+| Custom Port | `https://yourdomain.com:5487/api/auth/providers/zitadel/callback` |
+
+### Post Logout Redirect URIs
+
+| Environment | URL                           |
+| ----------- | ----------------------------- |
+| Production  | `https://yourdomain.com`      |
+| Development | `http://localhost:3000`       |
+| Custom Port | `https://yourdomain.com:5487` |
+
+> **Note:** Replace `yourdomain.com` with your actual domain name in all production and custom port URLs.
+> **Note:** If you using http:// (not https://) in your redirect URIs, you need to enable `Development mode` switch.
+> **Note:** You can add multiple redirect URIs for different environments (development, staging, production).
+
+<ZoomableImage
+  src="/assets/v3/oidc/zitadel/config-urls.png"
+  alt="Zitadel Application URLs Configuration"
+  legend="This is a fake application, you have to use your own."
+/>
+
+Click on **"Continue"** to advance to the last step. That is just a summary of the configuration you have done.
+
+8. **Save changes**: Click **"Save"** to apply your configuration
+
+<ZoomableImage
+  src="/assets/v3/oidc/zitadel/config-overview.png"
+  alt="Zitadel Application Summary"
+  legend="This is a fake application, you have to use your own."
+/>
+
+You can click on **"Create"** to create your application.
+
+### Getting OAuth credentials
+
+After creating your application, a modal will appear with the credentials that Palmr will use to authenticate with Zitadel.
+
+<ZoomableImage
+  src="/assets/v3/oidc/zitadel/credentials-modal.png"
+  alt="Zitadel OAuth Credentials"
+  legend="The client ID and client secret shown in the image are examples only (fake credentials). You must use your own credentials from Zitadel."
+/>
+
+you can copy the credentials and save them in a safe place for later use.
+
+### Final Zitadel configuration
+
+**Confirm the Zitadel application configuration**:
+
+After closing the modal, you'll be redirected to the Zitadel application page.
+
+<ZoomableImage
+  src="/assets/v3/oidc/zitadel/application-page.png"
+  alt="Zitadel Application Page"
+  legend="This is a fake application, you have to use your own."
+/>
+
+Confirm the application configuration fields:
+
+- **Application Type**: The Application Type has been set to **"Web"**
+- **Response Type**: The Response Type has been set to **"Code"**
+- **Authentication Method**: The Authentication Method has been set to **"Basic"**
+- **Grant Types**: The Grant Types has been set to **"Authorization Code"**
+- **Refresh Token**: The Refresh Token has been set to **"Disabled"**
+
+You can edit the application configuration if you want to change something and click on **"Save"** to save the application configuration.
+
+> **Note:** If you edit your client ID, you need to update the credentials that you saved in the previous step.
+
+Select the **"Token Settings"** section in the side menu, you can configure the token settings for your application.
+
+The default Auth Token Type is **"Bearer"** and you can change it to **"JWT"** and click on **"Save"** to save the token settings.
+
+<ZoomableImage
+  src="/assets/v3/oidc/zitadel/token-settings.png"
+  alt="Zitadel Auth Token Settings"
+  legend="This is a fake application, you have to use your own."
+/>
+
+Click on **Redirect Settings** section in the side menu, you can configure the redirect settings for your application. Just confirm the previous URLs you have configured in the previous step. If you want to add more redirect URLs, you can add them by clicking on **"+"** button. If you need to edit the redirect URLs, you can edit them by clicking on the pen icon.
+
+<ZoomableImage
+  src="/assets/v3/oidc/zitadel/redirect-settings-page.png"
+  alt="Zitadel Redirect Settings"
+  legend="This is a fake application, you have to use your own."
+/>
+
+The last step in Zitadel is grab your instance URL. You can find it clicking on the **"URLs"** in the side menu.
+
+<ZoomableImage
+  src="/assets/v3/oidc/zitadel/urls-page.png"
+  alt="Zitadel Instance URL"
+  legend="This is a fake application, you have to use your own."
+/>
+
+You dont need copy the complete URL, just the domain name and protocol and port if you are using a custom port.
+For example: `https://palmr-zaxijp.us1.zitadel.cloud` (image bellow case) or `https://zitadel.yourdomain.com` or `https://zitadel.yourdomain.com:5487` if you are using a custom port.
+
+> **Note:** In Zitadel we finish the configuration. Let's go to Palmr to configure the provider. Remember you need `Client ID`, `Client Secret` and `Instance URL` to configure the provider in Palmr.
+
+---
+
+## Configuring Palmr
+
+### Accessing OIDC settings
+
+To configure Zitadel authentication in Palmr, you need administrator access to the settings panel.
+
+1. **Login as administrator**: Sign in to Palmr with an admin account
+
+2. **Access settings**: Click your profile picture in the header and select **Settings**
+
+3. **Navigate to authentication**: Find and click on the **Authentication Providers** configuration section
+
+<ZoomableImage src="/assets/v3/oidc/auth-providers.png" alt="Palmr Authentication Providers" />
+
+### Enabling Zitadel provider
+
+Zitadel comes pre-configured as an official provider, so the setup process is streamlined.
+
+1. **Locate Zitadel provider**: Find Zitadel in the list of available providers
+
+2. **Enable the provider**: Toggle the status to **Enabled**
+
+<ZoomableImage src="/assets/v3/oidc/zitadel/enabled-zitadel.png" alt="Palmr Zitadel Provider Enabled" />
+
+After enabling the provider, click on the pen icon to configure the provider.
+
+3. **Configure credentials**:
+   - **Provider URL**: Paste your Zitadel instance URL (e.g., `https://your-instance.zitadel.cloud`)
+   - **Client ID**: Paste the Client ID from Zitadel application
+   - **Client Secret**: Paste the Client Secret from Zitadel application
+   - **Scopes**: Add the scopes you want to use. The default scopes are `openid`, `profile`, and `email`. You don't need change this if you are not sure.
+
+<ZoomableImage
+  src="/assets/v3/oidc/zitadel/edit-zitadel.png"
+  alt="Edit Zitadel Provider"
+  legend="This is a fake application, you have to use your own."
+/>
+
+### Advanced configuration options
+
+Configure additional settings to customize the authentication behavior:
+
+**Auto Registration**: Enable this to automatically create user accounts when someone authenticates for the first time.
+
+**Sort Order**: Control where the Zitadel login button appears relative to other authentication providers.
+
+**Icon**: you can choose the icon you want to use for the Zitadel login button (default is `FaShieldAlt`).
+
+<ZoomableImage src="/assets/v3/oidc/zitadel/zitadel-icon.png" alt="Zitadel Icon" />
+
+> **Enterprise tip:** Zitadel authentication works great for enterprise organizations requiring advanced security features and centralized identity management with deployment flexibility.
+
+---
+
+## Account linking
+
+By default, if a user is already registered in Palmr with their Zitadel email, they will be automatically linked to their Palmr account.
+
+> **Note:** You can't disable account linking. If you want to unlink a user from their Zitadel account, you need to delete the user from Palmr.
+
+---
+
+## Technical configuration
+
+Zitadel's technical configuration is handled automatically, but understanding the setup can help with troubleshooting:
+
+```yaml
+Provider Type: OAuth 2.0 with OIDC Discovery
+Issuer URL: https://your-instance.zitadel.cloud
+Authorization Endpoint: /oauth/v2/authorize
+Token Endpoint: /oauth/v2/token
+UserInfo Endpoint: /oidc/v1/userinfo
+Scopes: openid profile email
+```
+
+### Field mappings
+
+Palmr automatically maps Zitadel user information to local user accounts:
+
+- **User ID**: Maps from Zitadel's `sub` field
+- **Email**: Maps from Zitadel's `email` field
+- **Full Name**: Maps from Zitadel's `name` field
+- **First Name**: Maps from Zitadel's `given_name` field
+- **Last Name**: Maps from Zitadel's `family_name` field
+- **Avatar**: Maps from Zitadel's `picture` field
+- **Username**: Maps from Zitadel's `preferred_username` field
+
+### Zitadel-specific features
+
+- **Custom Claims**: Can include custom user metadata and app metadata
+- **Actions Support**: Can customize authentication flow with custom actions
+- **Multi-factor Authentication**: Supports Zitadel's MFA features
+- **Enterprise SSO**: Integrates with SAML, LDAP, and other enterprise systems
+- **Self-hosted Support**: Full functionality with self-hosted Zitadel instances
+
+---
+
+## Testing the configuration
+
+### Verifying the setup
+
+After configuring Zitadel authentication, test the integration to ensure everything works correctly.
+
+1. **Check login page**: Navigate to your Palmr login page and verify the "Sign in with Zitadel" button appears
+
+2. **Test authentication flow**: Click the Zitadel sign-in button and complete the authentication process
+
+3. **Verify user creation**: Confirm that a new user account is created (if auto-registration is enabled)
+
+### Login flow verification
+
+The complete authentication process should work as follows:
+
+1. **User clicks "Sign in with Zitadel"**: The browser redirects to Zitadel's authorization page
+2. **User authenticates**: User completes authentication through Zitadel (login, MFA, etc.)
+3. **Zitadel redirects back to Palmr**: User returns to Palmr with authentication tokens
+4. **Palmr creates or updates user**: User account is automatically managed with Zitadel information
+5. **User accesses Palmr**: User is logged in with their Zitadel identity
+
+---
+
+## Troubleshooting common issues
+
+### Redirect URI mismatch error
+
+**Error message**: `invalid_redirect_uri`
+
+**Cause**: The redirect URI in your request doesn't match what's configured in Zitadel application.
+
+**Solution**:
+
+1. Check the exact URL in the error message
+2. Add this exact URL to your Zitadel application's redirect URIs
+3. Ensure you include the correct protocol (http/https) and port
+4. Remove any trailing slashes unless they're in the callback URL
+
+### Access denied error
+
+**Error message**: `access_denied`
+
+**Cause**: User denied permissions or the application isn't properly configured.
+
+**Solution**:
+
+1. Verify that your Zitadel application requests the correct scopes
+2. Check that users are granting permissions during the authorization flow
+3. Ensure your application is not restricted or disabled
+4. Verify the application has proper permissions set up
+
+### Invalid client error
+
+**Error message**: `invalid_client`
+
+**Cause**: Incorrect Client ID, Client Secret, or Instance URL.
+
+**Solution**:
+
+1. Double-check that you've copied the credentials correctly from Zitadel
+2. Ensure there are no extra spaces or characters in the credentials
+3. Verify you're using the correct instance URL format
+4. Generate a new Client Secret if necessary
+
+### Instance URL configuration issues
+
+**Error message**: Instance not found or invalid
+
+**Cause**: Incorrect Zitadel instance URL or instance configuration.
+
+**Solution**:
+
+1. Verify your Zitadel instance URL is correct
+2. Check that your Zitadel instance is active and accessible
+3. Ensure you're using the correct protocol (https://)
+4. Verify DNS resolution for your Zitadel instance
+
+### Self-hosted connectivity issues
+
+**Cause**: Network connectivity problems with self-hosted Zitadel instance.
+
+**Solution**:
+
+1. Check server firewall and network connectivity
+2. Verify DNS resolution from your server to the Zitadel instance
+3. Ensure the Zitadel instance is properly configured and running
+4. Check SSL certificate validity for the Zitadel instance
+
+---
+
+## Security best practices
+
+### Credential management
+
+- **Never expose secrets**: Keep your Client Secret secure and never commit it to version control
+- **Rotate credentials regularly**: Generate new Client Secrets periodically for enhanced security
+- **Use environment variables**: Store sensitive configuration in environment variables, not config files
+- **Monitor access logs**: Regularly review authentication logs for suspicious activity
+
+### Scope and permission management
+
+- **Minimal scopes**: Only request `openid`, `profile`, and `email` scopes as required by Palmr
+- **User consent**: Ensure users understand what permissions they're granting
+- **Regular audits**: Review which users have connected their Zitadel accounts
+- **Access reviews**: Periodically check user access and remove inactive accounts
+
+### Production considerations
+
+- **Use HTTPS**: Always use HTTPS in production environments
+- **Configure proper domains**: Use production domains in Zitadel application settings
+- **Test thoroughly**: Verify the complete authentication flow before going live
+- **Plan for failures**: Have fallback authentication methods available
+
+---
+
+## Next steps
+
+With Zitadel authentication configured, you might want to:
+
+- **Configure additional providers**: Set up other OIDC providers for more authentication options
+- **Customize user management**: Fine-tune auto-registration and admin assignment rules
+- **Review security settings**: Ensure your authentication setup meets your security requirements
+- **Monitor usage**: Keep track of authentication patterns and user activity
+
+For more information about OIDC authentication in Palmr, see the [OIDC Authentication overview](/docs/3.1-beta/oidc-authentication).
+
+## Useful resources
+
+- [Zitadel Documentation](https://zitadel.com/docs)
+- [Zitadel OAuth 2.0 Guide](https://zitadel.com/docs/apis/openidoauth)
+- [Zitadel OpenID Connect](https://zitadel.com/docs/apis/openidoauth/oidc)
+- [Zitadel Console](https://cloud.zitadel.com)
--- a/apps/docs/content/docs/3.1-beta/open-an-issue.mdx
+++ b/apps/docs/content/docs/3.1-beta/open-an-issue.mdx
--- a/apps/docs/content/docs/3.1-beta/password-reset-without-smtp.mdx
+++ b/apps/docs/content/docs/3.1-beta/password-reset-without-smtp.mdx
@@ -131,7 +131,6 @@ If you encounter issues while running the script, refer to the following solutio

 - **Error: "Database connection failed"**  
  If the script cannot connect to the database, check the following:
-
  - Ensure the database service is running within the container.
  - Confirm that the `prisma/palmr.db` file exists and has the correct permissions.
  - Verify that the container has access to the database volume.
--- a/apps/docs/content/docs/3.1-beta/quick-start.mdx
+++ b/apps/docs/content/docs/3.1-beta/quick-start.mdx
@@ -36,7 +36,7 @@ Palmr. supports two storage approaches for persistent data:
 - ✅ **Direct Access**: Files stored in local directory you specify
 - ✅ **Transparent Storage**: Direct filesystem access from host
 - ✅ **Custom Backup**: Use existing file system backup solutions
- ⚠️ **Permission Considerations**: May require user/group configuration
+- ⚠️ **Permission Considerations**: **Common Issue** - Requires UID/GID configuration (see troubleshooting below)

 ---

@@ -56,7 +56,9 @@ services:
    environment:
      - ENABLE_S3=false
      - ENCRYPTION_KEY=change-this-key-in-production-min-32-chars # CHANGE THIS KEY FOR SECURITY
+      # - DISABLE_FILESYSTEM_ENCRYPTION=false # Set to true to disable file encryption (ENCRYPTION_KEY becomes optional)
      # - SECURE_SITE=false # Set to true if you are using a reverse proxy
+      # - DEFAULT_LANGUAGE=en-US # Default language for the application (optional, defaults to en-US)
    ports:
      - "5487:5487" # Web interface
      - "3333:3333" # API port (OPTIONAL EXPOSED - ONLY IF YOU WANT TO ACCESS THE API DIRECTLY)
@@ -68,6 +70,16 @@ volumes:
  palmr_data:
 ```

+> **Note:** If you haveing problem with uploading files, try to change the `PALMR_UID` and `PALMR_GID` to the UID and GID of the user running the container. You can find the UID and GID of the user running the container with the command `id -u` and `id -g`. in Linux systems the default user is `1000` and the default group is `1000`. For test you can add the environment variables below to the `docker-compose.yaml` file and restart the container.
+
+```yaml
+environment:
+  - PALMR_UID=1000 # UID for the container processes (default is 1001)
+  - PALMR_GID=1000 # GID for the container processes (default is 1001)
+```
+
+> **Note:** For more information about UID and GID, see our [UID/GID Configuration](/docs/3.1-beta/uid-gid-configuration) guide.
+
 ### Deployment

 ```bash
@@ -92,10 +104,11 @@ services:
    environment:
      - ENABLE_S3=false
      - ENCRYPTION_KEY=change-this-key-in-production-min-32-chars # CHANGE THIS KEY FOR SECURITY
+      - PALMR_UID=1000 # UID for the container processes (default is 1001)
+      - PALMR_GID=1000 # GID for the container processes (default is 1001)
+      # - DISABLE_FILESYSTEM_ENCRYPTION=false # Set to true to disable file encryption (ENCRYPTION_KEY becomes optional)
      # - SECURE_SITE=false # Set to true if you are using a reverse proxy
-      # Optional: Set custom UID/GID for file permissions
-      # - PALMR_UID=1000
-      # - PALMR_GID=1000
+      # - DEFAULT_LANGUAGE=en-US # Default language for the application (optional, defaults to en-US)
    ports:
      - "5487:5487" # Web port
      - "3333:3333" # API port (OPTIONAL EXPOSED - ONLY IF YOU WANT TO ACCESS THE API DIRECTLY)
@@ -111,7 +124,7 @@ services:
 docker-compose up -d
 ```

-> **Permission Configuration**: If you encounter permission issues with bind mounts (common on NAS systems), see our [UID/GID Configuration](/docs/3.0-beta/uid-gid-configuration) guide for automatic permission handling.
+> **Permission Configuration**: If you encounter permission issues with bind mounts (common on NAS systems), see our [UID/GID Configuration](/docs/3.1-beta/uid-gid-configuration) guide for automatic permission handling.

 ---

@@ -119,15 +132,21 @@ docker-compose up -d

 Configure Palmr. behavior through environment variables:

-| Variable         | Default | Description                                             |
-| ---------------- | ------- | ------------------------------------------------------- |
-| `ENABLE_S3`      | `false` | Enable S3-compatible storage                            |
-| `ENCRYPTION_KEY` | -       | **Required**: Minimum 32 characters for file encryption |
-| `SECURE_SITE`    | `false` | Enable secure cookies for HTTPS/reverse proxy setups    |
+| Variable                        | Default | Description                                                                                                       |
+| ------------------------------- | ------- | ----------------------------------------------------------------------------------------------------------------- |
+| `ENABLE_S3`                     | `false` | Enable S3-compatible storage                                                                                      |
+| `ENCRYPTION_KEY`                | -       | **Required** (unless encryption disabled): Minimum 32 characters for file encryption                              |
+| `DISABLE_FILESYSTEM_ENCRYPTION` | `false` | Disable file encryption for direct filesystem access                                                              |
+| `SECURE_SITE`                   | `false` | Enable secure cookies for HTTPS/reverse proxy setups                                                              |
+| `DEFAULT_LANGUAGE`              | `en-US` | Set the default application language (see supported languages in docs [here](/docs/3.1-beta/available-languages)) |
+| `PALMR_UID`                     | `1001`  | Set the UID for the container processes (OPTIONAL - default is 1001)                                              |
+| `PALMR_GID`                     | `1001`  | Set the GID for the container processes (OPTIONAL - default is 1001)                                              |

-> **⚠️ Security Warning**: Always change the `ENCRYPTION_KEY` in production. This key encrypts your files - losing it makes files permanently inaccessible.
+> **⚠️ Security Warning**: Always change the `ENCRYPTION_KEY` in production when encryption is enabled. This key encrypts your files - losing it makes files permanently inaccessible.

-> **🔗 Reverse Proxy**: If deploying behind a reverse proxy (Traefik, Nginx, etc.), set `SECURE_SITE=true` and review our [Reverse Proxy Configuration](/docs/3.0-beta/reverse-proxy-configuration) guide for proper setup.
+> **🔓 File Encryption Control**: The `DISABLE_FILESYSTEM_ENCRYPTION` variable allows you to store files without encryption for direct filesystem access. When set to `true`, the `ENCRYPTION_KEY` becomes optional. **Important**: Once set, this configuration is permanent for your deployment. Switching between encrypted and unencrypted modes will break file access for existing uploads. Choose your strategy before uploading files. For more details on performance implications of encryption, see [Performance Considerations with Encryption](/docs/3.1-beta/architecture#performance-considerations-with-encryption).
+
+> **🔗 Reverse Proxy**: If deploying behind a reverse proxy (Traefik, Nginx, etc.), set `SECURE_SITE=true` and review our [Reverse Proxy Configuration](/docs/3.1-beta/reverse-proxy-configuration) guide for proper setup.

 ### Generate Secure Encryption Keys

@@ -135,6 +154,8 @@ Need a strong key for `ENCRYPTION_KEY`? Use our built-in generator to create cry

 <KeyGenerator />

+> **💡 Pro Tip**: If you're using `DISABLE_FILESYSTEM_ENCRYPTION=true`, you can skip the `ENCRYPTION_KEY` entirely for a simpler setup. However, remember that files will be stored unencrypted on your filesystem.
+
 ---

 ## Accessing Palmr.
@@ -151,7 +172,7 @@ If you exposed port 3333 in your configuration, you can also access:
 - **API Documentation**: `http://localhost:3333/docs` (local) or `http://YOUR_SERVER_IP:3333/docs` (server)
 - **API Endpoints**: Available at `http://localhost:3333` (local) or `http://YOUR_SERVER_IP:3333` (server)

-> **📚 Learn More**: For complete API documentation, authentication, and integration examples, see our [API Reference](/docs/3.0-beta/api) guide.
+> **📚 Learn More**: For complete API documentation, authentication, and integration examples, see our [API Reference](/docs/3.1-beta/api) guide.

 > **💡 Production Tip**: For production deployments, configure HTTPS with a valid SSL certificate for enhanced security.

@@ -168,6 +189,11 @@ docker run -d \
  --name palmr \
  -e ENABLE_S3=false \
  -e ENCRYPTION_KEY=your-secure-key-min-32-chars \
+  # -e PALMR_UID=1000 # UID for the container processes (default is 1001)
+  # -e PALMR_GID=1000 # GID for the container processes (default is 1001)
+  # -e DISABLE_FILESYSTEM_ENCRYPTION=true # Uncomment to disable file encryption (ENCRYPTION_KEY becomes optional)
+  # -e SECURE_SITE=false # Set to true if you are using a reverse proxy
+  # -e DEFAULT_LANGUAGE=en-US # Default language for the application (optional, defaults to en-US)
  -p 5487:5487 \
  -p 3333:3333 \
  -v palmr_data:/app/server \
@@ -175,6 +201,8 @@ docker run -d \
  kyantech/palmr:latest
 ```

+> **Permission Configuration**: If you encounter permission issues with bind mounts (common on NAS systems), see our [UID/GID Configuration](/docs/3.1-beta/uid-gid-configuration) guide for automatic permission handling.
+
 **Bind Mount:**

 ```bash
@@ -182,6 +210,11 @@ docker run -d \
  --name palmr \
  -e ENABLE_S3=false \
  -e ENCRYPTION_KEY=your-secure-key-min-32-chars \
+  -e PALMR_UID=1000 # UID for the container processes (default is 1001)
+  -e PALMR_GID=1000 # GID for the container processes (default is 1001)
+  # -e DISABLE_FILESYSTEM_ENCRYPTION=true # Uncomment to disable file encryption (ENCRYPTION_KEY becomes optional)
+  # -e SECURE_SITE=false # Set to true if you are using a reverse proxy
+  # -e DEFAULT_LANGUAGE=en-US # Default language for the application (optional, defaults to en-US)
  -p 5487:5487 \
  -p 3333:3333 \
  -v $(pwd)/data:/app/server \
@@ -244,14 +277,14 @@ Your Palmr. instance is now ready! Explore additional configuration options:

 ### Advanced Configuration

- **[UID/GID Configuration](/docs/3.0-beta/uid-gid-configuration)** - Configure user permissions for NAS systems and custom environments
- **[S3 Storage](/docs/3.0-beta/s3-configuration)** - Scale with Amazon S3 or compatible storage providers
- **[Manual Installation](/docs/3.0-beta/manual-installation)** - Manual installation and custom configurations
+- **[UID/GID Configuration](/docs/3.1-beta/uid-gid-configuration)** - Configure user permissions for NAS systems and custom environments
+- **[S3 Storage](/docs/3.1-beta/s3-configuration)** - Scale with Amazon S3 or compatible storage providers
+- **[Manual Installation](/docs/3.1-beta/manual-installation)** - Manual installation and custom configurations

 ### Integration & Development

- **[API Reference](/docs/3.0-beta/api)** - Integrate Palmr. with your applications
- **[Architecture Guide](/docs/3.0-beta/architecture)** - Understanding Palmr. components and design
+- **[API Reference](/docs/3.1-beta/api)** - Integrate Palmr. with your applications
+- **[Architecture Guide](/docs/3.1-beta/architecture)** - Understanding Palmr. components and design

 ---

--- a/apps/docs/content/docs/3.1-beta/reverse-proxy-configuration.mdx
+++ b/apps/docs/content/docs/3.1-beta/reverse-proxy-configuration.mdx
@@ -67,7 +67,6 @@ If you experience authentication issues behind a reverse proxy:
 ### Diagnostic Steps

 1. **Check Browser Developer Tools**:
-
   - Look for cookies in Application/Storage tab
   - Verify cookie has `Secure` flag when using HTTPS
   - Check if `SameSite` attribute is appropriate
@@ -131,7 +130,7 @@ environment:
  - ENCRYPTION_KEY=your-key-here
 ```

-> **💡 Note**: Check your host UID/GID with `id` command and use those values. See [UID/GID Configuration](/docs/3.0-beta/uid-gid-configuration) for detailed setup.
+> **💡 Note**: Check your host UID/GID with `id` command and use those values. See [UID/GID Configuration](/docs/3.1-beta/uid-gid-configuration) for detailed setup.

 ---

--- a/apps/docs/content/docs/3.1-beta/s3-providers.mdx
+++ b/apps/docs/content/docs/3.1-beta/s3-providers.mdx
--- a/apps/docs/content/docs/3.1-beta/screenshots.mdx
+++ b/apps/docs/content/docs/3.1-beta/screenshots.mdx
@@ -5,44 +5,33 @@ icon: Image

 import { ZoomableImage } from "@/components/ui/zoomable-image";

-## Screenshots
-
 Here you can find a collection of screenshots showcasing various features and interfaces of the Palmr. web application. These images provide a visual overview of the user experience, highlighting key functionalities such as file sharing, user management, and settings configuration. Explore the screenshots below to get a better understanding of how Palmr works and what to expect from the platform.

 > **Note:** All screenshots shown are taken in dark mode, but Palmr. also offers a light mode theme for users who prefer brighter interfaces.

-### Authentication & Access
+## Authentication & Access

-#### Home page
+### Home page

 The main landing page where users can access the platform and learn about Palmr.'s features.

-<ZoomableImage
-  src="/assets/v3/screenshots/home.png"
-  alt="Home Page - Main landing page of Palmr"
-/>
+<ZoomableImage src="/assets/v3/screenshots/home.png" alt="Home Page - Main landing page of Palmr" />

-#### Login page
+### Login page

 Secure authentication interface where users enter their credentials to access their Palmr account.

-<ZoomableImage
-  src="/assets/v3/screenshots/login.png"
-  alt="Login Page - User authentication interface"
-/>
+<ZoomableImage src="/assets/v3/screenshots/login.png" alt="Login Page - User authentication interface" />

-#### Forgot password
+### Forgot password

 Password recovery interface that allows users to reset their passwords when they can't access their accounts.

-<ZoomableImage
-  src="/assets/v3/screenshots/forgot-password.png"
-  alt="Forgot Password - Password recovery interface"
-/>
+<ZoomableImage src="/assets/v3/screenshots/forgot-password.png" alt="Forgot Password - Password recovery interface" />

-### Main Application Interface
+## Main Application Interface

-#### Dashboard
+### Dashboard

 The central hub after login, providing an overview of recent activity, quick actions, and system status.

@@ -51,9 +40,9 @@ The central hub after login, providing an overview of recent activity, quick act
  alt="Dashboard - Main application hub with overview and quick actions"
 />

-### File Management
+## File Management

-#### Files list view
+### Files list view

 Comprehensive file browser displaying all uploaded files in a detailed list format with metadata, actions, and sorting options.

@@ -62,7 +51,7 @@ Comprehensive file browser displaying all uploaded files in a detailed list form
  alt="Files List View - Detailed file browser with metadata and actions"
 />

-#### Files card view
+### Files card view

 Alternative file browser layout showing files as visual cards, perfect for quick browsing and visual file identification.

@@ -71,7 +60,7 @@ Alternative file browser layout showing files as visual cards, perfect for quick
  alt="Files Card View - Visual card-based file browser layout"
 />

-#### Receive files
+### Receive files

 File upload interface where users can drag and drop or select files to upload to their Palmr storage.

@@ -80,9 +69,9 @@ File upload interface where users can drag and drop or select files to upload to
  alt="Receive Files - File upload interface with drag and drop functionality"
 />

-### Sharing & Collaboration
+## Sharing & Collaboration

-#### Shares page
+### Shares page

 Management interface for all shared files and folders, showing share status, permissions, and access controls.

@@ -91,9 +80,9 @@ Management interface for all shared files and folders, showing share status, per
  alt="Shares Page - Share management with permissions and access controls"
 />

-### User & System Management
+## User & System Management

-#### User management
+### User management

 Administrative interface for managing user accounts, permissions, roles, and system access controls.

@@ -102,7 +91,7 @@ Administrative interface for managing user accounts, permissions, roles, and sys
  alt="User Management - Administrative interface for user accounts and permissions"
 />

-#### Profile settings
+### Profile settings

 Personal account management where users can update their profile information, preferences, and account settings.

@@ -111,7 +100,7 @@ Personal account management where users can update their profile information, pr
  alt="Profile Settings - Personal account management and preferences"
 />

-#### System settings
+### System settings

 Comprehensive system configuration interface for administrators to manage platform settings, integrations, and system behavior.

@@ -120,9 +109,9 @@ Comprehensive system configuration interface for administrators to manage platfo
  alt="System Settings - Administrative configuration interface"
 />

-### Reverse share page themes
+## Reverse share page themes

-#### WeTransfer theme
+### WeTransfer theme

 Special sharing interface with WeTransfer-inspired design, providing a familiar experience for file sharing with custom theming.

@@ -131,7 +120,7 @@ Special sharing interface with WeTransfer-inspired design, providing a familiar
  alt="WeTransfer Theme - WeTransfer-inspired sharing interface with custom theming"
 />

-#### Default reverse theme
+### Default reverse theme

 Alternative dark theme interface showing Palmr's theming capabilities and customization options for different user preferences.

--- a/apps/docs/content/docs/3.1-beta/translation-management.mdx
+++ b/apps/docs/content/docs/3.1-beta/translation-management.mdx
@@ -0,0 +1,438 @@
+---
+title: Translation Management
+icon: Languages
+---
+
+import { Callout } from "fumadocs-ui/components/callout";
+import { Tab, Tabs } from "fumadocs-ui/components/tabs";
+
+Palmr includes a comprehensive translation key management system that automates synchronization and validation of the application's internationalization files.
+
+## Overview
+
+The translation management system consists of Python scripts that help maintain consistency across all supported languages:
+
+- **Synchronization**: Automatically add missing translation keys
+- **Validation**: Check translation status and completeness
+- **Key Management**: Manage translation keys structure and consistency
+- **Reporting**: Generate detailed translation reports
+
+## Quick Start
+
+<Tabs items={['npm/pnpm', 'Python Direct']}>
+  <Tab value="npm/pnpm">
+    ```bash
+    # Complete workflow (recommended)
+    pnpm run translations
+
+    # Check translation status
+    pnpm run translations:check
+
+    # Synchronize missing keys
+    pnpm run translations:sync
+
+    # Test workflow without changes (dry run)
+    pnpm run translations:dry-run
+
+    # Show help
+    pnpm run translations:help
+    ```
+
+  </Tab>
+  <Tab value="Python Direct">
+    ```bash
+    cd apps/web/scripts
+
+    # Complete workflow (recommended)
+    python3 run_translations.py all
+
+    # Individual commands
+    python3 run_translations.py check
+    python3 run_translations.py sync
+    python3 run_translations.py all --dry-run
+    python3 run_translations.py help
+    ```
+
+  </Tab>
+</Tabs>
+
+## Available Scripts
+
+### Main Commands (npm/pnpm)
+
+| Command                         | Description                               |
+| ------------------------------- | ----------------------------------------- |
+| `pnpm run translations`         | Complete workflow: sync + check           |
+| `pnpm run translations:check`   | Check translation status and completeness |
+| `pnpm run translations:sync`    | Synchronize missing keys from en-US.json  |
+| `pnpm run translations:dry-run` | Test workflow without making changes      |
+| `pnpm run translations:help`    | Show detailed help and examples           |
+
+## Workflow
+
+### 1. Adding New Translation Keys
+
+When you add new text to the application:
+
+1. **Add to English**: Update `apps/web/messages/en-US.json` with your new keys
+2. **Sync translations**: Run `pnpm run translations:sync` to add missing keys to all languages
+3. **Manual translation**: Translate strings marked with `[TO_TRANSLATE]` manually
+4. **Test in UI**: Verify translations work correctly in the application interface
+
+<Callout type="important">
+  **Manual translation required**: All strings marked with `[TO_TRANSLATE]` must be manually translated by native
+  speakers or professional translators for accuracy.
+</Callout>
+
+### 2. Checking Translation Status
+
+<Callout>Always run `pnpm run translations:check` before releases to ensure completeness.</Callout>
+
+```bash
+# Generate detailed translation report
+pnpm run translations:check
+```
+
+The report shows:
+
+- **Completeness percentage** for each language
+- **Untranslated strings** marked with `[TO_TRANSLATE]`
+- **Identical strings** that may need localization
+- **Missing keys** compared to English reference
+
+### 3. Manual Translation Process
+
+For all translation strings:
+
+1. **Find untranslated strings**: Look for `[TO_TRANSLATE] Original text` in language files
+2. **Replace with translation**: Remove the prefix and add proper translation
+3. **Validate**: Run `pnpm run translations:check` to verify completeness
+
+## File Structure
+
+```
+apps/web/
+├── messages/           # Translation files
+│   ├── en-US.json     # Reference language (English)
+│   ├── pt-BR.json     # Portuguese (Brazil)
+│   ├── es-ES.json     # Spanish
+│   └── ...            # Other languages
+│
+└── scripts/           # Management scripts
+    ├── run_translations.py     # Main wrapper
+    ├── sync_translations.py    # Synchronization
+    ├── check_translations.py   # Status checking
+    └── clean_translations.py   # Cleanup utilities
+```
+
+## Prerequisites
+
+- **Python 3.6 or higher** - Required for running the translation scripts
+- **No external dependencies** - Scripts use only Python standard libraries
+- **UTF-8 support** - Ensure your terminal supports UTF-8 for proper display of translations
+
+## Script Details
+
+### Main Wrapper (`run_translations.py`)
+
+The main script provides a unified interface for all translation operations:
+
+#### Available Commands
+
+- `check` - Check translation status and generate reports
+- `sync` - Synchronize missing keys from reference language
+- `all` - Run complete workflow (sync + check)
+- `help` - Show detailed help with examples
+
+#### How it Works
+
+1. Validates parameters and working directory
+2. Calls appropriate individual scripts with passed parameters
+3. Provides unified error handling and progress reporting
+4. Supports all parameters from individual scripts
+
+### Synchronization Script (`sync_translations.py`)
+
+Maintains consistency across all language files:
+
+#### Process
+
+1. **Load reference**: Reads `en-US.json` as source of truth
+2. **Scan languages**: Finds all `*.json` files in messages directory
+3. **Compare keys**: Identifies missing keys in each language file
+4. **Add missing keys**: Copies structure from reference with `[TO_TRANSLATE]` prefix
+5. **Save updates**: Maintains JSON formatting and UTF-8 encoding
+
+#### Key Features
+
+- **Recursive key detection**: Handles nested JSON objects
+- **Safe updates**: Preserves existing translations
+- **Consistent formatting**: Maintains proper JSON structure
+- **Progress reporting**: Shows detailed sync results
+
+### Status Check Script (`check_translations.py`)
+
+Provides comprehensive translation analysis:
+
+#### Generated Reports
+
+- **Completion percentage**: How much of each language is translated
+- **Untranslated count**: Strings still marked with `[TO_TRANSLATE]`
+- **Identical strings**: Text identical to English (may need localization)
+- **Missing keys**: Keys present in reference but not in target language
+
+#### Analysis Features
+
+- **Visual indicators**: Icons show completion status (✅ 🟡 🔴)
+- **Detailed breakdowns**: Per-language analysis with specific keys
+- **Quality insights**: Identifies potential translation issues
+- **Export friendly**: Output can be redirected to files for reports
+
+## Advanced Usage
+
+### Custom Parameters
+
+You can pass additional parameters to the underlying Python scripts for more control:
+
+#### Synchronization Parameters (`sync`)
+
+```bash
+# Sync without marking new keys as [TO_TRANSLATE]
+python3 scripts/run_translations.py sync --no-mark-untranslated
+
+# Use a different reference file (default: en-US.json)
+python3 scripts/run_translations.py sync --reference pt-BR.json
+
+# Specify custom messages directory
+python3 scripts/run_translations.py sync --messages-dir /path/to/messages
+
+# Dry run mode - see what would be changed
+python3 scripts/run_translations.py sync --dry-run
+```
+
+#### Check Parameters (`check`)
+
+```bash
+# Use different reference file for comparison
+python3 scripts/run_translations.py check --reference pt-BR.json
+
+# Check translations in custom directory
+python3 scripts/run_translations.py check --messages-dir /path/to/messages
+```
+
+### Parameter Reference
+
+| Parameter                | Commands        | Description                                   |
+| ------------------------ | --------------- | --------------------------------------------- |
+| `--dry-run`              | `sync`, `all`   | Preview changes without modifying files       |
+| `--messages-dir`         | All             | Custom directory containing translation files |
+| `--reference`            | `sync`, `check` | Reference file to use (default: en-US.json)   |
+| `--no-mark-untranslated` | `sync`          | Don't add [TO_TRANSLATE] prefix to new keys   |
+
+### Dry Run Mode
+
+Always test changes first:
+
+```bash
+# Test complete workflow (recommended)
+pnpm run translations:dry-run
+
+# Alternative: Direct Python commands
+python3 scripts/run_translations.py all --dry-run
+python3 scripts/run_translations.py sync --dry-run
+```
+
+### Common Use Cases
+
+#### Scenario 1: Adding Keys Without Marking for Translation
+
+```bash
+# Sync new keys without auto-marking for translation
+python3 scripts/run_translations.py sync --no-mark-untranslated
+
+# Manually mark specific keys that need translation
+# Edit files to add [TO_TRANSLATE] prefix where needed
+```
+
+#### Scenario 2: Custom Project Structure
+
+```bash
+# Work with translations in different directory
+python3 scripts/run_translations.py all --messages-dir ../custom-translations
+```
+
+#### Scenario 3: Quality Assurance
+
+```bash
+# Use different language as reference for comparison
+python3 scripts/run_translations.py check --reference pt-BR.json
+
+# This helps identify inconsistencies when you have high-quality translations
+```
+
+## Translation Keys Format
+
+Translation files use nested JSON structure:
+
+```json
+{
+  "common": {
+    "actions": {
+      "save": "Save",
+      "cancel": "Cancel",
+      "delete": "Delete"
+    },
+    "messages": {
+      "success": "Operation completed successfully",
+      "error": "An error occurred"
+    }
+  },
+  "dashboard": {
+    "title": "Dashboard",
+    "welcome": "Welcome to Palmr"
+  }
+}
+```
+
+## Manual Translation
+
+<Callout type="warning">
+  **Professional translation recommended**: For production applications, consider using professional translation
+  services or native speakers to ensure high-quality, culturally appropriate translations.
+</Callout>
+
+The system marks strings that need translation with the `[TO_TRANSLATE]` prefix:
+
+```json
+{
+  "key": "[TO_TRANSLATE] Original English text"
+}
+```
+
+After manual translation:
+
+```json
+{
+  "key": "Texto original em inglês"
+}
+```
+
+### Translation Review Process
+
+1. **Identify**: Use `pnpm run translations:check` to find untranslated strings
+2. **Translate**: Replace `[TO_TRANSLATE]` strings with proper translations
+3. **Review**: Check each translation for:
+   - **Context accuracy**: Does it make sense in the UI?
+   - **Technical terms**: Are they correctly translated?
+   - **Tone consistency**: Matches the application's voice?
+   - **Cultural appropriateness**: Suitable for target audience?
+4. **Test**: Verify translations in the actual application interface
+5. **Document**: Note any translation decisions for future reference
+
+### Common Review Points
+
+- **Button labels**: Ensure they fit within UI constraints
+- **Error messages**: Must be clear and helpful to users
+- **Navigation items**: Should be intuitive in target language
+- **Technical terms**: Some may be better left in English
+- **Placeholders**: Maintain formatting and variable names
+
+## Development Guidelines
+
+<Callout type="important">
+  **Primary Language**: Always use `en-US.json` as the parent language for development. All new translation keys must be
+  added to English first.
+</Callout>
+
+### Translation Workflow for Development
+
+1. **English First**: Add all new text to `apps/web/messages/en-US.json`
+2. **Sync keys**: Use scripts to generate key structure for other languages
+3. **Manual translation**: All strings must be manually translated for accuracy
+4. **Quality Check**: Run translation validation before merging PRs
+
+### Why English as Parent Language?
+
+- **Consistency**: Ensures all languages have the same keys structure
+- **Reference**: English serves as the source of truth for meaning
+- **Key management**: Scripts use English as source for key synchronization
+- **Documentation**: Most technical documentation is in English
+
+## Best Practices
+
+### For Developers
+
+1. **Always use English as reference**: Add new keys to `en-US.json` first - never add keys directly to other languages
+2. **Use semantic key names**: `dashboard.welcome` instead of `text1`
+3. **Test key sync**: Run `pnpm run translations:dry-run` before committing
+4. **Coordinate with translators**: Ensure translation team is aware of new keys
+5. **Maintain consistency**: Use existing patterns for similar UI elements
+
+### For Translators
+
+1. **Focus on [TO_TRANSLATE] strings**: These need immediate attention
+2. **Check identical strings**: May need localization even if identical to English
+3. **Use proper formatting**: Maintain HTML tags and placeholders
+4. **Test in context**: Verify translations work in the actual UI
+5. **Maintain glossary**: Keep consistent terminology across translations
+
+## Troubleshooting
+
+### Common Issues
+
+**Python not found**: Ensure Python 3.6+ is installed and in PATH
+
+**Permission errors**: Ensure write permissions to message files
+
+**Encoding issues**: Ensure your terminal supports UTF-8
+
+### Getting Help
+
+- Run `pnpm run translations:help` for detailed command examples
+- Review generated translation reports for specific issues
+- Check the official documentation for complete reference
+
+## Output Examples
+
+### Synchronization Output
+
+```
+Loading reference file: en-US.json
+Reference file contains 980 keys
+Processing 14 translation files...
+
+Processing: pt-BR.json
+  🔍 Found 12 missing keys
+  ✅ Updated successfully (980/980 keys)
+
+============================================================
+SUMMARY
+============================================================
+✅ ar-SA.json      - 980/980 keys
+🔄 pt-BR.json      - 980/980 keys (+12 added)
+```
+
+### Translation Status Report
+
+```
+📊 TRANSLATION REPORT
+Reference: en-US.json (980 strings)
+================================================================================
+LANGUAGE        COMPLETENESS STRINGS         UNTRANSLATED    POSSIBLE MATCHES
+--------------------------------------------------------------------------------
+✅ pt-BR         100.0%       980/980         0 (0.0%)        5
+⚠️  fr-FR         100.0%       980/980         12 (2.5%)       3
+🟡 de-DE         95.2%        962/980         0 (0.0%)        8
+================================================================================
+```
+
+## Contributing
+
+When contributing translations:
+
+1. **Follow the workflow**: Use the provided scripts for consistency
+2. **Test thoroughly**: Run complete checks before submitting
+3. **Document changes**: Note any significant translation decisions
+4. **Maintain quality**: Ensure manual translations are accurate and appropriate
+
+The translation management system ensures consistency and makes it easy to maintain high-quality localization across all supported languages.
--- a/apps/docs/content/docs/3.1-beta/troubleshooting.mdx
+++ b/apps/docs/content/docs/3.1-beta/troubleshooting.mdx
@@ -0,0 +1,377 @@
+---
+title: Troubleshooting
+icon: "Bug"
+---
+
+Common issues and solutions for Palmr. deployment and usage.
+
+## 🚨 Permission Denied Errors
+
+**Most common issue**: Permission denied when uploading files or accessing data directories.
+
+### Quick Diagnosis
+
+```bash
+# Check if this is a permission issue
+docker-compose logs palmr | grep -i "permission\|denied\|eacces"
+
+# Common error messages:
+# EACCES: permission denied, open '/app/server/uploads/file.txt'
+# Error: EACCES: permission denied, mkdir '/app/server/temp-chunks'
+```
+
+### The Root Cause
+
+**Palmr. defaults**: UID 1001, GID 1001  
+**Linux standard**: UID 1000, GID 1000
+
+When using bind mounts, your host directories are owned by UID 1000, but Palmr. runs as UID 1001.
+
+### Solution 1: Environment Variables (Recommended)
+
+Set Palmr. to use your host system's UID/GID:
+
+```bash
+# Find your UID/GID
+id
+# Output: uid=1000(user) gid=1000(group) groups=1000(group),27(sudo)
+```
+
+Add to your `docker-compose.yaml`:
+
+```yaml
+services:
+  palmr:
+    environment:
+      - PALMR_UID=1000 # Your UID
+      - PALMR_GID=1000 # Your GID
+    # ... rest of config
+```
+
+Restart the container:
+
+```bash
+docker-compose down && docker-compose up -d
+```
+
+### Solution 2: Change Host Directory Ownership
+
+If you prefer to keep Palmr's defaults:
+
+```bash
+# For single data directory
+chown -R 1001:1001 ./data
+
+# For separate upload/temp directories
+mkdir -p uploads temp-chunks
+chown -R 1001:1001 uploads temp-chunks
+```
+
+### Solution 3: Docker Volume (Avoid the Issue)
+
+Use Docker named volumes instead of bind mounts:
+
+```yaml
+volumes:
+  - palmr_data:/app/server  # Named volume (no permission issues)
+  # Instead of:
+  # - ./data:/app/server    # Bind mount (permission issues)
+
+volumes:
+  palmr_data:
+```
+
+---
+
+## 🐳 Container Issues
+
+### Container Won't Start
+
+**Check logs first:**
+
+```bash
+docker-compose logs palmr
+```
+
+**Common issues:**
+
+1. **Port already in use**
+
+   ```bash
+   # Check what's using port 5487
+   sudo lsof -i :5487
+
+   # Or change port in docker-compose.yaml
+   ports:
+     - "5488:5487"  # Use different host port
+   ```
+
+2. **Invalid encryption key**
+
+   ```bash
+   # Error: Encryption key must be at least 32 characters
+   # Fix: Update ENCRYPTION_KEY in docker-compose.yaml
+   environment:
+     - ENCRYPTION_KEY=your-very-long-secure-key-at-least-32-characters
+   ```
+
+3. **Missing environment variables**
+   ```bash
+   # Check required variables are set
+   docker exec palmr env | grep -E "ENCRYPTION_KEY|DATABASE_URL"
+   ```
+
+### Container Starts But App Doesn't Load
+
+```bash
+# Check if services are running inside container
+docker exec palmr ps aux
+
+# Check if ports are bound correctly
+docker port palmr
+
+# Test API directly
+curl http://localhost:3333/health
+```
+
+---
+
+## 📁 File Upload Issues
+
+### Files Not Uploading
+
+1. **Check disk space:**
+
+   ```bash
+   df -h
+   # Ensure you have enough space in upload directory
+   ```
+
+2. **Check file permissions in container:**
+
+   ```bash
+   docker exec palmr ls -la /app/server/uploads/
+   # Should show ownership by palmr user
+   ```
+
+3. **Check upload limits:**
+   - Default max file size is configurable
+   - Check browser network tab for 413 errors
+
+### Files Upload But Can't Be Downloaded
+
+```bash
+# Check file exists and is readable
+docker exec palmr ls -la /app/server/uploads/
+
+# Check file ownership
+docker exec palmr stat /app/server/uploads/your-file.txt
+```
+
+---
+
+## 🔑 Authentication Issues
+
+### Can't Login to Admin Account
+
+1. **Reset admin password:**
+
+   ```bash
+   # Using the built-in reset script
+   docker exec -it palmr /app/reset-password.sh
+   ```
+
+2. **Check database permissions:**
+   ```bash
+   docker exec palmr ls -la /app/server/prisma/
+   # palmr.db should be writable by palmr user
+   ```
+
+### OIDC Authentication Not Working
+
+See our [OIDC Configuration Guide](/docs/3.0-beta/oidc-authentication) for detailed setup.
+
+---
+
+## 🌐 Network Issues
+
+### Can't Access Web Interface
+
+1. **From localhost:**
+
+   ```bash
+   # Test if container is responding
+   curl http://localhost:5487
+
+   # Check if port is bound
+   docker port palmr 5487
+   ```
+
+2. **From external network:**
+
+   ```bash
+   # Check firewall
+   sudo ufw status
+
+   # Test from external IP
+   curl http://YOUR_SERVER_IP:5487
+   ```
+
+### API Not Accessible
+
+```bash
+# Check if API port is exposed
+docker port palmr 3333
+
+# Test API health
+curl http://localhost:3333/health
+
+# Check API documentation
+curl http://localhost:3333/docs
+```
+
+---
+
+## 💾 Database Issues
+
+### Database Connection Errors
+
+```bash
+# Check database file exists and is writable
+docker exec palmr ls -la /app/server/prisma/palmr.db
+
+# Check database logs
+docker-compose logs palmr | grep -i database
+
+# Verify Prisma schema
+docker exec palmr npx prisma db push --schema=./prisma/schema.prisma
+```
+
+### Database Corruption
+
+```bash
+# Stop container
+docker-compose down
+
+# Backup existing database
+cp ./data/prisma/palmr.db ./data/prisma/palmr.db.backup
+
+# Let Palmr recreate database on startup
+rm ./data/prisma/palmr.db
+
+# Start container (will recreate database)
+docker-compose up -d
+```
+
+---
+
+## 🚀 Performance Issues
+
+### Slow File Uploads
+
+1. **Check available disk space:**
+
+   ```bash
+   df -h
+   ```
+
+2. **Monitor container resources:**
+
+   ```bash
+   docker stats palmr
+   ```
+
+3. **Check temp directory permissions:**
+   ```bash
+   docker exec palmr ls -la /app/server/temp-chunks/
+   ```
+
+### High Memory Usage
+
+```bash
+# Check container memory usage
+docker stats palmr
+
+# Check Node.js memory usage
+docker exec palmr ps aux | grep node
+```
+
+---
+
+## 🔍 Diagnostic Commands
+
+### Complete Health Check
+
+```bash
+#!/bin/bash
+echo "=== Palmr. Health Check ==="
+
+echo "1. Container Status:"
+docker ps | grep palmr
+
+echo "2. Container Logs (last 20 lines):"
+docker-compose logs --tail=20 palmr
+
+echo "3. Port Status:"
+docker port palmr
+
+echo "4. File Permissions:"
+docker exec palmr ls -la /app/server/
+
+echo "5. Environment Variables:"
+docker exec palmr env | grep -E "PALMR_|ENCRYPTION_|DATABASE_"
+
+echo "6. API Health:"
+curl -s http://localhost:3333/health || echo "API not accessible"
+
+echo "7. Web Interface:"
+curl -s -o /dev/null -w "%{http_code}" http://localhost:5487 || echo "Web interface not accessible"
+
+echo "8. Disk Space:"
+df -h
+
+echo "=== End Health Check ==="
+```
+
+### Log Analysis
+
+```bash
+# Check for common errors
+docker-compose logs palmr 2>&1 | grep -E "error|Error|ERROR|failed|Failed|FAILED"
+
+# Check permission issues
+docker-compose logs palmr 2>&1 | grep -E "permission|denied|EACCES"
+
+# Check startup sequence
+docker-compose logs palmr 2>&1 | grep -E "🌴|🔧|🚀|✅"
+```
+
+---
+
+## 📞 Getting Help
+
+If none of these solutions work:
+
+1. **Gather diagnostic information:**
+
+   ```bash
+   # Run the complete health check above
+   # Save the output to a file
+   ```
+
+2. **Check our documentation:**
+
+   - [UID/GID Configuration](/docs/3.0-beta/uid-gid-configuration)
+   - [Quick Start Guide](/docs/3.0-beta/quick-start)
+   - [API Reference](/docs/3.0-beta/api)
+
+3. **Open an issue on GitHub:**
+
+   - Include your `docker-compose.yaml`
+   - Include relevant log output
+   - Describe your system (OS, Docker version, etc.)
+   - [GitHub Issues](https://github.com/kyantech/Palmr/issues)
+
+4. **Check existing issues:**
+   - Search [closed issues](https://github.com/kyantech/Palmr/issues?q=is%3Aissue+is%3Aclosed) for similar problems
+   - Look for recent [discussions](https://github.com/kyantech/Palmr/discussions)
--- a/apps/docs/content/docs/3.1-beta/uid-gid-configuration.mdx
+++ b/apps/docs/content/docs/3.1-beta/uid-gid-configuration.mdx
@@ -0,0 +1,347 @@
+---
+title: UID/GID Configuration
+icon: "Users"
+---
+
+Configure user and group permissions for seamless bind mount compatibility across different host systems, particularly NAS environments.
+
+## Overview
+
+Palmr. supports runtime UID/GID configuration to resolve permission conflicts when using bind mounts. This eliminates the need for manual permission management on your host system.
+
+**⚠️ Important**: Palmr uses **UID 1001, GID 1001** by default, which is different from the standard Linux convention of **UID 1000, GID 1000**. This is the most common cause of permission issues with bind mounts.
+
+## The Permission Problem
+
+### Why This Happens
+
+- **Palmr Default**: UID 1001, GID 1001 (container)
+- **Linux Standard**: UID 1000, GID 1000 (most host systems)
+- **Result**: Container can't write to host directories
+
+### Common Error Scenarios
+
+```bash
+# When you see errors like:
+EACCES: permission denied, open '/app/server/uploads/file.txt'
+```
+
+```bash
+# Or when checking permissions:
+$ ls -la uploads/
+drwxr-xr-x 2 user user 4096 Jan 15 10:00 uploads/
+# Container tries to write as UID 1001, but directory is owned by UID 1000
+```
+
+## Quick Fix
+
+### Option 1: Set Palmr to Use Standard UID/GID (Recommended)
+
+Add these environment variables to your `docker-compose.yaml`:
+
+```yaml
+services:
+  palmr:
+    image: kyantech/palmr:latest
+    container_name: palmr
+    environment:
+      - ENABLE_S3=false
+      - ENCRYPTION_KEY=your-secure-key-min-32-chars
+      - PALMR_UID=1000
+      - PALMR_GID=1000
+    ports:
+      - "5487:5487"
+    volumes:
+      - ./uploads:/app/server/uploads:rw
+      - ./temp-chunks:/app/server/temp-chunks:rw
+    restart: unless-stopped
+```
+
+### Option 2: Change Host Directory Permissions
+
+If you prefer to keep Palmr's defaults:
+
+```bash
+# Create directories with correct ownership
+mkdir -p uploads temp-chunks
+chown -R 1001:1001 uploads temp-chunks
+```
+
+## Environment Variables
+
+Configure permissions using these optional environment variables:
+
+| Variable    | Description                      | Default | Example |
+| ----------- | -------------------------------- | ------- | ------- |
+| `PALMR_UID` | User ID for container processes  | `1001`  | `1000`  |
+| `PALMR_GID` | Group ID for container processes | `1001`  | `1000`  |
+
+---
+
+## Finding Your Host UID/GID
+
+Determine your host system's user and group IDs:
+
+```bash
+# Check current user
+id
+
+# Output example
+uid=1000(user) gid=1000(group) groups=1000(group),27(sudo)
+```
+
+Use the `uid` and `gid` values for your `PALMR_UID` and `PALMR_GID` configuration.
+
+---
+
+## Configuration Examples
+
+### Standard Linux System (Most Common)
+
+```yaml
+services:
+  palmr:
+    image: kyantech/palmr:latest
+    container_name: palmr
+    environment:
+      - ENABLE_S3=false
+      - ENCRYPTION_KEY=your-secure-key-min-32-chars
+      - PALMR_UID=1000
+      - PALMR_GID=1000
+    ports:
+      - "5487:5487"
+    volumes:
+      - ./data:/app/server
+    restart: unless-stopped
+```
+
+### Synology NAS
+
+```yaml
+services:
+  palmr:
+    image: kyantech/palmr:latest
+    container_name: palmr
+    environment:
+      - ENABLE_S3=false
+      - ENCRYPTION_KEY=your-secure-key-min-32-chars
+      - PALMR_UID=1026
+      - PALMR_GID=100
+    ports:
+      - "5487:5487"
+    volumes:
+      - /volume1/docker/palmr:/app/server
+    restart: unless-stopped
+```
+
+### QNAP NAS
+
+```yaml
+services:
+  palmr:
+    image: kyantech/palmr:latest
+    container_name: palmr
+    environment:
+      - ENABLE_S3=false
+      - ENCRYPTION_KEY=your-secure-key-min-32-chars
+      - PALMR_UID=1000
+      - PALMR_GID=100
+    ports:
+      - "5487:5487"
+    volumes:
+      - /share/Container/palmr:/app/server
+    restart: unless-stopped
+```
+
+---
+
+## Troubleshooting
+
+### Common Permission Errors
+
+**Error**: `EACCES: permission denied`
+
+```bash
+# 1. Check your current UID/GID
+id
+
+# 2. Check directory ownership
+ls -la uploads/ temp-chunks/
+
+# 3. Fix via environment variables (preferred)
+# Add to docker-compose.yaml:
+# - PALMR_UID=1000
+# - PALMR_GID=1000
+
+# 4. Or fix via chown (alternative)
+chown -R 1001:1001 uploads temp-chunks
+```
+
+**Error**: Container starts but files aren't accessible
+
+```bash
+# Check container's UID/GID configuration
+docker-compose logs palmr | grep -E "🔧|Runtime UID/GID"
+
+# Check file ownership inside container
+docker exec palmr ls -la /app/server/
+```
+
+### Verification Commands
+
+Verify UID/GID settings are applied correctly:
+
+```bash
+# View startup logs for UID/GID configuration
+docker-compose logs palmr | head -20
+
+# Check file ownership in container
+docker exec palmr ls -la /app/server/
+
+# Verify process is running with correct UID/GID
+docker exec palmr ps aux | grep node
+
+# Check environment variables
+docker exec palmr env | grep PALMR
+```
+
+### Advanced Troubleshooting
+
+**NAS-specific debugging:**
+
+```bash
+# Synology - Check mount point ownership
+ls -la /volume1/docker/palmr/
+
+# QNAP - Check mount point ownership
+ls -la /share/Container/palmr/
+
+# Check NAS user configuration
+cat /etc/passwd | grep -v nobody
+```
+
+**Docker bind mount issues:**
+
+```bash
+# Check if directories exist and are writable
+test -w uploads && echo "uploads writable" || echo "uploads NOT writable"
+test -w temp-chunks && echo "temp-chunks writable" || echo "temp-chunks NOT writable"
+
+# Create directories with correct permissions
+mkdir -p uploads temp-chunks
+sudo chown -R $(id -u):$(id -g) uploads temp-chunks
+```
+
+---
+
+## When to Configure
+
+UID/GID configuration is **required** when:
+
+- ✅ Using bind mounts (most common case)
+- ✅ Encountering "permission denied" errors
+- ✅ Deploying on NAS systems (Synology, QNAP, etc.)
+- ✅ Host system uses different default UID/GID values
+- ✅ Running multiple containers that need to share files
+
+UID/GID configuration is **optional** when:
+
+- ❌ Using Docker named volumes (Docker manages permissions)
+- ❌ Not using bind mounts
+- ❌ No permission errors occurring
+
+---
+
+## Migration Guide
+
+### Existing Installations
+
+To add UID/GID configuration to running installations:
+
+1. **Stop the container**
+
+   ```bash
+   docker-compose down
+   ```
+
+2. **Backup your data**
+
+   ```bash
+   cp -r ./data ./data-backup
+   # or
+   cp -r ./uploads ./uploads-backup
+   cp -r ./temp-chunks ./temp-chunks-backup
+   ```
+
+3. **Check your UID/GID**
+
+   ```bash
+   id
+   ```
+
+4. **Update configuration**
+   Add UID/GID variables to your `docker-compose.yaml`:
+
+   ```yaml
+   environment:
+     - PALMR_UID=1000
+     - PALMR_GID=1000
+   ```
+
+5. **Restart with new configuration**
+   ```bash
+   docker-compose up -d
+   ```
+
+---
+
+## Implementation Details
+
+The UID/GID configuration process:
+
+1. **Detection** - Environment variables are read during container startup
+2. **Ownership Update** - File permissions are adjusted to match target UID/GID
+3. **Privilege Drop** - Application runs with specified user permissions via `su-exec`
+4. **Logging** - Configuration changes are logged for verification
+
+This approach provides automatic permission management without user creation or system modification.
+
+---
+
+## Build-Time Configuration
+
+For custom base images with different default values:
+
+```bash
+docker build \
+  --build-arg PALMR_UID=2000 \
+  --build-arg PALMR_GID=2000 \
+  -t palmr:custom .
+```
+
+Runtime environment variables override build-time defaults.
+
+---
+
+## Benefits
+
+- **Zero Configuration** - Works automatically when environment variables are set
+- **Universal Compatibility** - Supports any valid UID/GID combination
+- **NAS Optimized** - Tested with major NAS platforms
+- **Backward Compatible** - Existing deployments continue without modification
+- **Performance Optimized** - Lightweight implementation using `su-exec`
+
+## Summary
+
+For most users experiencing permission issues with bind mounts:
+
+1. **Find your UID/GID**: Run `id` command
+2. **Add to docker-compose.yaml**:
+   ```yaml
+   environment:
+     - PALMR_UID=1000
+     - PALMR_GID=1000
+   ```
+3. **Restart**: `docker-compose down && docker-compose up -d`
+
+This resolves the mismatch between Palmr's default UID 1001 and the standard Linux UID 1000.
--- a/apps/docs/content/docs/meta.json
+++ b/apps/docs/content/docs/meta.json
@@ -1,7 +1,3 @@
 {
-	"pages": [
-		"3.0-beta",
-		"2.0.0-beta",
-		"1.1.7-beta"
-	]
+  "pages": ["3.1-beta", "2.0.0-beta"]
 }
--- a/apps/docs/eslint.config.mjs
+++ b/apps/docs/eslint.config.mjs
@@ -0,0 +1,67 @@
+/* eslint-disable import/no-anonymous-default-export */
+import path from "node:path";
+import { fileURLToPath } from "node:url";
+import { FlatCompat } from "@eslint/eslintrc";
+import js from "@eslint/js";
+import typescriptEslintEslintPlugin from "@typescript-eslint/eslint-plugin";
+import tsParser from "@typescript-eslint/parser";
+import prettier from "eslint-plugin-prettier";
+
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = path.dirname(__filename);
+const compat = new FlatCompat({
+  baseDirectory: __dirname,
+  recommendedConfig: js.configs.recommended,
+  allConfig: js.configs.all,
+});
+
+export default [
+  ...compat.extends("next", "next/core-web-vitals", "prettier"),
+  {
+    plugins: {
+      prettier,
+    },
+    rules: {
+      "prettier/prettier": "error",
+      camelcase: "off",
+      "import/prefer-default-export": "off",
+      "react/jsx-filename-extension": "off",
+      "react/jsx-props-no-spreading": "off",
+      "react/no-unused-prop-types": "off",
+      "react/require-default-props": "off",
+      "react/no-unescaped-entities": "off",
+      "@next/next/no-img-element": "off",
+      "import/extensions": [
+        "error",
+        "ignorePackages",
+        {
+          ts: "never",
+          tsx: "never",
+          js: "never",
+          jsx: "never",
+        },
+      ],
+    },
+  },
+  {
+    files: ["**/*.+(ts|tsx)"],
+    plugins: {
+      "@typescript-eslint": typescriptEslintEslintPlugin,
+    },
+    languageOptions: {
+      parser: tsParser,
+    },
+    rules: {
+      "@typescript-eslint/explicit-function-return-type": "off",
+      "@typescript-eslint/explicit-module-boundary-types": "off",
+      "no-use-before-define": [0],
+      "@typescript-eslint/no-use-before-define": [1],
+      "@typescript-eslint/no-explicit-any": "off",
+      "@typescript-eslint/no-var-requires": "off",
+    },
+  },
+  // Ignore ESLint errors in @/ui directory
+  {
+    ignores: ["src/components/ui/**/*", "src/components/magicui/**/*"],
+  },
+];
--- a/apps/docs/next.config.mjs
+++ b/apps/docs/next.config.mjs
@@ -1,4 +1,4 @@
-import { createMDX } from 'fumadocs-mdx/next';
+import { createMDX } from "fumadocs-mdx/next";

 const withMDX = createMDX();

@@ -15,15 +15,15 @@ const config = {
    qualities: [100],
    remotePatterns: [
      {
-        protocol: 'https',
-        hostname: '**'
+        protocol: "https",
+        hostname: "**",
      },
      {
-        protocol: 'http',
-        hostname: '**'
-      }
-    ]
-  }
+        protocol: "http",
+        hostname: "**",
+      },
+    ],
+  },
 };

 export default withMDX(config);
--- a/apps/docs/package.json
+++ b/apps/docs/package.json
@@ -1,6 +1,6 @@
 {
  "name": "palmr-docs",
-  "version": "v3.0-beta",
+  "version": "3.1.5-beta",
  "description": "Docs for Palmr",
  "private": true,
  "author": "Daniel Luiz Alves <daniel@kyantech.com.br>",
@@ -17,33 +17,48 @@
  "packageManager": "pnpm@10.6.0",
  "scripts": {
    "build": "next build",
-    "dev": "next dev --turbo",
+    "dev": "next dev -p 3001",
    "start": "next start",
-    "postinstall": "fumadocs-mdx"
+    "postinstall": "fumadocs-mdx",
+    "lint": "eslint \"src/**/*.+(ts|tsx)\"",
+    "lint:fix": "eslint \"src/**/*.+(ts|tsx)\" --fix",
+    "format": "prettier . --write",
+    "format:check": "prettier . --check",
+    "type-check": "npx tsc --noEmit",
+    "validate": "pnpm lint && pnpm type-check"
  },
  "dependencies": {
    "class-variance-authority": "^0.7.1",
    "clsx": "^2.1.1",
    "fumadocs-core": "15.2.7",
-    "fumadocs-mdx": "11.6.0",
+    "fumadocs-mdx": "11.6.10",
    "fumadocs-ui": "15.2.7",
-    "lucide-react": "^0.488.0",
-    "motion": "^12.9.1",
-    "next": "15.3.0",
+    "lucide-react": "^0.525.0",
+    "motion": "^12.23.0",
+    "next": "15.3.4",
    "react": "^19.1.0",
    "react-dom": "^19.1.0",
    "tailwind-merge": "^3.2.0"
  },
  "devDependencies": {
-    "@tailwindcss/postcss": "^4.1.3",
+    "@eslint/eslintrc": "3.3.1",
+    "@eslint/js": "9.30.0",
+    "@ianvs/prettier-plugin-sort-imports": "4.4.2",
+    "@tailwindcss/postcss": "^4.1.11",
    "@types/mdx": "^2.0.13",
    "@types/node": "22.14.0",
-    "@types/react": "^19.1.0",
-    "@types/react-dom": "^19.1.2",
-    "eslint": "^8",
-    "eslint-config-next": "15.3.0",
-    "postcss": "^8.5.3",
-    "tailwindcss": "^4.1.3",
+    "@types/react": "^19.1.8",
+    "@types/react-dom": "^19.1.6",
+    "@typescript-eslint/eslint-plugin": "8.35.1",
+    "@typescript-eslint/parser": "8.35.1",
+    "eslint": "9.30.0",
+    "eslint-config-next": "15.3.4",
+    "eslint-config-prettier": "9.1.0",
+    "eslint-plugin-prettier": "5.5.1",
+    "postcss": "^8.5.6",
+    "prettier": "3.6.2",
+    "prettier-plugin-sort-json": "4.1.1",
+    "tailwindcss": "^4.1.11",
    "tw-animate-css": "^1.2.8",
    "typescript": "^5.8.3"
  }
--- a/apps/docs/pnpm-lock.yaml
+++ b/apps/docs/pnpm-lock.yaml
--- a/apps/docs/postcss.config.mjs
+++ b/apps/docs/postcss.config.mjs
@@ -1,5 +1,5 @@
 export default {
  plugins: {
-    '@tailwindcss/postcss': {},
+    "@tailwindcss/postcss": {},
  },
 };
--- a/apps/docs/public/assets/v3/oidc/all-providers.png
+++ b/apps/docs/public/assets/v3/oidc/all-providers.png
--- a/apps/docs/public/assets/v3/oidc/auth-providers.png
+++ b/apps/docs/public/assets/v3/oidc/auth-providers.png
--- a/apps/docs/public/assets/v3/oidc/auth0/application-settings.png
+++ b/apps/docs/public/assets/v3/oidc/auth0/application-settings.png
--- a/apps/docs/public/assets/v3/oidc/auth0/application-type.png
+++ b/apps/docs/public/assets/v3/oidc/auth0/application-type.png
--- a/apps/docs/public/assets/v3/oidc/auth0/auth0-dashboard.png
+++ b/apps/docs/public/assets/v3/oidc/auth0/auth0-dashboard.png
--- a/apps/docs/public/assets/v3/oidc/auth0/auth0-icon.png
+++ b/apps/docs/public/assets/v3/oidc/auth0/auth0-icon.png
--- a/apps/docs/public/assets/v3/oidc/auth0/config-urls.png
+++ b/apps/docs/public/assets/v3/oidc/auth0/config-urls.png
--- a/apps/docs/public/assets/v3/oidc/auth0/create-application.png
+++ b/apps/docs/public/assets/v3/oidc/auth0/create-application.png
--- a/apps/docs/public/assets/v3/oidc/auth0/edit-auth0.png
+++ b/apps/docs/public/assets/v3/oidc/auth0/edit-auth0.png
--- a/apps/docs/public/assets/v3/oidc/auth0/enabled-auth0.png
+++ b/apps/docs/public/assets/v3/oidc/auth0/enabled-auth0.png
--- a/apps/docs/public/assets/v3/oidc/auth0/oauth-credentials.png
+++ b/apps/docs/public/assets/v3/oidc/auth0/oauth-credentials.png
--- a/apps/docs/public/assets/v3/oidc/auth0/sign-in-with-auth0.png
+++ b/apps/docs/public/assets/v3/oidc/auth0/sign-in-with-auth0.png
--- a/apps/docs/public/assets/v3/oidc/authentik/application-modal.png
+++ b/apps/docs/public/assets/v3/oidc/authentik/application-modal.png
--- a/apps/docs/public/assets/v3/oidc/authentik/applications-page.png
+++ b/apps/docs/public/assets/v3/oidc/authentik/applications-page.png
--- a/apps/docs/public/assets/v3/oidc/authentik/authentik-admin.png
+++ b/apps/docs/public/assets/v3/oidc/authentik/authentik-admin.png
--- a/apps/docs/public/assets/v3/oidc/authentik/authentik-icon.png
+++ b/apps/docs/public/assets/v3/oidc/authentik/authentik-icon.png
--- a/apps/docs/public/assets/v3/oidc/authentik/create-provider.png
+++ b/apps/docs/public/assets/v3/oidc/authentik/create-provider.png
--- a/apps/docs/public/assets/v3/oidc/authentik/edit-authentik.png
+++ b/apps/docs/public/assets/v3/oidc/authentik/edit-authentik.png
--- a/Show More
+++ b/Show More