temporalio · lennessyy · May 29, 2026 · May 26, 2026 · May 28, 2026 · May 28, 2026
@@ -178,23 +178,23 @@ Use [Nexus](/nexus) where possible instead of sharing Temporal primitives across
 
 ## Production Safeguards
 
-### Use an Authorizer (open source only) {#authorizer}
+### Use an Authorizer (open source only) {/* #authorizer */}
 
 Use a custom [Authorizer](/self-hosted-guide/security#authorizer-plugin) on your Frontend Service to set restrictions on who can create, update, or deprecate Namespaces.
 
 If an Authorizer is not set, Temporal uses the `nopAuthority` authorizer that unconditionally allows all API calls.
 
 On Temporal Cloud, [role-based access controls](/cloud/manage-access/roles-and-permissions#namespace-level-permissions) provide namespace-level authorization without custom configuration.
 
-### Enable deletion protection (Temporal Cloud only) {#deletion-protection}
+### Enable deletion protection (Temporal Cloud only) {/* #deletion-protection */}
 
 [Enable deletion protection](/cloud/namespaces#delete-protection) for production Namespaces to prevent accidental deletion.
 
-### Enable High Availability (Temporal Cloud only) {#high-availability}
+### Enable High Availability (Temporal Cloud only) {/* #high-availability */}
 
 For business-critical use cases with strict uptime requirements, enable [High Availability features](/cloud/high-availability) for a [99.99% contractual SLA](/cloud/high-availability#high-availability-features).
 
-### Use Infrastructure as Code (Temporal Cloud only) {#terraform}
+### Use Infrastructure as Code (Temporal Cloud only) {/* #terraform */}
 
 Use the [Temporal Cloud Terraform provider](/cloud/terraform-provider) to manage Namespaces.
 If Terraform isn't suitable, scripting against the [Cloud Ops API](/ops) or [tcld](/cloud/tcld) is a good alternative.
@@ -209,7 +209,7 @@ This is separate from [Temporal Cloud deletion protection](/cloud/namespaces#del
 
 **Reference**: [Example Terraform configuration](https://github.com/kawofong/temporal-terraform)
 
-## Tagging (Temporal Cloud only) {#tagging}
+## Tagging (Temporal Cloud only) {/* #tagging */}
 
 [Tags](/cloud/namespaces#tag-a-namespace) are key-value metadata pairs that help organize, track, and manage Namespaces.
 

@@ -253,7 +253,7 @@ is provided - it will stay paused.
 
 Either `--activity-id` (with `--workflow-id`) or `--query` must be specified.
 
-### Resetting activities that heartbeat {#reset-heartbeats}
+### Resetting activities that heartbeat {/* #reset-heartbeats */}
 
 Activities that heartbeat will receive a [Canceled failure](/references/failures#cancelled-failure)
 the next time they heartbeat after a reset.

@@ -31,7 +31,7 @@ commands. For details, see [CLI release notes](https://github.com/temporalio/cli
 
 :::
 
-## Install the Temporal CLI {#install}
+## Install the Temporal CLI {/* #install */}
 
 The Temporal CLI is available on macOS, Windows, and Linux, or as a Docker image.
 
@@ -107,7 +107,7 @@ docker run --rm -p 7233:7233 -p 8233:8233 temporalio/temporal server start-dev -
 
 :::
 
-## Start a Temporal development server {#start-dev-server}
+## Start a Temporal development server {/* #start-dev-server */}
 
 To start a Temporal development server, run the following command:
 
@@ -142,7 +142,7 @@ For the full list of development server options, use the `--help` flag:
 temporal server start-dev --help
 ```
 
-## Enable auto-completion {#enable-auto-completion}
+## Enable auto-completion {/* #enable-auto-completion */}
 
 Enable auto-completion using the following commands.
 
@@ -286,7 +286,7 @@ Do not confuse environment variables, set with your shell, with temporal env opt
 
 :::
 
-## Create and modify configuration files {#configuration-files}
+## Create and modify configuration files {/* #configuration-files */}
 
 The Temporal CLI lets you create and modify TOML configuration files to store your environment variables and other
 settings. Refer to [Environment Configuration](../develop/environment-configuration#cli-integration) for more
@@ -324,7 +324,7 @@ specific addresses or domains you wish to exclude from proxying.
 For more information, see [Proxy](https://github.com/grpc/grpc-go/blob/master/Documentation/proxy.md) in the gRPC
 documentation.
 
-## Common CLI operations {#common-operations}
+## Common CLI operations {/* #common-operations */}
 
 The following are some of the more common operations you can perform with the Temporal CLI.
 

@@ -21,7 +21,7 @@ tags:
   - AWS
 ---
 
-## Configure Audit Logs using AWS Kinesis {#configure-audit-log}
+## Configure Audit Logs using AWS Kinesis {/* #configure-audit-log */}
 
 To set up Audit Logs, you must have an Amazon Web Services (AWS) account and set up Kinesis Data Streams.
 
@@ -64,7 +64,7 @@ If you chose the **Manual** access method, continue with the following steps:
 To ensure that Audit Logs can flow into the Kinesis stream, you can use the **Verify** button to confirm it is set up correctly. This validates that Temporal can successfully write to your stream.
 If everything is configured correctly, you will see a `Success` status indicating Temporal has written to the kinesis stream.
 
-## Consume an Audit Log {#consume-an-audit-log}
+## Consume an Audit Log {/* #consume-an-audit-log */}
 
 **How to consume an Audit Log**
 

@@ -33,7 +33,7 @@ Instead, explore the [Export](/cloud/export) feature, which does let you send cl
 
 :::
 
-## Which events are supported by Audit Logs? {#supported-events}
+## Which events are supported by Audit Logs? {/* #supported-events */}
 
 - Account
   - `ChangeAccountPlanType`: Change Account Plan Type
@@ -156,14 +156,14 @@ Temporal provides the caller IP address in that format to allow customers to ide
 ]
 ```
 
-## How to configure an Audit Log Integration {#configure-audit-logs}
+## How to configure an Audit Log Integration {/* #configure-audit-logs */}
 
 Audit Logs can be configured in AWS Kinesis or GCP Pub/Sub.
 
 - [AWS Kinesis Instructions](/cloud/audit-logs-aws)
 - [GCP Pub/Sub Instructions](/cloud/audit-logs-gcp)
 
-## How to troubleshoot Audit Log sink {#troubleshoot-audit-logs}
+## How to troubleshoot Audit Log sink {/* #troubleshoot-audit-logs */}
 
 The Audit Logs page of the Temporal Cloud UI provides the current status of an Audit Log Integration.
 
@@ -179,7 +179,7 @@ To retrieve logs up to the past 30 days, you will need to file a request.
 If you experience an issue with an Audit Log sink, we can provide the missing audit information.
 Open a support ticket to request assistance.
 
-## How to delete an Audit Log sink {#delete-an-audit-log-sink}
+## How to delete an Audit Log sink {/* #delete-an-audit-log-sink */}
 
 To delete an Audit Log sink, follow these steps:
 
@@ -191,15 +191,15 @@ To delete an Audit Log sink, follow these steps:
 After you confirm the deletion, the Audit Log Sink is removed from your account and logs stop flowing to your stream.
 
 
-## View an Audit Log {#view-an-audit-log}
+## View an Audit Log {/* #view-an-audit-log */}
 
 An Audit Log can be viewed in the Temporal Cloud UI.
 1. In the Temporal Cloud UI, select **Settings**.
 1. On the **Settings** page, select **Audit Logs**.
 
 Up to 1000 events can be downloaded from the Audit Log UI to a local file.
 
-## Access an Audit Log via API {#audit-log-api}
+## Access an Audit Log via API {/* #audit-log-api */}
 
 An Audit Log can be accessed using the [Temporal Cloud Ops API](/ops). Use the API to access
 an Audit Log if you wish to make dashboards for viewing an Audit Log outside of Temporal Cloud.

@@ -23,15 +23,15 @@ tags:
 
 import { CaptionedImage } from '@site/src/components';
 
-## Usage {#usage}
+## Usage {/* #usage */}
 
 Actions usage is tracked across an account in the [usage dashboard](https://cloud.temporal.io/usage) and is visible to
 Account Owners, Finance Admin and Global Admin. For individual Namespaces, usage can be seen in the
 [Namespace summary](https://cloud.temporal.io/namespaces/) for a specific Namespace.
 
 ![Temporal Cloud Usage dashboard](/img/cloud/billing/usage-dashboard.png)
 
-## Actions in Workflows {#actions-in-workflows}
+## Actions in Workflows {/* #actions-in-workflows */}
 
 When viewing a Event history, events that represent a Billable Action are annotated with the number consumed by the
 event in the **Billable Actions** Column. These Actions are summarized at the top of the workflow.

@@ -23,7 +23,7 @@ tags:
 
 
 
-## Current balance {#current-balance}
+## Current balance {/* #current-balance */}
 
 Your current balance card shows the balance for your current billing cycle and the date it was last updated.
 This balance adjusts with use and appears on the first line of your Invoices table.
@@ -35,7 +35,7 @@ The minimum plan fee for your first month is prorated based on your sign-up date
 
 :::
 
-## Recent bill {#recent-bill}
+## Recent bill {/* #recent-bill */}
 
 The "Recent Bill" card displays the previous bill amount.
 
@@ -46,7 +46,7 @@ The "Recent Bill" card displays the previous bill amount.
 - If your account is set up for auto-payment, you don’t need to manually pay bills.
   However, you can choose to make manual payments whenever you wish
 
-## Invoices {#invoice}
+## Invoices {/* #invoice */}
 
 To review your invoices, follow these steps:
 
@@ -74,7 +74,7 @@ During the current billing period, your invoice will not be finalized and the do
 
 :::
 
-## Credits {#credit-table}
+## Credits {/* #credit-table */}
 
 The following information appears under the credits table:
 
@@ -85,7 +85,7 @@ The following information appears under the credits table:
 
 ![Billing page showing Credits tab](/img/cloud/billing/billing-credits.png)
 
-## Cost by Namespace {#cost-by-namespace}
+## Cost by Namespace {/* #cost-by-namespace */}
 
 :::tip Temporal Cloud Billing API in Public Preview
 
@@ -108,7 +108,7 @@ reflects your effective price, factoring in included Actions/Storage and tiered
 
 :::
 
-## Plans {#plans}
+## Plans {/* #plans */}
 
 Account Owners and Finance Admins can access their Temporal Plan information on the plans page.
 For customers on a standard agreement you will be able to:

@@ -97,7 +97,7 @@ Actions that are external to the core Temporal service do not contribute to your
 * Capacity Related Actions
 :::
 
-## On-Demand Capacity {#on-demand-capacity}
+## On-Demand Capacity {/* #on-demand-capacity */}
 
 Using On-Demand Capacity, your rate limit grows automatically along with your usage. 
 
@@ -131,7 +131,7 @@ This means that your default limit would be 800 APS.
 
 ![Usage graph showing increasing APS usage for one month, with occasional spikes, and a rising APS limit](/img/cloud/provisioned-capacity/usage_graph.png)
 
-## Provisioned Capacity {#provisioned-capacity}
+## Provisioned Capacity {/* #provisioned-capacity */}
 
 Provisioned Capacity provides an alternative to On-Demand Capacity by allowing you to control the limits on your Namespace based on your specific need.
 

@@ -192,7 +192,7 @@ For Namespaces with [High Availability features](/cloud/high-availability), you
 
 The complete guidance — including single-cloud (AWS-only) HA, multi-cloud HA (AWS PrivateLink + GCP Private Service Connect), and a recommended failover-testing plan — lives on a single page: [Connectivity for High Availability](/cloud/high-availability/ha-connectivity).
 
-## Direct VPCE targeting without per-Namespace DNS {#direct-vpce}
+## Direct VPCE targeting without per-Namespace DNS {/* #direct-vpce */}
 
 For single-region Namespaces, you can avoid creating DNS records for each Namespace by pointing Workers directly at the VPC Endpoint and overriding the TLS Server Name Indicator (SNI):
 

@@ -29,7 +29,7 @@ Exports run hourly, beginning 10 minutes after the hour.
 Allow up to 24 hours for a closed Workflow to appear in the exported file.
 Delivery is guaranteed at least once.
 
-## What's in the exported data {#exported-data}
+## What's in the exported data {/* #exported-data */}
 
 Each exported file contains one or more complete Workflow Execution histories serialized as protocol buffers using the [`WorkflowExecutions`](https://github.com/temporalio/api/blob/master/temporal/api/export/v1/message.proto) proto.
 
@@ -126,14 +126,14 @@ This example shows a Workflow that started, ran one Activity, and completed:
 The outer `items` array can contain multiple Workflow Executions per file.
 Only the key fields are shown above. Actual events include additional fields like `version`, `taskId`, and `workerVersion`.
 
-## Prerequisites {#prerequisites}
+## Prerequisites {/* #prerequisites */}
 
 To use Workflow History Export, you must have:
 
 1. A cloud account in the cloud provider where your Namespace is hosted.
 2. An object storage bucket available to receive the exported History.
 
-## Configure Workflow History Export {#configure}
+## Configure Workflow History Export {/* #configure */}
 
 ### AWS
 
@@ -143,14 +143,14 @@ To use Workflow History Export, you must have:
 
 [GCP GCS Export Configuration](/cloud/export/gcp-export-gcs)
 
-## Verify export setup {#verify}
+## Verify export setup {/* #verify */}
 
 From the Export configuration page, select **Verify**.
 This validates that Temporal can successfully write a test file to your object storage.
 
 If everything is configured correctly, you will see a `Success` status indicating Temporal has written to the object store.
 
-## Monitor export progress {#monitor}
+## Monitor export progress {/* #monitor */}
 
 After Export has been configured, you can check that it's still working in several ways:
 
@@ -194,7 +194,7 @@ It can be useful to convert protos to another format to perform analytics on the
 * Each row in the table represents a single history event from a Workflow. To preserve their relationship post-conversion, the `workflowID` and `runID` is included in every row.
 * If you have enabled the codec server, the payload field is encrypted. This field may contain characters that are not recognized when loaded into a database so the payload field is excluded in this example.
 
-## Export and High Availability Namespaces {#export-ha}
+## Export and High Availability Namespaces {/* #export-ha */}
 
 ### Export Region Persistence
 

@@ -22,7 +22,7 @@ tags:
 
 import * as Components from '@site/src/components';
 
-## Prerequisites {#prerequisites}
+## Prerequisites {/* #prerequisites */}
 
 Before configuring the Export sink, complete the following steps in Google Cloud.
 

@@ -34,7 +34,7 @@ Temporal Cloud API keys offer industry-standard identity-based authentication fo
 - [Troubleshoot your API key use](#troubleshooting)
 - [API keys: Frequently Asked Questions](#faqs)
 
-## API key overview {#overview}
+## API key overview {/* #overview */}
 
 Each Temporal Cloud API key is a unique identity linked to role-based access control (RBAC) settings to ensure secure
 and appropriate access.
@@ -46,7 +46,7 @@ The authentication process follows this pathway:
   title="API key (authentication) → Identity (user or Service Account) → RBAC (authorization)"
 />
 
-## API key best practices {#best-practices}
+## API key best practices {/* #best-practices */}
 
 - **Keep it secret; keep it safe**: Treat your API key like a password. Do not expose it in client-side code, public
   repositories, or other easily accessible locations.
@@ -100,7 +100,7 @@ Check these setup details before using API keys:
 - Have access to the [Temporal Cloud UI](https://cloud.temporal.io/) or Temporal Cloud CLI
   ([tcld](https://docs.temporal.io/cloud/tcld/)) to create an API key.
 
-## Global Administrator and Account Owner API key management {#manage-api-keys}
+## Global Administrator and Account Owner API key management {/* #manage-api-keys */}
 
 Global Administrators and Account Owners can monitor, manage, disable, and delete API keys for any user or Service
 Account within their account. To manage your account’s API keys:
@@ -124,7 +124,7 @@ is created and configured.
 
 :::
 
-## User API key management {#user-api-keys}
+## User API key management {/* #user-api-keys */}
 
 Manage your personal API keys with the Temporal Cloud UI or `tcld`. These sections show you how to generate, manage, and
 remove API keys for a user.
@@ -229,7 +229,7 @@ Temporal API keys automatically expire based on the specified expiration time. F
 For a broader machine-identity rotation strategy across API keys and Service Accounts, see
 [Managing Temporal Cloud access control](/best-practices/cloud-access-control).
 
-## Manage API keys for Service Accounts {#serviceaccount-api-keys}
+## Manage API keys for Service Accounts {/* #serviceaccount-api-keys */}
 
 Global Administrators and Account Owners can manage and generate API keys for _all_ Service Accounts in their account.
 Namespace Admins can manage and generate API keys for the Namespace-scoped Service Accounts they administer.
@@ -344,7 +344,7 @@ Workflow access secure.
 
 :::
 
-## API keys for Namespace authentication {#namespace-authentication}
+## API keys for Namespace authentication {/* #namespace-authentication */}
 
 Create a Namespace with API key authentication as an alternative to mTLS-based authentication by selecting "Allow API
 key authentication" during setup.
@@ -355,7 +355,7 @@ directs traffic to the active region, so Workers and Clients don't need to chang
 
 See [accessing Namespaces](/cloud/namespaces#access-namespaces) for more information on endpoint options.
 
-## Use API keys to authenticate {#using-apikeys}
+## Use API keys to authenticate {/* #using-apikeys */}
 
 Authenticate with Temporal Cloud using API keys with the following clients:
 
@@ -432,11 +432,11 @@ see
 To use an API key with the [Temporal Terraform Provider](/cloud/terraform-provider), pass the API
 key as a provider argument.
 
-## Troubleshoot your API key use {#troubleshooting}
+## Troubleshoot your API key use {/* #troubleshooting */}
 
 **Invalid API key errors**: Check that you copied the key correctly and that it hasn't been revoked or expired.
 
-## API keys: Frequently Asked Questions {#faqs}
+## API keys: Frequently Asked Questions {/* #faqs */}
 
 **Q: Can I issue and use multiple API keys for the same account?**