chore(release): v3.0.0-beta.68 [skip ci]

Doesn't look like those hacky esm-cjs imports are needed anymore.

These major pino releases only drop Node.js version support for versions
which payload doesn't support anyways.

CONTRIBUTING.md

@@ -63,7 +63,7 @@ Each test directory is split up in this way specifically to reduce friction when
 
 The following command will start Payload with your config: `pnpm dev my-test-dir`. Example: `pnpm dev fields` for the test/`fields` test suite. This command will start up Payload using your config and refresh a test database on every restart. If you're using VS Code, the most common run configs are automatically added to your editor - you should be able to find them in your VS Code launch tab.
 
-By default, payload will [automatically log you in](https://payloadcms.com/docs/authentication/config#admin-autologin) with the default credentials. To disable that, you can either pass in the --no-auto-login flag (example: `pnpm dev my-test-dir --no-auto-login`) or set the `PAYLOAD_PUBLIC_DISABLE_AUTO_LOGIN` environment variable to `false`.
+By default, payload will [automatically log you in](https://payloadcms.com/docs/authentication/overview#admin-autologin) with the default credentials. To disable that, you can either pass in the --no-auto-login flag (example: `pnpm dev my-test-dir --no-auto-login`) or set the `PAYLOAD_PUBLIC_DISABLE_AUTO_LOGIN` environment variable to `false`.
 
 The default credentials are `dev@payloadcms.com` as E-Mail and `test` as password. These are used in the auto-login.
 
@@ -120,5 +120,5 @@ This is how you can preview changes you made locally to the docs:
 2. Run `yarn install`
 3. Duplicate the `.env.example` file and rename it to `.env`
 4. Add a `DOCS_DIR` environment variable to the `.env` file which points to the absolute path of your modified docs folder. For example `DOCS_DIR=/Users/yourname/Documents/GitHub/payload/docs`
-5. Run `yarn run fetchDocs:local`. If this was successful, you should see no error messages and the following output: *Docs successfully written to /.../website/src/app/docs.json*. There could be error messages if you have incorrect markdown in your local docs folder. In this case, it will tell you how you can fix it
+5. Run `yarn run fetchDocs:local`. If this was successful, you should see no error messages and the following output: _Docs successfully written to /.../website/src/app/docs.json_. There could be error messages if you have incorrect markdown in your local docs folder. In this case, it will tell you how you can fix it
 6. You're done! Now you can start the website locally using `yarn run dev` and preview the docs under [http://localhost:3000/docs/](http://localhost:3000/docs/)

docs/access-control/collections.mdx

@@ -6,96 +6,140 @@ desc: With Collection-level Access Control you can define which users can create
 keywords: collections, access control, permissions, documentation, Content Management System, cms, headless, javascript, node, react, nextjs
 ---
 
-You can define Collection-level Access Control within each Collection's `access` property. All Access Control functions accept one `args` argument.
+Collection Access Control is [Access Control](../access-control) used to restrict access to Documents within a [Collection](../collections/overview), as well as what they can and cannot see within the [Admin Panel](../admin/overview) as it relates to that Collection.
 
-## Available Controls
-
-| Function                | Allows/Denies Access                         |
-| ----------------------- | -------------------------------------------- |
-| **[`create`](#create)** | Used in the `create` operation               |
-| **[`read`](#read)**     | Used in the `find` and `findByID` operations |
-| **[`update`](#update)** | Used in the `update` operation               |
-| **[`delete`](#delete)** | Used in the `delete` operation               |
-
-#### Auth-enabled Controls
-
-If a Collection supports [`Authentication`](/docs/authentication/overview), the following Access Controls become available:
-
-| Function                | Allows/Denies Access                                           |
-| ----------------------- | -------------------------------------------------------------- |
-| **[`admin`](#admin)**   | Used to restrict access to the [Admin Panel](../admin/overview)             |
-| **[`unlock`](#unlock)** | Used to restrict which users can access the `unlock` operation |
-
-**Example Collection config:**
+To add Access Control to a Collection, use the `access` property in your [Collection Config](../configuration/collections):
 
 ```ts
 import type { CollectionConfig } from 'payload';
 
-export const Posts: CollectionConfig = {
-  slug: "posts",
+export const CollectionWithAccessControl: CollectionConfig = {
+  // ...
+  access: { // highlight-line
+    // ...
+  },
+}
+```
+
+## Config Options
+
+Access Control is specific to the operation of the request.
+
+To add Access Control to a Collection, use the `access` property in your [Collection Config](../configuration/collections):
+
+```ts
+import type { CollectionConfig } from 'payload';
+
+export const CollectionWithAccessControl: CollectionConfig = {
+  // ...
   // highlight-start
   access: {
-    create: ({ req: { user } }) => { ... },
-    read: ({ req: { user } }) => { ... },
-    update: ({ req: { user } }) => { ... },
-    delete: ({ req: { user } }) => { ... },
-    admin: ({ req: { user } }) => { ... },
+    create: () => {...},
+    read: () => {...},
+    update: () => {...},
+    delete: () => {...},
+
+    // Auth-enabled Collections only
+    admin: () => {...},
+    unlock: () => {...},
+
+    // Version-enabled Collections only
+    readVersions: () => {...},
   },
   // highlight-end
-};
+}
 ```
 
+The following options are available:
+
+| Function                | Allows/Denies Access                         |
+| ----------------------- | -------------------------------------------- |
+| **`create`** | Used in the `create` operation. [More details](#create). |
+| **`read`**     | Used in the `find` and `findByID` operations. [More details](#read). |
+| **`update`** | Used in the `update` operation. [More details](#update). |
+| **`delete`** | Used in the `delete` operation. [More details](#delete). |
+
+If a Collection supports [`Authentication`](../authentication/overview), the following additional options are available:
+
+| Function                | Allows/Denies Access                                           |
+| ----------------------- | -------------------------------------------------------------- |
+| **`admin`**   | Used to restrict access to the [Admin Panel](../admin/overview). [More details](#admin). |
+| **`unlock`** | Used to restrict which users can access the `unlock` operation. [More details](#unlock). |
+
+If a Collection supports [Versions](../versions/overview), the following additional options are available:
+
+| Function           | Allows/Denies Access                                                                                                   |
+| ------------------ | ---------------------------------------------------------------------------------------------------------------------- |
+| **`readVersions`** | Used to control who can read versions, and who can't. Will automatically restrict the Admin UI version viewing access. [More details](#read-versions). |
+
 ### Create
 
 Returns a boolean which allows/denies access to the `create` request.
 
-**Available argument properties:**
-
-| Option     | Description                                                                                                                  |
-| ---------- | ---------------------------------------------------------------------------------------------------------------------------- |
-| **`req`**  | The [Request](https://developer.mozilla.org/en-US/docs/Web/API/Request) object containing the currently authenticated `user` |
-| **`data`** | The data passed to create the document with.                                                                                 |
-
-**Example:**
+To add create Access Control to a Collection, use the `create` property in the [Collection Config](../collections/overview):
 
 ```ts
-const PublicUsers = {
-  slug: 'public-users',
+import { CollectionConfig } from 'payload'
+
+export const CollectionWithCreateAccess: CollectionConfig = {
+  // ...
   access: {
     // highlight-start
-    // allow guest users to self-registration
-    create: () => true,
+    create: ({ req: { user }, data }) => {
+      return Boolean(user)
+    },
     // highlight-end
-    ...
   },
-  fields: [ ... ],
 }
 ```
 
+The following arguments are provided to the `create` function:
+
+| Option     | Description                                                                                                                  |
+| ---------- | ---------------------------------------------------------------------------------------------------------------------------- |
+| **`req`**  | The [Request](https://developer.mozilla.org/en-US/docs/Web/API/Request) object containing the currently authenticated `user`. |
+| **`data`** | The data passed to create the document with.                                                                                 |
+
 ### Read
 
-Read access functions can return a boolean result or optionally return a [query constraint](/docs/queries/overview) which limits the documents that are returned to only those that match the constraint you provide. This can be helpful to restrict users' access to only certain documents however you specify.
+Returns a boolean which allows/denies access to the `read` request.
 
-**Available argument properties:**
+To add read Access Control to a Collection, use the `read` property in the [Collection Config](../collections/overview):
 
-| Option    | Description                                                                |
-| --------- | -------------------------------------------------------------------------- |
-| **`req`** | The [Request](https://developer.mozilla.org/en-US/docs/Web/API/Request) object containing the currently authenticated `user` |
-| **`id`**  | `id` of document requested, if within `findByID`                           |
+```ts
+import type { CollectionConfig } from 'payload'
 
-**Example:**
+export const CollectionWithReadAccess: CollectionConfig = {
+  // ...
+  access: {
+    // highlight-start
+    read: ({ req: { user } }) => {
+      return Boolean(user)
+    },
+    // highlight-end
+  },
+}
+```
+
+<Banner type="success">
+  <strong>Tip:</strong>
+  Return a [Query](../queries/overview) to limit the Documents to only those that match the constraint. This can be helpful to restrict users' access to specific Documents. [More details](../queries/overview).
+</Banner>
+
+As your application becomes more complex, you may want to define your function in a separate file and import them into your Collection Config:
 
 ```ts
 import type { Access } from 'payload'
 
-const canReadPage: Access = ({ req: { user } }) => {
-  // allow authenticated users
+export const canReadPage: Access = ({ req: { user } }) => {
+  // Allow authenticated users
   if (user) {
     return true
   }
-  // using a query constraint, guest users can access when a field named 'isPublic' is set to true
+
+  // By returning a Query, guest users can read public Documents
+  // Note: this assumes you have a `isPublic` checkbox field on your Collection
   return {
-    // assumes we have a checkbox field named 'isPublic'
     isPublic: {
       equals: true,
     },
@@ -103,55 +147,96 @@ const canReadPage: Access = ({ req: { user } }) => {
 }
 ```
 
+The following arguments are provided to the `read` function:
+
+| Option    | Description                                                                |
+| --------- | -------------------------------------------------------------------------- |
+| **`req`** | The [Request](https://developer.mozilla.org/en-US/docs/Web/API/Request) object containing the currently authenticated `user`. |
+| **`id`**  | `id` of document requested, if within `findByID`.                           |
+
 ### Update
 
-Update access functions can return a boolean result or optionally return a [query constraint](/docs/queries/overview) to limit the document(s) that can be updated by the currently authenticated user. For example, returning a `query` from the `update` Access Control is helpful in cases where you would like to restrict a user to only being able to update the documents containing a `createdBy` relationship field equal to the user's ID.
+Returns a boolean which allows/denies access to the `update` request.
 
-**Available argument properties:**
+To add update Access Control to a Collection, use the `update` property in the [Collection Config](../collections/overview):
 
-| Option     | Description                                                                |
-| ---------- | -------------------------------------------------------------------------- |
-| **`req`**  | The [Request](https://developer.mozilla.org/en-US/docs/Web/API/Request) object containing the currently authenticated `user` |
-| **`id`**   | `id` of document requested to update                                       |
-| **`data`** | The data passed to update the document with                                |
+```ts
+import type { CollectionConfig } from 'payload'
 
-**Example:**
+export const CollectionWithUpdateAccess: CollectionConfig = {
+  // ...
+  access: {
+    // highlight-start
+    update: ({ req: { user }}) => {
+      return Boolean(user)
+    },
+    // highlight-end
+  },
+}
+```
+
+<Banner type="success">
+  <strong>Tip:</strong>
+  Return a [Query](../queries/overview) to limit the Documents to only those that match the constraint. This can be helpful to restrict users' access to specific Documents. [More details](../queries/overview).
+</Banner>
+
+As your application becomes more complex, you may want to define your function in a separate file and import them into your Collection Config:
 
 ```ts
 import type { Access } from 'payload'
 
-const canUpdateUser: Access = ({ req: { user }, id }) => {
-  // allow users with a role of 'admin'
+export const canUpdateUser: Access = ({ req: { user }, id }) => {
+  // Allow users with a role of 'admin'
   if (user.roles && user.roles.some((role) => role === 'admin')) {
     return true
   }
+
   // allow any other users to update only oneself
   return user.id === id
 }
 ```
 
+The following arguments are provided to the `update` function:
+
+| Option     | Description                                                                |
+| ---------- | -------------------------------------------------------------------------- |
+| **`req`**  | The [Request](https://developer.mozilla.org/en-US/docs/Web/API/Request) object containing the currently authenticated `user`. |
+| **`id`**   | `id` of document requested to update.                                       |
+| **`data`** | The data passed to update the document with.                                |
+
 ### Delete
 
 Similarly to the Update function, returns a boolean or a [query constraint](/docs/queries/overview) to limit which documents can be deleted by which users.
 
-**Available argument properties:**
+To add delete Access Control to a Collection, use the `delete` property in the [Collection Config](../collections/overview):
 
-| Option    | Description                                                                                         |
-| --------- | --------------------------------------------------------------------------------------------------- |
-| **`req`** | The [Request](https://developer.mozilla.org/en-US/docs/Web/API/Request) object with additional `user` property, which is the currently logged in user |
-| **`id`**  | `id` of document requested to delete                                                                |
+```ts
+import type { CollectionConfig } from 'payload'
 
-**Example:**
+export const CollectionWithDeleteAccess: CollectionConfig = {
+  // ...
+  access: {
+    // highlight-start
+    delete: ({ req: { user }}) => {
+      return Boolean(user)
+    },
+    // highlight-end
+  },
+}
+```
+
+As your application becomes more complex, you may want to define your function in a separate file and import them into your Collection Config:
 
 ```ts
 import type { Access } from 'payload'
 
-const canDeleteCustomer: Access = async ({ req, id }) => {
+export const canDeleteCustomer: Access = async ({ req, id }) => {
   if (!id) {
-    // allow the admin UI to show controls to delete since it is indeterminate without the id
+    // allow the admin UI to show controls to delete since it is indeterminate without the `id`
     return true
   }
-  // query another collection using the id
+
+  // Query another Collection using the `id`
   const result = await req.payload.find({
     collection: 'contracts',
     limit: 0,
@@ -165,22 +250,90 @@ const canDeleteCustomer: Access = async ({ req, id }) => {
 }
 ```
 
+The following arguments are provided to the `delete` function:
+
+| Option    | Description                                                                                         |
+| --------- | --------------------------------------------------------------------------------------------------- |
+| **`req`** | The [Request](https://developer.mozilla.org/en-US/docs/Web/API/Request) object with additional `user` property, which is the currently logged in user. |
+| **`id`**  | `id` of document requested to delete.
+
 ### Admin
 
 If the Collection is use to access the [Admin Panel](../admin/overview#the-admin-user-collection), the `Admin` Access Control function determines whether or not the currently logged in user can access the admin UI.
 
-**Available argument properties:**
+To add Admin Access Control to a Collection, use the `admin` property in the [Collection Config](../collections/overview):
+
+```ts
+import type { CollectionConfig } from 'payload'
+
+export const CollectionWithAdminAccess: CollectionConfig = {
+  // ...
+  access: {
+    // highlight-start
+    admin: ({ req: { user }}) => {
+      return Boolean(user)
+    },
+    // highlight-end
+  },
+}
+```
+
+The following arguments are provided to the `admin` function:
 
 | Option    | Description                                                                |
 | --------- | -------------------------------------------------------------------------- |
-| **`req`** | The [Request](https://developer.mozilla.org/en-US/docs/Web/API/Request) object containing the currently authenticated `user` |
+| **`req`** | The [Request](https://developer.mozilla.org/en-US/docs/Web/API/Request) object containing the currently authenticated `user`. |
 
 ### Unlock
 
-Determines which users can [unlock](/docs/authentication/operations#unlock) other users who may be blocked from authenticating successfully due to [failing too many login attempts](/docs/authentication/config#options).
+Determines which users can [unlock](/docs/authentication/operations#unlock) other users who may be blocked from authenticating successfully due to [failing too many login attempts](/docs/authentication/overview#options).
 
-**Available argument properties:**
+To add Unlock Access Control to a Collection, use the `unlock` property in the [Collection Config](../collections/overview):
+
+```ts
+import type { CollectionConfig } from 'payload'
+
+export const CollectionWithUnlockAccess: CollectionConfig = {
+  // ...
+  access: {
+    // highlight-start
+    unlock: ({ req: { user }}) => {
+      return Boolean(user)
+    },
+    // highlight-end
+  },
+}
+```
+
+The following arguments are provided to the `unlock` function:
 
 | Option    | Description                                                                |
 | --------- | -------------------------------------------------------------------------- |
-| **`req`** | The [Request](https://developer.mozilla.org/en-US/docs/Web/API/Request) object containing the currently authenticated `user` |
+| **`req`** | The [Request](https://developer.mozilla.org/en-US/docs/Web/API/Request) object containing the currently authenticated `user`. |
+
+### Read Versions
+
+If the Collection has [Versions](../versions/overview) enabled, the `readVersions` Access Control function determines whether or not the currently logged in user can access the version history of a Document.
+
+To add Read Versions Access Control to a Collection, use the `readVersions` property in the [Collection Config](../collections/overview):
+
+```ts
+import type { CollectionConfig } from 'payload'
+
+export const CollectionWithVersionsAccess: CollectionConfig = {
+  // ...
+  access: {
+    // highlight-start
+    readVersions: ({ req: { user }}) => {
+      return Boolean(user)
+    },
+    // highlight-end
+  },
+}
+```
+
+The following arguments are provided to the `readVersions` function:
+
+| Option    | Description                                                                |
+| --------- | -------------------------------------------------------------------------- |
+| **`req`** | The [Request](https://developer.mozilla.org/en-US/docs/Web/API/Request) object containing the currently authenticated `user`. |

docs/access-control/fields.mdx

@@ -6,17 +6,31 @@ desc: Field-level Access Control is specified within a field's config, and allow
 keywords: fields, access control, permissions, documentation, Content Management System, cms, headless, javascript, node, react, nextjs
 ---
 
-Field Access Control is specified with functions inside a field's config. All field-level Controls return a boolean value to allow or deny access for the specified operation. No field-level Access Controls support returning query constraints. All Access Control functions accept one `args` argument.
+Field Access Control is [Access Control](../access-control) used to restrict access to specific [Fields](../fields/overview) within a Document.
 
-## Available Controls
+To add Access Control to a Field, use the `access` property in your [Field Config](../fields/overview):
 
-| Function                | Purpose                                                                          |
-| ----------------------- | -------------------------------------------------------------------------------- |
-| **[`create`](#create)** | Allows or denies the ability to set a field's value when creating a new document |
-| **[`read`](#read)**     | Allows or denies the ability to read a field's value                             |
-| **[`update`](#update)** | Allows or denies the ability to update a field's value                           |
+```ts
+import type { Field } from 'payload';
 
-**Example Collection config:**
+export const FieldWithAccessControl: Field = {
+  // ...
+  access: { // highlight-line
+    // ...
+  },
+}
+```
+
+<Banner type="warning">
+  <strong>Note:</strong>
+  Field Access Controls does not support returning [Query](../queries/overview) constraints like [Collection Access Control](./collections) does.
+</Banner>
+
+## Config Options
+
+Access Control is specific to the operation of the request.
+
+To add Access Control to a Field, use the `access` property in the [Field Config](../fields/overview):
 
 ```ts
 import { CollectionConfig } from 'payload';
@@ -39,6 +53,14 @@ export const Posts: CollectionConfig = {
 };
 ```
 
+The following options are available:
+
+| Function                | Purpose                                                                          |
+| ----------------------- | -------------------------------------------------------------------------------- |
+| **`create`** | Allows or denies the ability to set a field's value when creating a new document. [More details](#create). |
+| **`read`**     | Allows or denies the ability to read a field's value. [More details](#read).       |
+| **`update`** | Allows or denies the ability to update a field's value [More details](#update).    |
+
 ### Create
 
 Returns a boolean which allows or denies the ability to set a field's value when creating a new document. If `false` is returned, any passed values will be discarded.

docs/access-control/globals.mdx

@@ -6,30 +6,39 @@ desc: Global-level Access Control is specified within each Global's `access` pro
 keywords: globals, access control, permissions, documentation, Content Management System, cms, headless, javascript, node, react, nextjs
 ---
 
-You can define Global-level Access Control within each Global's `access` property. All Access Control functions accept one `args` argument.
+Global Access Control is [Access Control](../access-control) used to restrict access to [Global](../globals/overview) Documents, as well as what they can and cannot see within the [Admin Panel](../admin/overview) as it relates to that Global.
 
-## Available Controls
+To add Access Control to a Global, use the `access` property in your [Global Config](../configuration/globals):
 
-| Function                | Allows/Denies Access                   |
-| ----------------------- | -------------------------------------- |
-| **[`read`](#read)**     | Used in the `findOne` Global operation |
-| **[`update`](#update)** | Used in the `update` Global operation  |
+```ts
+import type { GlobalConfig } from 'payload';
 
-**Example Global config:**
+export const GlobalWithAccessControl: GlobalConfig = {
+  // ...
+  access: { // highlight-line
+    // ...
+  },
+}
+```
+
+## Config Options
+
+Access Control is specific to the operation of the request.
+
+To add Access Control to a [Global](../configuration/globals), use the `access` property in the [Global Config](../globals/overview):
 
 ```ts
 import { GlobalConfig } from 'payload'
 
-const Header: GlobalConfig = {
-  slug: 'header',
+const GlobalWithAccessControl: GlobalConfig = {
+  // ...
   // highlight-start
   access: {
-    read: ({ req: { user } }) => {
-      /* */
-    },
-    update: ({ req: { user } }) => {
-      /* */
-    },
+    read: ({ req: { user } }) => {...},
+    update: ({ req: { user } }) => {...},
+
+    // Version-enabled Globals only
+    readVersion: () => {...},
   },
   // highlight-end
 }
@@ -37,23 +46,97 @@ const Header: GlobalConfig = {
 export default Header
 ```
 
+The following options are available:
+
+| Function                | Allows/Denies Access                   |
+| ----------------------- | -------------------------------------- |
+| **`read`**     | Used in the `findOne` Global operation. [More details](#read). |
+| **`update`** | Used in the `update` Global operation. [More details](#update). |
+
+If a Global supports [Versions](../versions/overview), the following additional options are available:
+
+| Function           | Allows/Denies Access                                                                                                   |
+| ------------------ | ---------------------------------------------------------------------------------------------------------------------- |
+| **`readVersions`** | Used to control who can read versions, and who can't. Will automatically restrict the Admin UI version viewing access. [More details](#read-versions). |
+
 ### Read
 
-Returns a boolean result or optionally a [query constraint](/docs/queries/overview) which limits who can read this global based on its current properties.
+Returns a boolean result or optionally a [query constraint](../queries/overview) which limits who can read this global based on its current properties.
 
-**Available argument properties:**
+To add read Access Control to a [Global](../configuration/globals), use the `read` property in the [Global Config](../globals/overview):
+
+```ts
+import { GlobalConfig } from 'payload'
+
+const Header: GlobalConfig = {
+  // ...
+  // highlight-start
+  read: {
+    read: ({ req: { user } }) => {
+      return Boolean(user)
+    },
+  }
+  // highlight-end
+}
+```
+
+The following arguments are provided to the `read` function:
 
 | Option    | Description                                                                |
 | --------- | -------------------------------------------------------------------------- |
-| **`req`** | The [Request](https://developer.mozilla.org/en-US/docs/Web/API/Request) object containing the currently authenticated `user` |
+| **`req`** | The [Request](https://developer.mozilla.org/en-US/docs/Web/API/Request) object containing the currently authenticated `user`. |
 
 ### Update
 
-Returns a boolean result or optionally a [query constraint](/docs/queries/overview) which limits who can update this global based on its current properties.
+Returns a boolean result or optionally a [query constraint](../queries/overview) which limits who can update this global based on its current properties.
 
-**Available argument properties:**
+To add update Access Control to a [Global](../configuration/globals), use the `access` property in the [Global Config](../globals/overview):
+
+```ts
+import { GlobalConfig } from 'payload'
+
+const Header: GlobalConfig = {
+  // ...
+  // highlight-start
+  access: {
+    update: ({ req: { user }, data }) => {
+      return Boolean(user)
+    },
+  }
+  // highlight-end
+}
+```
+
+The following arguments are provided to the `update` function:
 
 | Option     | Description                                                                |
 | ---------- | -------------------------------------------------------------------------- |
-| **`req`**  | The [Request](https://developer.mozilla.org/en-US/docs/Web/API/Request) object containing the currently authenticated `user` |
+| **`req`**  | The [Request](https://developer.mozilla.org/en-US/docs/Web/API/Request) object containing the currently authenticated `user`. |
 | **`data`** | The data passed to update the global with.                                 |
+
+### Read Versions
+
+If the Global has [Versions](../versions/overview) enabled, the `readVersions` Access Control function determines whether or not the currently logged in user can access the version history of a Document.
+
+To add Read Versions Access Control to a Collection, use the `readVersions` property in the [Global Config](../globals/overview):
+
+```ts
+import type { GlobalConfig } from 'payload'
+
+export const GlobalWithVersionsAccess: GlobalConfig = {
+  // ...
+  access: {
+    // highlight-start
+    readVersions: ({ req: { user }}) => {
+      return Boolean(user)
+    },
+    // highlight-end
+  },
+}
+```
+
+The following arguments are provided to the `readVersions` function:
+
+| Option    | Description                                                                |
+| --------- | -------------------------------------------------------------------------- |
+| **`req`** | The [Request](https://developer.mozilla.org/en-US/docs/Web/API/Request) object containing the currently authenticated `user`. |

docs/access-control/overview.mdx

@@ -2,84 +2,59 @@
 title: Access Control
 label: Overview
 order: 10
-desc: Payload makes it simple to define and manage access control. By declaring roles, you can set permissions and restrict what your users can interact with.
+desc: Payload makes it simple to define and manage Access Control. By declaring roles, you can set permissions and restrict what your users can interact with.
 keywords: overview, access control, permissions, documentation, Content Management System, cms, headless, javascript, node, react, nextjs
 ---
 
-Access control within Payload is extremely powerful while remaining easy and intuitive to manage. Declaring who should have access to what documents is no more complex than writing a simple JavaScript function that either returns a `boolean` or a [`query`](/docs/queries/overview) constraint to restrict which documents users can interact with.
-
 <YouTube id="DoPLyXG26Dg" title="Overview of Payload Access Control" />
 
-**Example use cases:**
+Access Control determines what a user can and cannot do with any given Document, as well as what they can and cannot see within the [Admin Panel](../admin/overview). By implementing Access Control, you can define granular restrictions based on the user, their roles (RBAC), Document data, or any other criteria your application requires.
 
-- Allowing anyone `read` access to all `Post`s
-- Only allowing public access to `Post`s where a `status` field is equal to `published`
-- Giving only `User`s with a `role` field equal to `admin` the ability to delete `Page`(s)
-- Allowing anyone to create `ContactSubmission`s, but only logged in users to `read`, `update` or `delete` them
-- Restricting a `User` to only be able to see their own `Order`(s), but no others
-- Allowing `User`s that belong to a certain `Organization` to access only that `Organization`'s `Resource`s
+Access Control functions are scoped to the _operation_, meaning you can have different rules for `create`, `read`, `update`, `delete`, etc. Access Control functions are executed _before_ any changes are made and _before_ any operations are completed. This allows you to determine if the user has the necessary permissions before fulfilling the request.
 
-## Default Settings
+There are many use cases for Access Control, including:
 
-**By default, all Collections and Globals require that a user is logged in to be able to interact in any way.** The default Access Control function evaluates the `user` from the `req` and returns `true` if a user is logged in, and `false` if not.
+- Allowing anyone `read` access to all posts
+- Only allowing public access to posts where a `status` field is equal to `published`
+- Giving only users with a `role` field equal to `admin` the ability to delete posts
+- Allowing anyone to submit contact forms, but only logged in users to `read`, `update` or `delete` them
+- Restricting a user to only be able to see their own orders, but noone else's
+- Allowing users that belong to a certain organization to access only that organization's resources
 
-**Default Access function:**
+There are three main types of Access Control in Payload:
+
+- [Collection Access Control](./collections)
+- [Global Access Control](./globals)
+- [Field Access Control](./fields)
+
+## Default Access Control
+
+Payload provides default Access Control so that your data is secured behind [Authentication](../authentication) without additional configuration. To do this, Payload sets a default function that simply checks if a user is present on the request. You can override this default behavior by defining your own Access Control functions as needed.
+
+Here is the default Access Control that Payload provides:
 
 ```ts
 const defaultPayloadAccess = ({ req: { user } }) => {
   // Return `true` if a user is found
   // and `false` if it is undefined or null
-  return Boolean(user)
+  return Boolean(user) // highlight-line
 }
 ```
 
-<Banner type="success">
-  <strong>Note:</strong>
-  <br />
-  In the Local API, all Access Control functions are skipped by default, allowing your server to do
-  whatever it needs. But, you can opt back in by setting the option
-  <strong>
-    overrideAccess
-  </strong>
-  {' '}
-  to <strong>false</strong>.
+<Banner type="warning">
+  <strong>Important:</strong>
+  In the [Local API](../local-api/overview), all Access Control is _skipped_ by default. This allows your server to have full control over your application. To opt back in, you can set the `overrideAccess` option to `false` in your requests.
 </Banner>
 
-## Access Control Types
+## The Access Operation
 
-You can manage access within Payload on three different levels:
+The Admin Panel responds dynamically to your changes to Access Control. For example, if you restrict editing `ExampleCollection` to only users that feature an "admin" role, Payload will **hide** that Collection from the Admin Panel entirely. This is super powerful and allows you to control who can do what within your Admin Panel using the same functions that secure your APIs.
 
-- [Collections](/docs/access-control/collections)
-- [Fields](/docs/access-control/fields)
-- [Globals](/docs/access-control/globals)
-
-## When Access Control is Executed
-
-<Banner type="success">
-  <strong>Note:</strong>
-  <br />
-  Access control functions are utilized in two places. It's important to understand how and when
-  your access control is executed.
-</Banner>
-
-### As you execute operations
-
-When you perform Payload operations like `create`, `read`, `update`, and `delete`, your access control functions will be executed before any changes or operations are completed.
-
-### Within the Admin UI
-
-The Payload Admin UI responds dynamically to the access control that you define. For example, if you restrict editing a `ExampleCollection` to only users that feature a `role` of `admin`, the Payload Admin UI will **hide** the `ExampleCollection` from the Admin UI entirely. This is super powerful and allows you to control who can do what with your Admin UI.
-
-To accomplish this, Payload ships with an `Access` operation, which is executed when a user logs into the Admin UI. Payload will execute each one of your access control functions, across all collections, globals, and fields, at the top level and return a response that contains a reflection of what the currently authenticated user can do with your application.
-
-## Argument Availability
+To accomplish this, Payload exposes the [Access Operation](../authentication/operations#access). Upon login, Payload executes each Access Control function at the top level, across all Collections, Globals, and Fields, and returns a response that contains a reflection of what the currently authenticated user can do within your application.
 
 <Banner type="warning">
   <strong>Important:</strong>
-  <br />
-  When your access control functions are executed via the <strong>access</strong> operation, the{' '}
-  <strong>id</strong> and <strong>data</strong> arguments will be <strong>undefined</strong>,
-  because Payload is executing your functions without referencing a specific document.
+  When your access control functions are executed via the [Access Operation](../authentication/operations#access),  the `id` and `data` arguments will be `undefined`. This is because Payload is executing your functions without referencing a specific Document.
 </Banner>
 
-If you use `id` or `data` within your access control functions, make sure to check that they are defined first. If they are not, then you can assume that your access control is being executed via the `access` operation, to determine solely what the user can do within the Admin UI.
+If you use `id` or `data` within your access control functions, make sure to check that they are defined first. If they are not, then you can assume that your Access Control is being executed via the Access Operation to determine solely what the user can do within the Admin Panel.

docs/admin/collections.mdx

@@ -0,0 +1,173 @@
+---
+title: Collection Admin Config
+label: Collections
+order: 20
+desc:
+keywords: admin, components, custom, documentation, Content Management System, cms, headless, javascript, node, react, nextjs
+---
+
+The behavior of [Collections](../configuration/collections) within the [Admin Panel](./overview) can be fully customized to fit the needs of your application. This includes grouping or hiding their navigation links, adding [Custom Components](./components), selecting which fields to display in the List View, and more.
+
+To configure Admin Options for Collections, use the `admin` property in your Collection Config:
+
+```ts
+import { CollectionConfig } from 'payload'
+
+export const MyCollection: CollectionConfig = {
+  // ...
+  admin: { // highlight-line
+    // ...
+  },
+}
+```
+
+## Admin Options
+
+The following options are available:
+
+| Option                       | Description                                                                                                                                                                                           |
+| ---------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| **`group`**                      | Text used as a label for grouping Collection and Global links together in the navigation.                                                                                                             |
+| **`hidden`**                     | Set to true or a function, called with the current user, returning true to exclude this Collection from navigation and admin routing.                                                                 |
+| **`hooks`**                      | Admin-specific hooks for this Collection. [More details](../hooks/collections).                                                                                                                                        |
+| **`useAsTitle`**                 | Specify a top-level field to use for a document title throughout the Admin Panel. If no field is defined, the ID of the document is used as the title.                                                |
+| **`description`**                | Text or React component to display below the Collection label in the List View to give editors more information.                                                                                      |
+| **`defaultColumns`**             | Array of field names that correspond to which columns to show by default in this Collection's List View.                                                                                              |
+| **`hideAPIURL`**                 | Hides the "API URL" meta field while editing documents within this Collection.                                                                                                                        |
+| **`enableRichTextLink`**         | The [Rich Text](../fields/rich-text) field features a `Link` element which allows for users to automatically reference related documents within their rich text. Set to `true` by default.         |
+| **`enableRichTextRelationship`** | The [Rich Text](../fields/rich-text) field features a `Relationship` element which allows for users to automatically reference related documents within their rich text. Set to `true` by default. |
+| **`meta`**                       | Metadata overrides to apply to the Admin Panel. Included properties are `description` and `openGraph`.                                                                           |
+| **`preview`**                    | Function to generate preview URLs within the Admin Panel that can point to your app. [More details](#preview).                                                                                                |
+| **`livePreview`**                | Enable real-time editing for instant visual feedback of your front-end application. [More details](../live-preview/overview).                                                                              |
+| **`components`**                 | Swap in your own React components to be used within this Collection. [More details](#components).                                                                                       |
+| **`listSearchableFields`**       | Specify which fields should be searched in the List search view. [More details](#list-searchable-fields).                                                                                                      |
+| **`pagination`**             | Set pagination-specific options for this Collection. [More details](#pagination).                                                                                                                              |
+
+### Components
+
+Collections can set their own [Custom Components](./components) which only apply to [Collection](../configuration/collections)-specific UI within the [Admin Panel](./overview). This includes elements such as the Save Button, or entire layouts such as the Edit View.
+
+To override Collection Components, use the `admin.components` property in your [Collection Config](../configuration/collections):
+
+```ts
+import type { SanitizedCollectionConfig } from 'payload'
+import { CustomSaveButton } from './CustomSaveButton'
+
+export const MyCollection: SanitizedCollectionConfig = {
+  // ...
+  admin: {
+    components: { // highlight-line
+      // ...
+    },
+  },
+}
+```
+
+The following options are available:
+
+| Path                       | Description                                                                                                            |
+| -------------------------- | ---------------------------------------------------------------------------------------------------------------------- |
+| **`beforeList`**           | An array of components to inject _before_ the built-in List View                                                          |
+| **`beforeListTable`**      | An array of components to inject _before_ the built-in List View's table                                                  |
+| **`afterList`**            | An array of components to inject _after_ the built-in List View                                                           |
+| **`afterListTable`**       | An array of components to inject _after_ the built-in List View's table                                                   |
+| **`edit.SaveButton`**      | Replace the default Save Button with a Custom Component. [Drafts](../versions/drafts) must be disabled.                                     |
+| **`edit.SaveDraftButton`** | Replace the default Save Draft Button with a Custom Component. [Drafts](../versions/drafts) must be enabled and autosave must be disabled. |
+| **`edit.PublishButton`**   | Replace the default Publish Button with a Custom Component. [Drafts](../versions/drafts) must be enabled.                                  |
+| **`edit.PreviewButton`**   | Replace the default Preview Button with a Custom Component. [Preview](#preview) must be enabled.                                         |
+| **`views`**                | Override or create new views within the Admin Panel. [More details](./views).                                     |
+
+<Banner type="success">
+  <strong>Note:</strong>
+  For details on how to build Custom Components, see [Building Custom Components](./components#building-custom-components).
+</Banner>
+
+### Preview
+
+It is possible to display a Preview Button within the Edit View of the Admin Panel. This will allow editors to visit the frontend of your app the corresponds to the document they are actively editing. This way they can preview the latest, potentially unpublished changes.
+
+To configure the Preview Button, set the `admin.preview` property to a function in your [Collection Config](../configuration/collections):
+
+```ts
+import { CollectionConfig } from 'payload'
+
+export const Posts: CollectionConfig = {
+  // ...
+  admin: {
+    // highlight-start
+    preview: (doc, { locale }) => {
+      if (doc?.slug) {
+        return `/${doc.slug}?locale=${locale}`
+      }
+
+      return null
+    },
+    // highlight-end
+  },
+}
+```
+
+The preview function receives two arguments:
+
+| Argument | Description |
+| --- | --- |
+| **`doc`** | The Document being edited. |
+| **`ctx`** | An object containing `locale` and `token` properties. The `token` is the currently logged-in user's JWT. |
+
+<Banner type="success">
+  <strong>Note:</strong>
+  For fully working example of this, check of the official [Draft Preview Example](https://github.com/payloadcms/payload/tree/main/examples/draft-preview) in the [Examples Directory](https://github.com/payloadcms/payload/tree/main/examples).
+</Banner>
+
+### Pagination
+
+All Collections receive their own List View which displays a paginated list of documents that can be sorted and filtered. The pagination behavior of the List View can be customized on a per-Collection basis, and uses the same [Pagination](../queries/pagination) API that Payload provides.
+
+To configure pagination options, use the `admin.pagination` property in your [Collection Config](../configuration/collections):
+
+```ts
+import { CollectionConfig } from 'payload'
+
+export const Posts: CollectionConfig = {
+  // ...
+  admin: {
+    // highlight-start
+    pagination: {
+      defaultLimit: 10,
+      limits: [10, 20, 50],
+    },
+    // highlight-end
+  },
+}
+```
+
+The following options are available:
+
+| Option         | Description                                                                                         |
+| -------------- | --------------------------------------------------------------------------------------------------- |
+| `defaultLimit` | Integer that specifies the default per-page limit that should be used. Defaults to 10.              |
+| `limits`       | Provide an array of integers to use as per-page options for admins to choose from in the List View. |
+
+### List Searchable Fields
+
+In the List View, there is a "search" box that allows you to quickly find a document through a simple text search. By default, it searches on the ID field. If defined, the `admin.useAsTitle` field is used. Or, you can explicitly define which fields to search based on the needs of your application.
+
+To define which fields should be searched, use the `admin.listSearchableFields` property in your [Collection Config](../configuration/collections):
+
+```ts
+import { CollectionConfig } from 'payload'
+
+export const Posts: CollectionConfig = {
+  // ...
+  admin: {
+    // highlight-start
+    listSearchableFields: ['title', 'slug'],
+    // highlight-end
+  },
+}
+```
+
+<Banner type="warning">
+  <strong>Tip:</strong>
+  If you are adding `listSearchableFields`, make sure you index each of these fields so your admin queries can remain performant.
+</Banner>

docs/admin/components.mdx

@@ -1,7 +1,7 @@
 ---
 title: Swap in your own React components
 label: Custom Components
-order: 20
+order: 40
 desc: Fully customize your Admin Panel by swapping in your own React components. Add fields, remove views, update routes and change functions to sculpt your perfect Dashboard.
 keywords: admin, components, custom, documentation, Content Management System, cms, headless, javascript, node, react, nextjs
 ---
@@ -18,8 +18,8 @@ All Custom Components in Payload are [React Server Components](https://react.dev
 There are four main types of Custom Components in Payload:
 
 - [Root Components](#root-components)
-- [Collection Components](#collection-components)
-- [Global Components](#global-components)
+- [Collection Components](./collections#components)
+- [Global Components](./globals#components)
 - [Field Components](./fields)
 
 To swap in your own Custom Component, consult the list of available components. Determine the scope that corresponds to what you are trying to accomplish, then [author your React component(s)](#building-custom-components) accordingly.
@@ -38,11 +38,11 @@ import { MyCustomLogo } from './MyCustomLogo'
 export default buildConfig({
   // ...
   admin: {
+    // highlight-start
     components: {
-      graphics: {
-        Logo: MyCustomLogo, // highlight-line
-      },
+      // ...
     },
+    // highlight-end
   },
 })
 ```
@@ -63,17 +63,18 @@ The following options are available:
 | **`logout.Button`**   | The button displayed in the sidebar that logs the user out.                                                                                                                                                         |
 | **`graphics.Icon`**   | The simplified logo used in contexts like the the `Nav` component.                                                                                                                                                  |
 | **`graphics.Logo`**   | The full logo used in contexts like the `Login` view.                                                                                                                                                               |
-| **`providers`**       | Custom [React Context](https://react.dev/learn/scaling-up-with-reducer-and-context) providers that will wrap the entire [Admin Panel](./overview). [More details](#custom-providers).                                       |
-| **`actions`**         | An array of Custom Components to be rendered in the header of the [Admin Panel](./overview), providing additional interactivity and functionality.                                                                  |
-| **`views`**           | Override or create new views within the [Admin Panel](./overview). [More details](./views).                                                                                                                                 |
+| **`providers`**       | Custom [React Context](https://react.dev/learn/scaling-up-with-reducer-and-context) providers that will wrap the entire Admin Panel. [More details](#custom-providers).                                       |
+| **`actions`**         | An array of Custom Components to be rendered in the header of the Admin Panel, providing additional interactivity and functionality.                                                                  |
+| **`views`**           | Override or create new views within the Admin Panel. [More details](./views).                                                                                                                                 |
 
 <Banner type="success">
-  <strong>Note:</strong> You can also use the `admin.components` property in your _[Collection](#collection-components) or [Global](#global-components)_.
+  <strong>Note:</strong>
+  You can also use set [Collection Components](./collections#components) and [Global Components](./globals#components) in their respective configs.
 </Banner>
 
 ### Custom Providers
 
-As you add more and more Custom Components to your [Admin Panel](./overview), you may find it helpful to add additional [React Context](https://react.dev/learn/scaling-up-with-reducer-and-context)(s). Payload allows you to inject your own context providers in your app where you can export your own custom hooks, etc.
+As you add more and more Custom Components to your [Admin Panel](./overview), you may find it helpful to add additional [React Context](https://react.dev/learn/scaling-up-with-reducer-and-context)(s). Payload allows you to inject your own context providers in your app so you can export your own custom hooks, etc.
 
 To add a Custom Provider, use the `admin.components.providers` property in your [Payload Config](../getting-started/overview):
 
@@ -115,80 +116,6 @@ export const useMyCustomContext = () => useContext(MyCustomContext)
   <strong>Reminder:</strong> Custom Providers are by definition Client Components. This means they must include the `use client` directive at the top of their files and cannot use server-only code.
 </Banner>
 
-## Collection Components
-
-Collection Components are those that effect [Collection](../configuration/collections)-specific UI within the [Admin Panel](./overview), such as the save button or the List View.
-
-To override Collection Components, use the `admin.components` property in your [Collection Config](../configuration/collections):
-
-```ts
-import type { SanitizedCollectionConfig } from 'payload'
-import { CustomSaveButton } from './CustomSaveButton'
-
-export const MyCollection: SanitizedCollectionConfig = {
-  slug: 'my-collection',
-  admin: {
-    components: {
-      edit: {
-        SaveButton: CustomSaveButton, // highlight-line
-      },
-    },
-  },
-  // ...
-}
-```
-
-_For details on how to build Custom Components, see [Building Custom Components](#building-custom-components)._
-
-The following options are available:
-
-| Path                       | Description                                                                                                            |
-| -------------------------- | ---------------------------------------------------------------------------------------------------------------------- |
-| **`beforeList`**           | An array of components to inject _before_ the built-in List View                                                          |
-| **`beforeListTable`**      | An array of components to inject _before_ the built-in List View's table                                                  |
-| **`afterList`**            | An array of components to inject _after_ the built-in List View                                                           |
-| **`afterListTable`**       | An array of components to inject _after_ the built-in List View's table                                                   |
-| **`edit.SaveButton`**      | Replace the default `Save` button with a Custom Component. Drafts must be disabled                                     |
-| **`edit.SaveDraftButton`** | Replace the default `Save Draft` button with a Custom Component. Drafts must be enabled and autosave must be disabled. |
-| **`edit.PublishButton`**   | Replace the default `Publish` button with a Custom Component. Drafts must be enabled.                                  |
-| **`edit.PreviewButton`**   | Replace the default `Preview` button with a Custom Component.                                                          |
-| **`views`**                | Override or create new views within the [Admin Panel](./overview). [More details](./views).                                     |
-
-## Global Components
-
-Global Components are those that effect [Global](../configuration/globals)-specific UI within the [Admin Panel](./overview), such as the save button or the Edit View.
-
-To override Global Components, use the `admin.components` property in your [Global Config](../configuration/globals):
-
-```ts
-import type { SanitizedGlobalConfig } from 'payload'
-import { CustomSaveButton } from './CustomSaveButton'
-
-export const MyGlobal: SanitizedGlobalConfig = {
-  slug: 'my-global',
-  admin: {
-    components: {
-      elements: {
-        SaveButton: CustomSaveButton, // highlight-line
-      },
-    },
-  },
-  // ...
-}
-```
-
-_For details on how to build Custom Components, see [Building Custom Components](#building-custom-components)._
-
-The following options are available:
-
-| Path                           | Description                                                                                                            |
-| ------------------------------ | ---------------------------------------------------------------------------------------------------------------------- |
-| **`elements.SaveButton`**      | Replace the default `Save` button with a Custom Component. Drafts must be disabled.                                    |
-| **`elements.SaveDraftButton`** | Replace the default `Save Draft` button with a Custom Component. Drafts must be enabled and autosave must be disabled. |
-| **`elements.PublishButton`**   | Replace the default `Publish` button with a Custom Component. Drafts must be enabled.                                  |
-| **`elements.PreviewButton`**   | Replace the default `Preview` button with a Custom Component.                                                          |
-| **`views`**                    | Override or create new views within the [Admin Panel](./overview). [More details](./views).                                     |
-
 ## Building Custom Components
 
 All Custom Components in Payload are [React Server Components](https://react.dev/reference/rsc/server-components) by default, with the exception of [Custom Providers](#custom-providers). This enables the use of the [Local API](../local-api) directly on the front-end, among other things.

docs/admin/customizing-css.mdx

@@ -1,7 +1,7 @@
 ---
 title: Customizing CSS & SCSS
 label: Customizing CSS
-order: 60
+order: 80
 desc: Customize the Payload Admin Panel further by adding your own CSS or SCSS style sheet to the configuration, powerful theme and design options are waiting for you.
 keywords: admin, css, scss, documentation, Content Management System, cms, headless, javascript, node, react, nextjs
 ---

docs/admin/fields.mdx

@@ -1,7 +1,7 @@
 ---
 title: Customizing Fields
 label: Customizing Fields
-order: 40
+order: 60
 desc:
 keywords:
 ---
@@ -18,7 +18,7 @@ For example, your app might need to render a specific interface that Payload doe
 
 ## Admin Options
 
-You can customize the appearance and behavior of fields within the [Admin Panel](./overvieW) through the `admin` property of any [Field Config](../fields/overview):
+You can customize the appearance and behavior of fields within the [Admin Panel](./overview) through the `admin` property of any [Field Config](../fields/overview):
 
 ```ts
 import type { CollectionConfig } from 'payload'

docs/admin/globals.mdx

@@ -0,0 +1,108 @@
+---
+title: Global Admin Config
+label: Globals
+order: 30
+desc:
+keywords: admin, components, custom, documentation, Content Management System, cms, headless, javascript, node, react, nextjs
+---
+
+The behavior of [Globals](../configuration/globals) within the [Admin Panel](./overview) can be fully customized to fit the needs of your application. This includes grouping or hiding their navigation links, adding [Custom Components](./components), setting page metadata, and more.
+
+To configure Admin Options for Globals, use the `admin` property in your Global Config:
+
+```ts
+import { GlobalConfig } from 'payload'
+
+export const MyGlobal: GlobalConfig = {
+  // ...
+  admin: { // highlight-line
+    // ...
+  },
+}
+```
+
+## Admin Options
+
+The following options are available:
+
+| Option        | Description                                                                                                                       |
+| ------------- | --------------------------------------------------------------------------------------------------------------------------------- |
+| **`group`**       | Text used as a label for grouping Collection and Global links together in the navigation.                                         |
+| **`hidden`**      | Set to true or a function, called with the current user, returning true to exclude this Global from navigation and admin routing. |
+| **`components`**  | Swap in your own React components to be used within this Global. [More details](#components).                           |
+| **`preview`**     | Function to generate a preview URL within the Admin Panel for this Global that can point to your app. [More details](#preview).           |
+| **`livePreview`** | Enable real-time editing for instant visual feedback of your front-end application. [More details](../live-preview/overview).          |
+| **`hideAPIURL`**  | Hides the "API URL" meta field while editing documents within this collection.                                                    |
+| **`meta`**        | Metadata overrides to apply to the Admin Panel. Included properties are `description` and `openGraph`.       |
+
+### Components
+
+Globals can set their own [Custom Components](./components) which only apply to [Global](../configuration/globals)-specific UI within the [Admin Panel](./overview). This includes elements such as the Save Button, or entire layouts such as the Edit View.
+
+To override Global Components, use the `admin.components` property in your [Global Config](../configuration/globals):
+
+```ts
+import type { SanitizedGlobalConfig } from 'payload'
+import { CustomSaveButton } from './CustomSaveButton'
+
+export const MyGlobal: SanitizedGlobalConfig = {
+  // ...
+  admin: {
+    components: { // highlight-line
+      // ...
+    },
+  },
+}
+```
+
+The following options are available:
+
+| Path                           | Description                                                                                                            |
+| ------------------------------ | ---------------------------------------------------------------------------------------------------------------------- |
+| **`elements.SaveButton`**      | Replace the default Save Button with a Custom Component. [Drafts](../versions/drafts) must be disabled.                                    |
+| **`elements.SaveDraftButton`** | Replace the default Save Draft Button with a Custom Component. [Drafts](../versions/drafts) must be enabled and autosave must be disabled. |
+| **`elements.PublishButton`**   | Replace the default Publish Button with a Custom Component. [Drafts](../versions/drafts) must be enabled.                                  |
+| **`elements.PreviewButton`**   | Replace the default Preview Button with a Custom Component. [Preview](#preview) must be enabled.                                         |
+| **`views`**                    | Override or create new views within the Admin Panel. [More details](./views).                                     |
+
+<Banner type="success">
+  <strong>Note:</strong>
+  For details on how to build Custom Components, see [Building Custom Components](./components#building-custom-components).
+</Banner>
+
+### Preview
+
+It is possible to display a Preview Button within the Edit View of the Admin Panel. This will allow editors to visit the frontend of your app the corresponds to the document they are actively editing. This way they can preview the latest, potentially unpublished changes.
+
+To configure the Preview Button, set the `admin.preview` property to a function in your Global Config:
+
+```ts
+import { GlobalConfig } from 'payload'
+
+export const MainMenu: GlobalConfig = {
+  // ...
+  admin: {
+    // highlight-start
+    preview: (doc, { locale }) => {
+      if (doc?.slug) {
+        return `/${doc.slug}?locale=${locale}`
+      }
+
+      return null
+    },
+    // highlight-end
+  },
+}
+```
+
+The preview function receives two arguments:
+
+| Argument | Description |
+| --- | --- |
+| **`doc`** | The Document being edited. |
+| **`ctx`** | An object containing `locale` and `token` properties. The `token` is the currently logged-in user's JWT. |
+
+<Banner type="success">
+  <strong>Note:</strong>
+  For fully working example of this, check of the official [Draft Preview Example](https://github.com/payloadcms/payload/tree/main/examples/draft-preview) in the [Examples Directory](https://github.com/payloadcms/payload/tree/main/examples).
+</Banner>

docs/admin/hooks.mdx

@@ -1,7 +1,7 @@
 ---
 title: React Hooks
 label: React Hooks
-order: 50
+order: 70
 desc: Make use of all of the powerful React hooks that Payload provides.
 keywords: admin, components, custom, documentation, Content Management System, cms, headless, javascript, node, react, nextjs
 ---

docs/admin/overview.mdx

@@ -55,6 +55,11 @@ As shown above, all Payload routes are nested within the `(payload)` route group
 
 The `admin` directory contains all the _pages_ related to the interface itself, whereas the `api` and `graphql` directories contains all the _routes_ related to the [REST API](../rest-api/overview) and [GraphQL API](../graphql/overview). All admin routes are [easily configurable](#customizing-routes) to meet your application's exact requirements.
 
+<Banner type="warning">
+  <strong>Note:</strong>
+  If you don't use the [REST API](../rest/overview) or [GraphQL API](../graphql/overview), you can delete the [Next.js files corresponding to those routes](../admin/overview#project-structure), however, the overhead of this API is completely constrained to these endpoints, and will not slow down or affect Payload outside of the endpoints.
+</Banner>
+
 Finally, the `custom.scss` file is where you can add or override globally-oriented styles in the Admin Panel, such as modify the color palette. Customizing the look and feel through CSS alone is a powerful feature of the Admin Panel, [more on that here](./customizing-css).
 
 All auto-generated files will contain the following comments at the top of each file:
@@ -81,23 +86,23 @@ const config = buildConfig({
 
 The following options are available:
 
-| Option            | Description                                                                                                                                                                                                                                                                 |
-| ----------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| `user`            | The `slug` of the Collection that you want to allow to login to the Admin Panel. [More details](#the-admin-user-collection).                                                                                                                                                        |
-| `buildPath`       | Specify an absolute path for where to store the built Admin bundle used in production. Defaults to `path.resolve(process.cwd(), 'build')`.                                                                                                                                  |
-| `meta`            | Base metadata to use for the Admin Panel. Included properties are `titleSuffix`, `icons`, and `openGraph`. Can be overridden on a per Collection or per Global basis.                                                                                                       |
-| `disable`         | If set to `true`, the entire Admin Panel will be disabled.                                                                                                                                                                                                                  |
-| `dateFormat`      | The date format that will be used for all dates within the Admin Panel. Any valid [date-fns](https://date-fns.org/) format pattern can be used.                                                                                                                             |
-| `avatar`          | Set account profile picture. Options: `gravatar`, `default` or a custom React component.                                                                                                                                                                                    |
-| `autoLogin`       | Used to automate admin log-in for dev and demonstration convenience. [More details](../authentication/config).                                                                                                                                                                      |
-| `livePreview`     | Enable real-time editing for instant visual feedback of your front-end application. [More details](../live-preview/overview).                                                                                                                                                       |
-| `components`      | Component overrides that affect the entirety of the Admin Panel. [More details](./components).                                                                                                                                                                                      |
-| `routes`          | Replace built-in Admin Panel routes with your own custom routes. [More details](#customizing-routes).                                                                                                                                                                               |
-| `custom`          | Any custom properties you wish to pass to the Admin Panel.                                                                                                                                                                                                                  |
+| Option        | Description                                                                                                                                                           |
+|---------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| `avatar`      | Set account profile picture. Options: `gravatar`, `default` or a custom React component.                                                                              |
+| `autoLogin`   | Used to automate log-in for dev and demonstration convenience. [More details](../authentication/overview).                                                            |
+| `buildPath`   | Specify an absolute path for where to store the built Admin bundle used in production. Defaults to `path.resolve(process.cwd(), 'build')`.                            |
+| `components`  | Component overrides that affect the entirety of the Admin Panel. [More details](./components).                                                                        |
+| `custom`      | Any custom properties you wish to pass to the Admin Panel.                                                                                                            |
+| `dateFormat`  | The date format that will be used for all dates within the Admin Panel. Any valid [date-fns](https://date-fns.org/) format pattern can be used.                       |
+| `disable`     | If set to `true`, the entire Admin Panel will be disabled.                                                                                                            |
+| `livePreview` | Enable real-time editing for instant visual feedback of your front-end application. [More details](../live-preview/overview).                                         |
+| `meta`        | Base metadata to use for the Admin Panel. Included properties are `titleSuffix`, `icons`, and `openGraph`. Can be overridden on a per Collection or per Global basis. |
+| `routes`      | Replace built-in Admin Panel routes with your own custom routes. [More details](#customizing-routes).                                                                 |
+| `user`        | The `slug` of the Collection that you want to allow to login to the Admin Panel. [More details](#the-admin-user-collection).                                          |
 
 <Banner type="success">
   <strong>Reminder:</strong>
-  These are the _root-level_ options for the Admin Panel. You can also customize the admin options for _Collections and Globals_ through their respective `admin` keys.
+  These are the _root-level_ options for the Admin Panel. You can also customize [Collection Admin Options](./collections) and [Global Admin Options](./globals) through their respective `admin` keys.
 </Banner>
 
 ### The Admin User Collection
@@ -132,7 +137,7 @@ To do this, specify `admin: { user: 'admins' }` in your config. This will provid
 
 ### Role-based Access Control
 
-It is also possible to allow multiple user types into the Admin Panel with limited permissions. For example, you may wish to have two roles within the `admins` Collection:
+It is also possible to allow multiple user types into the Admin Panel with limited permissions, known as role-based access control (RBAC). For example, you may wish to have two roles within the `admins` Collection:
 
 - `super-admin` - full access to the Admin Panel to perform any action
 - `editor` - limited access to the Admin Panel to only manage content

docs/admin/preferences.mdx

@@ -1,7 +1,7 @@
 ---
 title: Managing User Preferences
 label: Preferences
-order: 50
+order: 70
 desc: Store the preferences of your users as they interact with the Admin Panel.
 keywords: admin, preferences, custom, customize, documentation, Content Management System, cms, headless, javascript, node, react, nextjs
 ---
@@ -22,7 +22,7 @@ Out of the box, Payload handles the persistence of your users' preferences in a
   that is reading or setting a preference via all provided authentication methods.
 </Banner>
 
-## Use cases
+## Use Cases
 
 This API is used significantly for internal operations of the Admin Panel, as mentioned above. But, if you're building your own React components for use in the Admin Panel, you can allow users to set their own preferences in correspondence to their usage of your components. For example:
 

docs/admin/views.mdx

@@ -1,7 +1,7 @@
 ---
 title: Customizing Views
 label: Customizing Views
-order: 30
+order: 50
 desc:
 keywords:
 ---
@@ -278,7 +278,7 @@ export const MyCollectionConfig: SanitizedCollectionConfig = {
 Your Custom Views will be provided with the following props:
 
 | Prop                      | Description                                                                                                                            |
-| ------------------------- | -------------------------------------------------------------------------------------------------------------------------------------- |                                                                                            |
+| ------------------------- | -------------------------------------------------------------------------------------------------------------------------------------- |
 | **`user`**                    | The currently logged in user.                                                                                                          |
 | **`locale`**                  | The current [Locale](../configuration/localization) of the [Admin Panel](./overview).                                                  |
 | **`navGroups`**               | The grouped navigation items according to `admin.group` in your [Collection Config](../collections/overview) or [Global Config](../globals/overview). |

docs/authentication/api-keys.mdx

@@ -48,7 +48,7 @@ your API keys will not be.
 
 ### HTTP Authentication
 
-To authenticate REST or GraphQL API requests using an API key, set the `Authorization` header. The header is case-sensitive and needs the slug of the `auth.useAPIKey` enabled collection, then " API-Key ", followed by the `apiKey` that has been assigned. Payload's built-in middleware will then assign the user document to `req.user` and handle requests with the proper access control. By doing this, Payload recognizes the request being made as a request by the user associated with that API key.
+To authenticate REST or GraphQL API requests using an API key, set the `Authorization` header. The header is case-sensitive and needs the slug of the `auth.useAPIKey` enabled collection, then " API-Key ", followed by the `apiKey` that has been assigned. Payload's built-in middleware will then assign the user document to `req.user` and handle requests with the proper [Access Control](../access-control/overview). By doing this, Payload recognizes the request being made as a request by the user associated with that API key.
 
 **For example, using Fetch:**
 
@@ -62,7 +62,7 @@ const response = await fetch('http://localhost:3000/api/pages', {
 })
 ```
 
-Payload ensures that the same, uniform access control is used across all authentication strategies. This enables you to utilize your existing access control configurations with both API keys and the standard email/password authentication. This consistency can aid in maintaining granular control over your API keys.
+Payload ensures that the same, uniform [Access Control](../access-control/overview) is used across all authentication strategies. This enables you to utilize your existing Access Control configurations with both API keys and the standard email/password authentication. This consistency can aid in maintaining granular control over your API keys.
 
 ### API Key Only Auth
 

docs/authentication/config.mdx

@@ -1,206 +0,0 @@
----
-title: Authentication Config
-label: Config
-order: 20
-desc: Enable and customize options in the Authentication config for features including Forgot Password, Login Attempts, API key usage and more.
-keywords: authentication, config, configuration, documentation, Content Management System, cms, headless, javascript, node, react, nextjs
----
-
-Payload's Authentication is extremely powerful and gives you everything you need when you go to build a new app or site in a secure and responsible manner.
-
-To enable Authentication on a collection, define an `auth` property and set it to either `true` or to an object containing the options below.
-
-## Options
-
-| Option                     | Description                                                                                                                                                                                                                         |
-|----------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| **`useAPIKey`**            | Payload Authentication provides for API keys to be set on each user within an Authentication-enabled Collection. [More](/docs/authentication/config#api-keys)                                                                       |
-| **`tokenExpiration`**      | How long (in seconds) to keep the user logged in. JWTs and HTTP-only cookies will both expire at the same time.                                                                                                                     |
-| **`maxLoginAttempts`**     | Only allow a user to attempt logging in X amount of times. Automatically locks out a user from authenticating if this limit is passed. Set to `0` to disable.                                                                       |
-| **`lockTime`**             | Set the time (in milliseconds) that a user should be locked out if they fail authentication more times than `maxLoginAttempts` allows for.                                                                                          |
-| **`depth`**                | How many levels deep a `user` document should be populated when creating the JWT and binding the `user` to the `req`. Defaults to `0` and should only be modified if absolutely necessary, as this will affect performance. |
-| **`cookies`**              | Set cookie options, including `secure`, `sameSite`, and `domain`. For advanced users.                                                                                                                                               |
-| **`forgotPassword`**       | Customize the way that the `forgotPassword` operation functions. [More](/docs/authentication/config#forgot-password)                                                                                                                |
-| **`verify`**               | Set to `true` or pass an object with verification options to require users to verify by email before they are allowed to log into your app. [More](/docs/authentication/config#email-verification)                                  |
-| **`disableLocalStrategy`** | Advanced - disable Payload's built-in local auth strategy. Only use this property if you have replaced Payload's auth mechanisms with your own.                                                                                     |
-| **`strategies`**           | Advanced - an array of custom authentification strategies to extend this collection's authentication with. [More](/docs/authentication/custom-strategies)                                                                         |
-
-### Forgot Password
-
-You can customize how the Forgot Password workflow operates with the following options on the `auth.forgotPassword` property:
-
-**`generateEmailHTML`**
-
-Function that accepts one argument, containing `{ req, token, user }`, that allows for overriding the HTML within emails that are sent to users attempting to reset their password. The function should return a string that supports HTML, which can be a full HTML email.
-
-<Banner type="success">
-  <strong>Tip:</strong>
-  <br />
-  HTML templating can be used to create custom email templates, inline CSS automatically, and more.
-  You can make a reusable function that standardizes all email sent from Payload, which makes
-  sending custom emails more DRY. Payload doesn't ship with an HTML templating engine, so you are
-  free to choose your own.
-</Banner>
-
-Example:
-
-```ts
-import { CollectionConfig } from 'payload'
-
-export const Customers: CollectionConfig = {
-  slug: 'customers',
-  auth: {
-    forgotPassword: {
-      // highlight-start
-      generateEmailHTML: ({ req, token, user }) => {
-        // Use the token provided to allow your user to reset their password
-        const resetPasswordURL = `https://yourfrontend.com/reset-password?token=${token}`
-
-        return `
-          <!doctype html>
-          <html>
-            <body>
-              <h1>Here is my custom email template!</h1>
-              <p>Hello, ${user.email}!</p>
-              <p>Click below to reset your password.</p>
-              <p>
-                <a href="${resetPasswordURL}">${resetPasswordURL}</a>
-              </p>
-            </body>
-          </html>
-        `
-      },
-      // highlight-end
-    },
-  },
-}
-```
-
-<Banner type="warning">
-  <strong>Important:</strong>
-  <br />
-  If you specify a different URL to send your users to for resetting their password, such as a page
-  on the frontend of your app or similar, you need to handle making the call to the Payload REST or
-  GraphQL reset-password operation yourself on your frontend, using the token that was provided for
-  you. Above, it was passed via query parameter.
-</Banner>
-
-**`generateEmailSubject`**
-
-Similarly to the above `generateEmailHTML`, you can also customize the subject of the email. The function argument are the same but you can only return a string - not HTML.
-
-Example:
-
-```ts
-{
-  slug: 'customers',
-  auth: {
-    forgotPassword: {
-      // highlight-start
-      generateEmailSubject: ({ req, user }) => {
-        return `Hey ${user.email}, reset your password!`;
-      }
-      // highlight-end
-    }
-  }
-}
-```
-
-### Email Verification
-
-If you'd like to require email verification before a user can successfully log in, you can enable it by passing `true` or an `options` object to `auth.verify`. The following options are available:
-
-**`generateEmailHTML`**
-
-Function that accepts one argument, containing `{ req, token, user }`, that allows for overriding the HTML within emails that are sent to users indicating how to validate their account. The function should return a string that supports HTML, which can optionally be a full HTML email.
-
-Example:
-
-```ts
-import { CollectionConfig } from 'payload'
-
-export const Customers: CollectionConfig = {
-  slug: 'customers',
-  auth: {
-    verify: {
-      // highlight-start
-      generateEmailHTML: ({ req, token, user }) => {
-        // Use the token provided to allow your user to verify their account
-        const url = `https://yourfrontend.com/verify?token=${token}`
-
-        return `Hey ${user.email}, verify your email by clicking here: ${url}`
-      },
-      // highlight-end
-    },
-  },
-}
-```
-
-<Banner type="warning">
-  <strong>Important:</strong>
-  <br />
-  If you specify a different URL to send your users to for email verification, such as a page on the
-  frontend of your app or similar, you need to handle making the call to the Payload REST or GraphQL
-  verification operation yourself on your frontend, using the token that was provided for you.
-  Above, it was passed via query parameter.
-</Banner>
-
-**`generateEmailSubject`**
-
-Similarly to the above `generateEmailHTML`, you can also customize the subject of the email. The function argument are the same but you can only return a string - not HTML.
-
-Example:
-
-```ts
-{
-  slug: 'customers',
-  auth: {
-    forgotPassword: {
-      // highlight-start
-      generateEmailSubject: ({ req, user }) => {
-        return `Hey ${user.email}, reset your password!`;
-      }
-      // highlight-end
-    }
-  }
-}
-```
-
-### Admin autologin
-
-For testing and demo purposes you may want to skip forcing the admin user to login in order to access the panel.
-The `admin.autologin` property is used to configure the how visitors are handled when accessing the Admin Panel.
-The default is that all users will have to login and this should not be enabled for environments where data needs to protected.
-
-#### autoLogin Options
-
-| Option            | Description                                                                                                     |
-| ----------------- | --------------------------------------------------------------------------------------------------------------- |
-| **`email`**       | The email address of the user to login as                                                                       |
-| **`password`**    | The password of the user to login as                                                                            |
-| **`prefillOnly`** | If set to true, the login credentials will be prefilled but the user will still need to click the login button. |
-
-The recommended way to use this feature is behind an environment variable to ensure it is disabled when in production.
-
-**Example:**
-
-```ts
-export default buildConfig({
-  admin: {
-    user: 'users',
-    // highlight-start
-    autoLogin:
-      process.env.PAYLOAD_PUBLIC_ENABLE_AUTOLOGIN === 'true'
-        ? {
-            email: 'test@example.com',
-            password: 'test',
-            prefillOnly: true,
-          }
-        : false,
-    // highlight-end
-  },
-  collections: [
-    /** */
-  ],
-})
-```

docs/authentication/cookies.mdx

@@ -1,19 +1,16 @@
 ---
 title: Cookie Strategy
 label: Cookie Strategy
-order: 30
+order: 40
 desc: Enable HTTP Cookie based authentication to interface with Payload.
 keywords: authentication, config, configuration, documentation, Content Management System, cms, headless, javascript, node, react, nextjs
 ---
 
-Payload `login`, `logout`, and `refresh` operations make use of HTTP-only cookies for authentication purposes.
+Payload offers the ability to [Authenticate](./overview) via HTTP-only cookies. These can be read from the responses of `login`, `logout`, `refresh`, and `me` auth operations.
 
 <Banner type="success">
   <strong>Tip:</strong>
-  <br />
-  You can access the logged-in user from access control functions and hooks from the `req.user` property.
-  <br />
-  [Learn more about token data](/docs/authentication/token-data).
+  You can access the logged-in user from within [Access Control](../access-control/overview) and [Hooks](../hooks/overview) through the `req.user` argument. [More details](./token-data).
 </Banner>
 
 ### Automatic browser inclusion
@@ -38,7 +35,6 @@ For more about including cookies in requests from your app to your Payload API,
 
 <Banner type="success">
   <strong>Tip:</strong>
-  <br />
   To make sure you have a Payload cookie set properly in your browser after logging in, you can use
   the browsers Developer Tools > Application > Cookies > [your-domain-here]. The Developer tools
   will still show HTTP-only cookies.

docs/authentication/custom-strategies.mdx

@@ -13,7 +13,7 @@ keywords: authentication, config, configuration, overview, documentation, Conten
 
 ### Creating a strategy
 
-At the core, a strategy is a way to authenticate a user making a request. As of `3.0` we moved away from passportJS in favor of pulling back the curtain and putting you in full control.
+At the core, a strategy is a way to authenticate a user making a request. As of `3.0` we moved away from [Passport](https://www.passportjs.org) in favor of pulling back the curtain and putting you in full control.
 
 A strategy is made up of the following:
 

docs/authentication/email.mdx

@@ -0,0 +1,203 @@
+---
+title: Authentication Emails
+label: Email Verification
+order: 30
+desc: Email Verification allows users to verify their email address before they're account is fully activated. Email Verification ties directly into the Email functionality that Payload provides.
+keywords: authentication, email, config, configuration, documentation, Content Management System, cms, headless, javascript, node, react, nextjs
+---
+
+[Authentication](./overview) ties directly into the [Email](../email) functionality that Payload provides. This allows you to send emails to users for verification, password resets, and more. While Payload provides default email templates for these actions, you can customize them to fit your brand.
+
+## Email Verification
+
+Email Verification forces users to prove they have access to the email address they can authenticate. This will help to reduce spam accounts and ensure that users are who they say they are.
+
+To enable Email Verification, use the `auth.verify` property on your [Collection Config](../configuration/collections):
+
+```ts
+import { CollectionConfig } from 'payload'
+
+export const Customers: CollectionConfig = {
+  // ...
+  auth: {
+    verify: true // highlight-line
+  },
+}
+```
+
+<Banner type="info">
+  <strong>Tip:</strong>
+  Verification emails are fully customizable. [More details](#generateEmailHTML).
+</Banner>
+
+The following options are available:
+
+| Option               | Description                                                                                                                                                                                                                         |
+|----------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| **`generateEmailHTML`** | Allows for overriding the HTML within emails that are sent to users indicating how to validate their account. [More details](#generateEmailHTML). |
+| **`generateEmailSubject`** | Allows for overriding the subject of the email that is sent to users indicating how to validate their account. [More details](#generateEmailSubject). |
+
+#### generateEmailHTML
+
+Function that accepts one argument, containing `{ req, token, user }`, that allows for overriding the HTML within emails that are sent to users indicating how to validate their account. The function should return a string that supports HTML, which can optionally be a full HTML email.
+
+```ts
+import { CollectionConfig } from 'payload'
+
+export const Customers: CollectionConfig = {
+  // ...
+  auth: {
+    verify: {
+      // highlight-start
+      generateEmailHTML: ({ req, token, user }) => {
+        // Use the token provided to allow your user to verify their account
+        const url = `https://yourfrontend.com/verify?token=${token}`
+
+        return `Hey ${user.email}, verify your email by clicking here: ${url}`
+      },
+      // highlight-end
+    },
+  },
+}
+```
+
+<Banner type="warning">
+  <strong>Important:</strong>
+  If you specify a different URL to send your users to for email verification, such as a page on the
+  frontend of your app or similar, you need to handle making the call to the Payload REST or GraphQL
+  verification operation yourself on your frontend, using the token that was provided for you.
+  Above, it was passed via query parameter.
+</Banner>
+
+#### generateEmailSubject
+
+Similarly to the above `generateEmailHTML`, you can also customize the subject of the email. The function argument are the same but you can only return a string - not HTML.
+
+```ts
+import { CollectionConfig } from 'payload'
+
+export const Customers: CollectionConfig = {
+  // ...
+  auth: {
+    verify: {
+      // highlight-start
+      generateEmailSubject: ({ req, user }) => {
+        return `Hey ${user.email}, reset your password!`;
+      }
+      // highlight-end
+    }
+  }
+}
+```
+
+## Forgot Password
+
+You can customize how the Forgot Password workflow operates with the following options on the `auth.forgotPassword` property:
+
+```ts
+import { CollectionConfig } from 'payload'
+
+export const Customers: CollectionConfig = {
+  // ...
+  auth: {
+    forgotPassword: { // highlight-line
+      // ...
+    },
+  },
+}
+```
+
+The following options are available:
+
+| Option               | Description                                                                                                                                                                                                                         |
+|----------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| **`generateEmailHTML`** | Allows for overriding the HTML within emails that are sent to users attempting to reset their password. [More details](#generateEmailHTML). |
+| **`generateEmailSubject`** | Allows for overriding the subject of the email that is sent to users attempting to reset their password. [More details](#generateEmailSubject). |
+
+#### generateEmailHTML
+
+This function allows for overriding the HTML within emails that are sent to users attempting to reset their password. The function should return a string that supports HTML, which can be a full HTML email.
+
+```ts
+import { CollectionConfig } from 'payload'
+
+export const Customers: CollectionConfig = {
+  // ...
+  auth: {
+    forgotPassword: {
+      // highlight-start
+      generateEmailHTML: ({ req, token, user }) => {
+        // Use the token provided to allow your user to reset their password
+        const resetPasswordURL = `https://yourfrontend.com/reset-password?token=${token}`
+
+        return `
+          <!doctype html>
+          <html>
+            <body>
+              <h1>Here is my custom email template!</h1>
+              <p>Hello, ${user.email}!</p>
+              <p>Click below to reset your password.</p>
+              <p>
+                <a href="${resetPasswordURL}">${resetPasswordURL}</a>
+              </p>
+            </body>
+          </html>
+        `
+      },
+      // highlight-end
+    },
+  },
+}
+```
+
+<Banner type="warning">
+  <strong>Important:</strong>
+  If you specify a different URL to send your users to for resetting their password, such as a page
+  on the frontend of your app or similar, you need to handle making the call to the Payload REST or
+  GraphQL reset-password operation yourself on your frontend, using the token that was provided for
+  you. Above, it was passed via query parameter.
+</Banner>
+
+<Banner type="success">
+  <strong>Tip:</strong>
+  HTML templating can be used to create custom email templates, inline CSS automatically, and more.
+  You can make a reusable function that standardizes all email sent from Payload, which makes
+  sending custom emails more DRY. Payload doesn't ship with an HTML templating engine, so you are
+  free to choose your own.
+</Banner>
+
+The following arguments are passed to the `generateEmailHTML` function:
+
+| Argument | Description                                                                                   |
+|----------|-----------------------------------------------------------------------------------------------|
+| `req`    | The request object.                                                                           |
+| `token`  | The token that is generated for the user to reset their password.                             |
+| `user`   | The user document that is attempting to reset their password.                                 |
+
+#### generateEmailSubject
+
+Similarly to the above `generateEmailHTML`, you can also customize the subject of the email. The function argument are the same but you can only return a string - not HTML.
+
+```ts
+import { CollectionConfig } from 'payload'
+
+export const Customers: CollectionConfig = {
+  // ...
+  auth: {
+    forgotPassword: {
+      // highlight-start
+      generateEmailSubject: ({ req, user }) => {
+        return `Hey ${user.email}, reset your password!`;
+      }
+      // highlight-end
+    }
+  }
+}
+```
+
+The following arguments are passed to the `generateEmailSubject` function:
+
+| Argument | Description                                                                                   |
+|----------|-----------------------------------------------------------------------------------------------|
+| `req`    | The request object.                                                                           |
+| `user`   | The user document that is attempting to reset their password.                                 |

docs/authentication/jwt.mdx

@@ -6,14 +6,11 @@ desc: Enable JSON Web Token based authentication to interface with Payload.
 keywords: authentication, config, configuration, documentation, Content Management System, cms, headless, javascript, node, react, nextjs
 ---
 
-Payload offers the ability to authenticate via `JWT` (JSON web token). These can be read from the responses of `login`, `refresh`, and `me` auth operations.
+Payload offers the ability to [Authenticate](./overview) via JSON Web Tokens (JWT). These can be read from the responses of `login`, `logout`, `refresh`, and `me` auth operations.
 
 <Banner type="success">
   <strong>Tip:</strong>
-  <br />
-  You can access the logged-in user from access control functions and hooks from the `req.user` property.
-  <br />
-  [Learn more about token data](/docs/authentication/token-data).
+  You can access the logged-in user from within [Access Control](../access-control/overview) and [Hooks](../hooks/overview) through the `req.user` argument. [More details](./token-data).
 </Banner>
 
 ### Identifying Users Via The Authorization Header

docs/authentication/operations.mdx

@@ -1,16 +1,16 @@
 ---
 title: Authentication Operations
 label: Operations
-order: 80
+order: 20
 desc: Enabling Authentication automatically makes key operations available such as Login, Logout, Verify, Unlock, Reset Password and more.
 keywords: authentication, config, configuration, documentation, Content Management System, cms, headless, javascript, node, react, nextjs
 ---
 
-Enabling Authentication on a Collection automatically exposes additional auth-based operations in the Local, REST, and GraphQL APIs.
+Enabling [Authentication](./overview) on a [Collection](../configuration/collections) automatically exposes additional auth-based operations in the [Local API](../local-api/overview), [REST API](../rest-api/overview), and [GraphQL API](../graphql/overview).
 
 ## Access
 
-The Access operation returns what a logged in user can and can't do with the collections and globals that are registered via your config. This data can be immensely helpful if your app needs to show and hide certain features based on access control, as the [Admin Panel](../admin/overview) does.
+The Access operation returns what a logged in user can and can't do with the collections and globals that are registered via your config. This data can be immensely helpful if your app needs to show and hide certain features based on [Access Control](../access-control/overview), just as the [Admin Panel](../admin/overview) does.
 
 **REST API endpoint**:
 
@@ -308,7 +308,7 @@ Payload comes with built-in forgot password functionality. Submitting an email a
 
 The link to reset the user's password contains a token which is what allows the user to securely reset their password.
 
-By default, the Forgot Password operations send users to the [Admin Panel](../admin/overview) to reset their password, but you can customize the generated email to send users to the frontend of your app instead by [overriding the email HTML](/docs/authentication/config#forgot-password).
+By default, the Forgot Password operations send users to the [Admin Panel](../admin/overview) to reset their password, but you can customize the generated email to send users to the frontend of your app instead by [overriding the email HTML](/docs/authentication/overview#forgot-password).
 
 **Example REST API Forgot Password**:
 

docs/authentication/overview.mdx

@@ -11,38 +11,47 @@ keywords: authentication, config, configuration, overview, documentation, Conten
   title="Simplified Authentication for Headless CMS: Unlocking Reusability in One Line"
 />
 
-<Banner>
-  Payload provides for highly secure and customizable user Authentication out of the box, which
-  allows for users to identify themselves to Payload.
-</Banner>
+Authentication is a critical part of any application. Payload provides a secure, portable way to manage user accounts out of the box. Payload Authentication is designed to be used in both the [Admin Panel](../admin/overview), all well as your own external applications, completely eliminating the need for paid, third-party platforms and services.
 
-Authentication is used within the [Admin Panel](../admin/overview) itself as well as throughout your app(s) themselves however you determine necessary.
+Here are some common use cases of Authentication in your own applications:
+
+- Customer accounts for an e-commerce app
+- User accounts for a SaaS product
+- P2P apps or social sites where users need to log in and manage their profiles
+- Online games where players need to track their progress over time
+
+When Authentication is enabled on a [Collection](../configuration/collections), Payload injects all necessary functionality to support the entire user flow. This includes all [auth-related operations](./operations) like account creation, logging in and out, and resetting passwords, all [auth-related emails](./email) like email verification and password reset, as well as any necessary UI to manage users from the Admin Panel.
+
+To enable Authentication on a Collection, use the `auth` property in the [Collection Config](../configuration/collection#auth):
+
+```ts
+import { CollectionConfig } from 'payload'
+
+export const Users: CollectionConfig = {
+  // ...
+  auth: true, // highlight-line
+}
+```
 
 ![Authentication Admin Panel functionality](https://payloadcms.com/images/docs/auth-admin.jpg)
 _Admin Panel screenshot depicting an Admins Collection with Auth enabled_
 
-**Here are some common use cases of Authentication outside of Payload's dashboard itself:**
+## Config Options
 
-- Customer accounts for an ecommerce app
-- Customer accounts for a SaaS product
-- P2P app or social site where users need to log in and manage their profiles
-- Online game where players need to track their progress over time
+Any [Collection](../configuration/collections) can opt-in to supporting Authentication. Once enabled, each Document that is created within the Collection can be thought of as a "user". This enables a complete authentication workflow on your Collection, such as logging in and out, resetting their password, and more.
 
-By default, Payload provides you with a `User` collection that supports Authentication, which is used to access the [Admin Panel](../admin/overview). But, you can add support to one or many Collections of your own. For more information on how to customize, override, or remove the default `User` collection, [click here](/docs/admin/overview#the-admin-user-collection).
+<Banner type="warning">
+  <strong>Note:</strong>
+  By default, Payload provides an auth-enabled `User` Collection which is used to access the Admin Panel. [More details](../admin/overview#the-admin-user-collection).
+</Banner>
 
-## Enabling Auth on a collection
-
-Every Payload Collection can opt-in to supporting Authentication by specifying the `auth` property on the Collection's config to either `true` or to an object containing `auth` options.
-
-**For a full list of all `auth` options, [click here](/docs/authentication/config).**
-
-Simple example collection:
+To enable Authentication on a Collection, use the `auth` property in the [Collection Config](../configuration/collections):
 
 ```ts
 import { CollectionConfig } from 'payload'
 
 export const Admins: CollectionConfig = {
-  slug: 'admins',
+  // ...
   // highlight-start
   auth: {
     tokenExpiration: 7200, // How many seconds to keep the user logged in
@@ -52,53 +61,136 @@ export const Admins: CollectionConfig = {
     // More options are available
   },
   // highlight-end
-  fields: [
-    {
-      name: 'role',
-      type: 'select',
-      required: true,
-      options: ['user', 'admin', 'editor', 'developer'],
-    },
-  ],
 }
 ```
 
-**By enabling Authentication on a config, the following modifications will automatically be made to your Collection:**
+<Banner type="info">
+  <strong>Tip:</strong>
+  For default auth behavior, set `auth: true`. This is a good starting point for most applications.
+</Banner>
 
-1. `email` as well as password `salt` & `hash` fields will be added to your Collection's schema
-1. The [Admin Panel](../admin/overview) will feature a new set of corresponding UI to allow for changing password and editing email
-1. [A new set of `operations`](/docs/authentication/operations) will be exposed via Payload's REST, Local, and GraphQL APIs
+<Banner type="warning">
+  <strong>Note:</strong>
+  Auth-enabled Collections with be automatically injected with the `hash`, `salt`, and `email` fields. [More details](../fields/overview#field-names).
+</Banner>
 
-Once enabled, each document that is created within the Collection can be thought of as a `user` - who can make use of commonly required authentication functions such as logging in / out, resetting their password, and more.
+The following options are available:
 
-## Authentication Strategies
+| Option                     | Description                                                                                                                                                                                                                         |
+|----------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| **`cookies`**              | Set cookie options, including `secure`, `sameSite`, and `domain`. For advanced users.                                                                                                                                               |
+| **`depth`**                | How many levels deep a `user` document should be populated when creating the JWT and binding the `user` to the `req`. Defaults to `0` and should only be modified if absolutely necessary, as this will affect performance. |
+| **`disableLocalStrategy`** | Advanced - disable Payload's built-in local auth strategy. Only use this property if you have replaced Payload's auth mechanisms with your own.                                                                                     |
+| **`forgotPassword`**       | Customize the way that the `forgotPassword` operation functions. [More details](./email#forgot-password).                                                                                                             |
+| **`lockTime`**             | Set the time (in milliseconds) that a user should be locked out if they fail authentication more times than `maxLoginAttempts` allows for.                                                                                          |
+| **`loginWithUsername`**    | Ability to allow users to login with username/password. [More](/docs/authentication/overview#login-with-username)                                                                                                                     |
+| **`maxLoginAttempts`**     | Only allow a user to attempt logging in X amount of times. Automatically locks out a user from authenticating if this limit is passed. Set to `0` to disable.                                                                       |
+| **`strategies`**           | Advanced - an array of custom authentification strategies to extend this collection's authentication with. [More details](./custom-strategies).                                                                         |
+| **`tokenExpiration`**      | How long (in seconds) to keep the user logged in. JWTs and HTTP-only cookies will both expire at the same time.                                                                                                                     |
+| **`useAPIKey`**            | Payload Authentication provides for API keys to be set on each user within an Authentication-enabled Collection. [More details](./api-keys).                                                                       |
+| **`verify`**               | Set to `true` or pass an object with verification options to require users to verify by email before they are allowed to log into your app. [More details](./email#email-verification).                                  |
 
-Out of the box Payload ships with a few powerful authentication strategies. HTTP-Only Cookies, JWT's and API-Keys, they can work together or individually. You can also have multiple collections that have auth enabled, but only 1 of them can be used to log into the Admin Panel.
+### Login With Username
+
+You can allow users to login with their username instead of their email address by setting the `loginWithUsername` property to `true`.
+
+Example:
+
+```ts
+{
+  slug: 'customers',
+  auth: {
+    loginWithUsername: true,
+  },
+}
+```
+
+Or, you can pass an object with additional options:
+
+```ts
+{
+  slug: 'customers',
+  auth: {
+    loginWithUsername: {
+      allowEmailLogin: true, // default: false
+      requireEmail: false, // default: false
+    },
+  },
+}
+```
+
+**`allowEmailLogin`**
+
+If set to `true`, users can log in with either their username or email address. If set to `false`, users can only log in with their username.
+
+**`requireEmail`**
+
+If set to `true`, an email address is required when creating a new user. If set to `false`, email is not required upon creation.
+
+## Auto-Login
+
+For testing and demo purposes you may want to skip forcing the user to login in order to access your application. Typically, all users should be required to login, however, you can speed up local development time by enabling auto-login.
+
+To enable auto-login, set the `autoLogin` property in the [Admin Config](../configuration/admin):
+
+```ts
+import { buildConfig } from 'payload'
+
+export default buildConfig({
+  // ...
+  // highlight-start
+  autoLogin:
+    process.env.NEXT_PUBLIC_ENABLE_AUTOLOGIN === 'true'
+      ? {
+          email: 'test@example.com',
+          password: 'test',
+          prefillOnly: true,
+        }
+      : false,
+  // highlight-end
+})
+```
+
+<Banner type="warning">
+  <strong>Warning:</strong>
+  The recommended way to use this feature is behind an [Environment Variable](../configuration/environment-vars). This will ensure it is _disabled_ in production.
+</Banner>
+
+The following options are available:
+
+| Option            | Description                                                                                                     |
+|-------------------|-----------------------------------------------------------------------------------------------------------------|
+| **`username`**    | The username of the user to login as                                                                            |
+| **`email`**       | The email address of the user to login as                                                                       |
+| **`password`**    | The password of the user to login as. This is only needed if `prefillOnly` is set to true                       |
+| **`prefillOnly`** | If set to true, the login credentials will be prefilled but the user will still need to click the login button. |
+
+## Operations
+
+All auth-related operations are available via Payload's REST, Local, and GraphQL APIs. These operations are automatically added to your Collection when you enable Authentication. [More details](./operations).
+
+## Strategies
+
+Out of the box Payload ships with a three powerful Authentication strategies:
+
+- [HTTP-Only Cookies](./cookies)
+- [JSON Web Tokens (JWT)](./jwt)
+- [API-Keys](./api-keys)
+
+Each of these strategies can work together or independently. You can also create your own custom strategies to fit your specific needs. [More details](./custom-strategies).
 
 ### HTTP-Only Cookies
 
-HTTP-only cookies are a highly secure method of storing identifiable data on a user's device so that Payload can automatically recognize a returning user until their cookie expires. They are totally protected from common XSS attacks and <strong>cannot be read by JavaScript in the browser</strong>, unlike JWT's.
-
-You can learn more about this strategy from the [HTTP-Only Cookies](/docs/authentication/http-only-cookies) docs.
+[HTTP-only cookies](https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies) are a highly secure method of storing identifiable data on a user's device so that Payload can automatically recognize a returning user until their cookie expires. They are totally protected from common XSS attacks and <strong>cannot be read by JavaScript in the browser</strong>, unlike JWT's. [More details](./cookies).
 
 ### JSON Web Tokens
 
-JWT (JSON Web Tokens) can also be utilized to perform authentication. Tokens are generated on `login`, `refresh` and `me` operations and can be attached to future requests to authenticate users.
-
-You can learn more about this strategy from the [JWT](/docs/authentication/jwt) docs.
+JWT (JSON Web Tokens) can also be utilized to perform authentication. Tokens are generated on `login`, `refresh` and `me` operations and can be attached to future requests to authenticate users. [More details](./jwt).
 
 ### API Keys
 
-API Keys can be enabled on auth collections. These are particularly useful when you want to authenticate against Payload from a third party service.
-
-You can learn more about this strategy from the [API Keys](/docs/authentication/api-keys) docs.
+API Keys can be enabled on auth collections. These are particularly useful when you want to authenticate against Payload from a third party service. [More details](./api-keys).
 
 ### Custom Strategies
 
-There are cases where these may not be enough for your application. Payload is extendable by design so you can wire up your own strategy when you need to.
-
-You can learn more about custom strategies from the [Custom Strategies](/docs/authentication/custom-strategies) docs.
-
-## Logging in / out, resetting password, etc.
-
-[Click here](/docs/authentication/operations) for a list of all automatically-enabled Auth operations, including `login`, `logout`, `refresh`, and others.
+There are cases where these may not be enough for your application. Payload is extendable by design so you can wire up your own strategy when you need to. [More details](./custom-strategies).

docs/authentication/token-data.mdx

@@ -78,7 +78,7 @@ export const Users: CollectionConfig = {
 
 ### Using Token Data
 
-This is especially helful when writing hooks and access control that depend on user defined fields.
+This is especially helpful when writing [Hooks](../hooks/overview) and [Access Control](../access-control/overview) that depend on user defined fields.
 
 ```ts
 import type { CollectionConfig } from 'payload'

docs/cloud/projects.mdx

@@ -59,9 +59,7 @@ You can update settings from your Project’s Settings tab. Changes to your buil
 From the Environment Variables page of the Settings tab, you can add, update and delete variables for use in your project. Like build settings, these changes will trigger a redeployment of your project.
 
 <Banner>
-  Note: For security reasons, any variables you wish to provide to the [Admin Panel](../admin/overview) must be prefixed
-  with `PAYLOAD_PUBLIC_`.  Learn more
-  [here](../configuration/environment-vars).
+  Note: For security reasons, any variables you wish to provide to the [Admin Panel](../admin/overview) must be prefixed with `NEXT_PUBLIC_`. [More details](../configuration/environment-vars).
 </Banner>
 
 ## Custom Domains

docs/configuration/collections.mdx

@@ -6,9 +6,9 @@ desc: Structure your Collections for your needs by defining fields, adding slugs
 keywords: collections, config, configuration, documentation, Content Management System, cms, headless, javascript, node, react, nextjs
 ---
 
-A Collection is a group of records, called Documents, that all share a common schema. You can define as many Collections as your application needs. Each Collection saves to the [Database](../database/overview) based on the [Fields](../fields/overview) that you define, and automatically generates the [Local API](../local-api/overview), [REST API](../rest-api/overview), and [GraphQL API](../graphql/overview) to manage your Documents.
+A Collection is a group of records, called Documents, that all share a common schema. You can define as many Collections as your application needs. Each Document in a Collection is stored in the [Database](../database/overview) based on the [Fields](../fields/overview) that you define, and automatically generates a [Local API](../local-api/overview), [REST API](../rest-api/overview), and [GraphQL API](../graphql/overview) used to manage your Documents.
 
-Collections are also the primary way to achieve [Authentication](../authentication/overview) in Payload. By defining a Collection with `auth` options, that Collection receives additional operations to support user authentication.
+Collections are also used to achieve [Authentication](../authentication/overview) in Payload. By defining a Collection with `auth` options, that Collection receives additional operations to support user authentication.
 
 Collections are the primary way to structure recurring data in your application, such as users, products, pages, posts, and other types of content that you might want to manage. Each Collection can have its own unique [Access Control](../access-control/overview), [Hooks](../hooks/overview), [Admin Options](#admin-options), and more.
 
@@ -59,15 +59,15 @@ The following options are available:
 
 | Option                 | Description                                                                                                                                                                                                              |
 |------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| **`admin`**            | The configuration options for the Admin Panel. [More details](#admin-options).                                                                                                                                               |
-| **`access`**           | Provide access control functions to define exactly who should be able to do what with Documents in this Collection. [More details](../access-control/overview/#collections).                                                   |
-| **`auth`**             | Specify options if you would like this Collection to feature authentication. For more, consult the [Authentication](../authentication/config) documentation.                                                          |
+| **`admin`**            | The configuration options for the Admin Panel. [More details](../admin/collections).                                                                                                                                            |
+| **`access`**           | Provide Access Control functions to define exactly who should be able to do what with Documents in this Collection. [More details](../access-control/collections).                                                   |
+| **`auth`**             | Specify options if you would like this Collection to feature authentication. [More details](../authentication/overview).                                                          |
 | **`custom`**           | Extension point for adding custom data (e.g. for plugins)                                                                          |
 | **`disableDuplicate`** | When true, do not show the "Duplicate" button while editing documents within this Collection and prevent `duplicate` from all APIs.                                                                                      |
 | **`defaultSort`**      | Pass a top-level field to sort by default in the Collection List View. Prefix the name of the field with a minus symbol ("-") to sort in descending order.                                                               |
 | **`dbName`**      | Custom table or Collection name depending on the Database Adapter. Auto-generated from slug if not defined. |
 | **`endpoints`**        | Add custom routes to the REST API. Set to `false` to disable routes. [More details](../rest-api/overview#custom-endpoints).                                                                                                    |
-| **`fields`** \*        | Array of field types that will determine the structure and functionality of the data stored within this Collection. [Click here](../fields/overview) for a full list of field types as well as how to configure them. |
+| **`fields`** \*        | Array of field types that will determine the structure and functionality of the data stored within this Collection. [More details](../fields/overview). |
 | **`graphQL`**          | An object with `singularName` and `pluralName` strings used in schema generation. Auto-generated from slug if not defined. Set to `false` to disable GraphQL.                                                            |
 | **`hooks`**            | Entry point for Hooks. [More details](../hooks/overview#collection-hooks).                                                                                                         |
 | **`labels`**           | Singular and plural labels for use in identifying this Collection throughout Payload. Auto-generated from slug if not defined.                                                                                           |
@@ -85,153 +85,22 @@ Fields define the schema of the Documents within a Collection. To learn more, go
 
 ### Access Control
 
-Access Control determines what a user can and cannot do with any given Document. To learn more, go to the [Access Control](../access-control/overview) docs.
+[Collection Access Control](../access-control/overview) determines what a user can and cannot do with any given Document within a Collection. To learn more, go to the [Access Control](../access-control/overview) documentation.
 
 ### Hooks
 
-Hooks allow you to tie into the lifecycle of your Documents so you can execute your own logic during specific events. To learn more, go to the [Hooks](../hooks/overview) documentation.
+[Collection Hooks](../hooks/collections) allow you to tie into the lifecycle of your Documents so you can execute your own logic during specific events. To learn more, go to the [Hooks](../hooks/overview) documentation.
 
 ### Admin Options
 
-You can customize the way that the [Admin Panel](../admin/overview) behaves on a Collection-by-Collection basis.
-
-To configure Admin Options for Collections, use the `admin` property in your Collection Config:
-
-```ts
-import { CollectionConfig } from 'payload'
-
-export const Posts: CollectionConfig = {
-  // ...
-  admin: { // highlight-line
-    // ...
-  },
-}
-```
-
-The following options are available:
-
-| Option                       | Description                                                                                                                                                                                           |
-| ---------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| **`group`**                      | Text used as a label for grouping Collection and Global links together in the navigation.                                                                                                             |
-| **`hidden`**                     | Set to true or a function, called with the current user, returning true to exclude this Collection from navigation and admin routing.                                                                 |
-| **`hooks`**                      | Admin-specific hooks for this Collection. [More details](#admin-hooks).                                                                                                                                        |
-| **`useAsTitle`**                 | Specify a top-level field to use for a document title throughout the [Admin Panel](../admin/overview). If no field is defined, the ID of the document is used as the title.                                                |
-| **`description`**                | Text or React component to display below the Collection label in the List View to give editors more information.                                                                                      |
-| **`defaultColumns`**             | Array of field names that correspond to which columns to show by default in this Collection's List View.                                                                                              |
-| **`hideAPIURL`**                 | Hides the "API URL" meta field while editing documents within this Collection.                                                                                                                        |
-| **`enableRichTextLink`**         | The [Rich Text](../fields/rich-text) field features a `Link` element which allows for users to automatically reference related documents within their rich text. Set to `true` by default.         |
-| **`enableRichTextRelationship`** | The [Rich Text](../fields/rich-text) field features a `Relationship` element which allows for users to automatically reference related documents within their rich text. Set to `true` by default. |
-| **`meta`**                       | Metadata overrides to apply to the [Admin Panel](../admin/overview). Included properties are `description` and `openGraph`.                                                                           |
-| **`preview`**                    | Function to generate preview URLs within the [Admin Panel](../admin/overview) that can point to your app. [More details](#preview).                                                                                                |
-| **`livePreview`**                | Enable real-time editing for instant visual feedback of your front-end application. [More details](../live-preview/overview).                                                                              |
-| **`components`**                 | Swap in your own React components to be used within this Collection. [More details](../admin/components#collections).                                                                                       |
-| **`listSearchableFields`**       | Specify which fields should be searched in the List search view. [More details](#list-searchable-fields).                                                                                                      |
-| **`pagination`**             | Set pagination-specific options for this Collection. [More details](#pagination).                                                                                                                              |
-
-#### Preview
-
-It is possible to display a Preview Button in the Admin Panel within the Edit View. This will allow editors to visit the frontend of your app the corresponds to the document they are actively editing. This way they can preview the latest, potentially unpublished changes.
-
-To configure the Preview Button, set the `admin.preview` property to a function in your Collection Config:
-
-```ts
-import { CollectionConfig } from 'payload'
-
-export const Posts: CollectionConfig = {
-  // ...
-  admin: {
-    // highlight-start
-    preview: (doc, { locale }) => {
-      if (doc?.slug) {
-        return `/${doc.slug}?locale=${locale}`
-      }
-
-      return null
-    },
-    // highlight-end
-  },
-}
-```
-
-The preview function receives two arguments:
-
-| Argument | Description |
-| --- | --- |
-| **`doc`** | The document being edited |
-| **`ctx`** | An object containing `locale` and `token` properties. The `token` is the currently logged-in user's JWT. |
-
-<Banner type="success">
-  <strong>Reminder:</strong>
-  For fully working example of this, check of the official [Draft Preview Example](https://github.com/payloadcms/payload/tree/main/examples/draft-preview) in the [Examples Directory](https://github.com/payloadcms/payload/tree/main/examples).
-</Banner>
-
-#### Pagination
-
-All Collections receive their own List View which displays a paginated list of documents that can be sorted and filtered. The pagination behavior of the List View can be customized on a per-Collection basis.
-
-To configure pagination options, use the `admin.pagination` property in your Collection Config:
-
-```ts
-import { CollectionConfig } from 'payload'
-
-export const Posts: CollectionConfig = {
-  // ...
-  admin: {
-    // highlight-start
-    pagination: {
-      defaultLimit: 10,
-      limits: [10, 20, 50],
-    },
-    // highlight-end
-  },
-}
-```
-
-The following options are available:
-
-| Option         | Description                                                                                         |
-| -------------- | --------------------------------------------------------------------------------------------------- |
-| `defaultLimit` | Integer that specifies the default per-page limit that should be used. Defaults to 10.              |
-| `limits`       | Provide an array of integers to use as per-page options for admins to choose from in the List View. |
-
-#### List Searchable Fields
-
-In the List View, there is a "search" box that allows you to quickly find a document through a simple text search. By default, it searches on the ID field. If defined, the `admin.useAsTitle` field is used. Or, you can explicitly define which fields to search based on the needs of your application.
-
-To define which fields should be searched, use the `admin.listSearchableFields` property in your Collection Config:
-
-```ts
-import { CollectionConfig } from 'payload'
-
-export const Posts: CollectionConfig = {
-  // ...
-  admin: {
-    // highlight-start
-    listSearchableFields: ['title', 'slug'],
-    // highlight-end
-  },
-}
-```
-
-<Banner type="warning">
-  <strong>Tip:</strong>
-  If you are adding `listSearchableFields`, make sure you index each of these fields so your admin queries can remain performant.
-</Banner>
+You can customize the way that the [Admin Panel](../admin/overview) behaves on a Collection-by-Collection basis. To learn more, go to the [Collection Admin Options](../admin/collections) documentation.
 
 ## TypeScript
 
-You can import Collection types as follows:
+You can import types from Payload to help make writing your Collection configs easier and type-safe. There are two main types that represent the Collection Config, `CollectionConfig` and `SanitizeCollectionConfig`.
+
+The `CollectionConfig` type represents a raw Collection Config in its full form, where only the bare minimum properties are marked as required. The `SanitizedCollectionConfig` type represents a Collection Config after it has been fully sanitized. Generally, this is only used internally by Payload.
 
 ```ts
-import { CollectionConfig } from 'payload'
-
-// This is the type used for incoming Collection configs.
-// Only the bare minimum properties are marked as required.
-```
-
-```ts
-import { SanitizedCollectionConfig } from 'payload'
-
-// This is the type used after an incoming Collection config is fully sanitized.
-// Generally, this is only used internally by Payload.
+import { CollectionConfig, SanitizedCollectionConfig } from 'payload'
 ```

docs/configuration/environment-vars.mdx

@@ -7,9 +7,11 @@ desc: Learn how to use Environment Variables in your Payload project
 
 Environment Variables are a way to store sensitive information that your application needs to function. This could be anything from API keys to [Database](../database/overview) credentials. Payload allows you to easily use Environment Variables within your config and throughout your application.
 
-If you are using Next.js, no additional setup is required other than creating your `.env` file. Otherwise, you can use the `dotenv` package to load your Environment Variables into `process.env`. [More details](#outside-of-nextjs).
+## Next.js Applications
 
-Environment Variables are typically stored in an `.env` file at the root of your project:
+If you are using Next.js, no additional setup is required other than creating your `.env` file.
+
+To use Environment Variables, add a `.env` file to the root of your project:
 
 ```plaintext
 project-name/

docs/configuration/globals.mdx

@@ -6,7 +6,7 @@ desc: Set up your Global config for your needs by defining fields, adding slugs
 keywords: globals, config, configuration, documentation, Content Management System, cms, headless, javascript, node, react, nextjs
 ---
 
-Globals are in many ways similar to [Collections](../configuration/collections), except they correspond to only a single Document. You can define as many Globals as your application needs. Each Global saves to the [Database](../database/overview) based on the [Fields](../fields/overview) that you define, and automatically generates the [Local API](../local-api/overview), [REST API](../rest-api/overview), and [GraphQL API](../graphql/overview) to manage your Documents.
+Globals are in many ways similar to [Collections](../configuration/collections), except they correspond to only a single Document. You can define as many Globals as your application needs. Each Global Document is stored in the [Database](../database/overview) based on the [Fields](../fields/overview) that you define, and automatically generates a [Local API](../local-api/overview), [REST API](../rest-api/overview), and [GraphQL API](../graphql/overview) used to manage your Documents.
 
 Globals are the primary way to structure singletons in Payload, such as a header navigation, site-wide banner alerts, or app-wide localized strings. Each Global can have its own unique [Access Control](../access-control/overview), [Hooks](../hooks/overview), [Admin Options](#admin-options), and more.
 
@@ -67,13 +67,13 @@ The following options are available:
 
 | Option             | Description                                                                                                                                                                                                          |
 | ------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| **`access`**       | Provide access control functions to define exactly who should be able to do what with this Global. [More details](../access-control/overview/#globals).                                                                    |
-| **`admin`**        | The configuration options for the Admin Panel. [More details](#admin-options).                                                                           |
+| **`access`**       | Provide Access Control functions to define exactly who should be able to do what with this Global. [More details](../access-control/globals).                                                                    |
+| **`admin`**        | The configuration options for the Admin Panel. [More details](../admin/globals).                                                                           |
 | **`custom`**       | Extension point for adding custom data (e.g. for plugins)                                                                                                                                                            |
 | **`dbName`**       | Custom table or collection name for this Global depending on the Database Adapter. Auto-generated from slug if not defined. |
 | **`description`**  | Text or React component to display below the Global header to give editors more information.                                                                                                                         |
 | **`endpoints`**    | Add custom routes to the REST API. [More details](../rest-api/overview#custom-endpoints).                                                                                                                                  |
-| **`fields`** \*    | Array of field types that will determine the structure and functionality of the data stored within this Global. [Click here](../fields/overview) for a full list of field types as well as how to configure them. |
+| **`fields`** \*    | Array of field types that will determine the structure and functionality of the data stored within this Global. [More details](../fields/overview). |
 | **`graphQL.name`** | Text used in schema generation. Auto-generated from slug if not defined.                                                                                                                          |
 | **`hooks`**        | Entry point for Hooks. [More details](../hooks/overview#global-hooks).  |
 | **`label`**        | Text for the name in the Admin Panel or an object with keys for each language. Auto-generated from slug if not defined.                                                                                                                                                                                      |
@@ -89,92 +89,22 @@ Fields define the schema of the Global. To learn more, go to the [Fields](../fie
 
 ### Access Control
 
-Access Control determines what a user can and cannot do with any given Document. To learn more, go to the [Access Control](../access-control/overview) docs.
+[Global Access Control](../access-control/globals) determines what a user can and cannot do with any given Global Document. To learn more, go to the [Access Control](../access-control/overview) documentation.
 
 ### Hooks
 
-Hooks allow you to tie into the lifecycle of your Documents so you can execute your own logic during specific events. To learn more, go to the [Hooks](../hooks/overview) documentation.
+[Global Hooks](../hooks/globals) allow you to tie into the lifecycle of your Documents so you can execute your own logic during specific events. To learn more, go to the [Hooks](../hooks/overview) documentation.
 
 ### Admin Options
 
-You can customize the way that the [Admin Panel](../admin/overview) behaves on a Global-by-Global basis.
-
-To configure Admin Options for Globals, use the `admin` property in your Global Config:
-
-```ts
-import { GlobalConfig } from 'payload'
-
-const MyGlobal: GlobalConfig = {
-  // ...
-  admin: { // highlight-line
-    // ...
-  },
-}
-```
-
-The following options are available:
-
-| Option        | Description                                                                                                                       |
-| ------------- | --------------------------------------------------------------------------------------------------------------------------------- |
-| **`group`**       | Text used as a label for grouping Collection and Global links together in the navigation.                                         |
-| **`hidden`**      | Set to true or a function, called with the current user, returning true to exclude this Global from navigation and admin routing. |
-| **`components`**  | Swap in your own React components to be used within this Global. [More details](../admin/components#globals).                           |
-| **`preview`**     | Function to generate a preview URL within the [Admin Panel](../admin/overview) for this Global that can point to your app. [More details](#preview).           |
-| **`livePreview`** | Enable real-time editing for instant visual feedback of your front-end application. [More details](../live-preview/overview).          |
-| **`hideAPIURL`**  | Hides the "API URL" meta field while editing documents within this collection.                                                    |
-| **`meta`**        | Metadata overrides to apply to the [Admin Panel](../admin/overview). Included properties are `description` and `openGraph`.       |
-
-#### Preview
-
-It is possible to display a Preview Button in the Admin Panel within the Edit View. This will allow editors to visit the frontend of your app the corresponds to the document they are actively editing. This way they can preview the latest, potentially unpublished changes.
-
-To configure the Preview Button, set the `admin.preview` property to a function in your Global Config:
-
-```ts
-import { GlobalConfig } from 'payload'
-
-export const MainMenu: GlobalConfig = {
-  // ...
-  admin: {
-    // highlight-start
-    preview: (doc, { locale }) => {
-      if (doc?.slug) {
-        return `/${doc.slug}?locale=${locale}`
-      }
-
-      return null
-    },
-    // highlight-end
-  },
-}
-```
-
-The preview function receives two arguments:
-
-| Argument | Description |
-| --- | --- |
-| **`doc`** | The document being edited |
-| **`ctx`** | An object containing `locale` and `token` properties. The `token` is the currently logged-in user's JWT. |
-
-<Banner type="success">
-  <strong>Reminder:</strong>
-  For fully working example of this, check of the official [Draft Preview Example](https://github.com/payloadcms/payload/tree/main/examples/draft-preview) in the [Examples Directory](https://github.com/payloadcms/payload/tree/main/examples).
-</Banner>
+You can customize the way that the [Admin Panel](../admin/overview) behaves on a Global-by-Global basis. To learn more, go to the [Global Admin Options](../admin/globals) documentation.
 
 ## TypeScript
 
-You can import Global types as follows:
+You can import types from Payload to help make writing your Global configs easier and type-safe. There are two main types that represent the Global Config, `GlobalConfig` and `SanitizeGlobalConfig`.
+
+The `GlobalConfig` type represents a raw Global Config in its full form, where only the bare minimum properties are marked as required. The `SanitizedGlobalConfig` type represents a Global Config after it has been fully sanitized. Generally, this is only used internally by Payload.
 
 ```ts
-import { GlobalConfig } from 'payload'
-
-// This is the type used for incoming Global configs.
-// Only the bare minimum properties are marked as required.
-```
-
-```ts
-import { SanitizedGlobalConfig } from 'payload'
-
-// This is the type used after an incoming Global config is fully sanitized.
-// Generally, this is only used internally by Payload.
+import { GlobalConfig, SanitizedGlobalConfig } from 'payload'
 ```

docs/configuration/overview.mdx

@@ -58,56 +58,56 @@ export default buildConfig({
 ```
 
 <Banner type="success">
-  <strong>Reminder:</strong>
+  <strong>Note:</strong>
   For a more complex example, see the [Public Demo](https://github.com/payloadcms/public-demo) source code on GitHub, or the [Templates](https://github.com/payloadcms/payload/tree/main/templates) and [Examples](https://github.com/payloadcms/payload/tree/main/examples) directories in the Payload repository.
 </Banner>
 
 The following options are available:
 
-| Option                 | Description                                                                                                                                                                        |
-| ---------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| **`admin`**                | The configuration options for the Admin Panel, including Custom Components, Live Preview, etc. [More details](../admin/overview#admin-options). |
-| **`bin`**                  | Register custom bin scripts with the `payload` bin function. |
-| **`editor`**               | The Rich Text Editor which will be used by `richText` fields. [More details](../rich-text/overview). |
-| **`db`** \*                | The Database Adapter which will be used by Payload. [More details](../database/overview). |
-| **`serverURL`**            | A string used to define the absolute URL of your app including the protocol, for example `https://example.com`. No paths allowed, only protocol, domain and (optionally) port |
-| **`collections`**          | An array of Collections for Payload to manage. [More details](./collections). |
-| **`globals`**              | An array of Globals for Payload to manage. [More details](./globals). |
-| **`cors`**                 | Either a whitelist array of URLS to allow CORS requests from, or a wildcard string (`'*'`) to accept incoming requests from any domain. |
-| **`localization`**         | Opt-in and control how Payload handles the translation of your content into multiple locales. [More details](./localization). |
-| **`graphQL`**              | Manage GraphQL-specific functionality, including custom queries and mutations, query complexity limits, etc. [More details](../graphql/overview#graphql-options). |
-| **`cookiePrefix`**         | A string that will be prefixed to all cookies that Payload sets. |
-| **`csrf`**                 | A whitelist array of URLs to allow Payload cookies to be accepted from as a form of CSRF protection. [More details](../authentication/overview#csrf-protection). |
-| **`defaultDepth`**         | If a user does not specify `depth` while requesting a resource, this depth will be used. [More details](../queries/depth). |
-| **`defaultMaxTextLength`** | The maximum allowed string length to be permitted application-wide. Helps to prevent malicious public document creation. |
-| **`maxDepth`**             | The maximum allowed depth to be permitted application-wide. This setting helps prevent against malicious queries. Defaults to `10`. |
-| **`indexSortableFields`**  | Automatically index all sortable top-level fields in the database to improve sort performance and add database compatibility for Azure Cosmos and similar. |
-| **`upload`**               | Base Payload upload configuration. [More details](../upload/overview#payload-wide-upload-options). |
-| **`routes`**               | Control the routing structure that Payload binds itself to. Specify `admin`, `api`, `graphQL`, and `graphQLPlayground`. [More details](../admin/overview#root-level-routes). |
-| **`email`**                | Configure the Email Adapter for Payload to use. [More details](../email/overview). |
-| **`debug`**                | Enable to expose more detailed error information. |
-| **`telemetry`**            | Disable Payload telemetry by passing `false`. [More details](#telemetry). |
-| **`rateLimit`**            | Control IP-based rate limiting for all Payload resources. Used to prevent DDoS attacks, etc. [More details](../production/preventing-abuse#rate-limiting-requests). |
-| **`hooks`**                | Tap into Payload-wide hooks. [More details](../hooks/overview). |
-| **`plugins`**              | An array of Payload plugins. [More details](../plugins/overview). |
-| **`endpoints`**            | An array of custom API endpoints added to the Payload router. [More details](../rest-api/overview#custom-endpoints). |
-| **`custom`**               | Extension point for adding custom data (e.g. for plugins). |
-| **`i18n`**                 | Internationalization configuration. Pass all i18n languages you'd like the admin UI to support. Defaults to English-only. [More details](./i18n). |
-| **`secret`** \*            | A secure, unguessable string that Payload will use for any encryption workflows - for example, password salt / hashing. |
-| **`sharp`**                | If you would like Payload to offer cropping, focal point selection, and automatic media resizing, install and pass the Sharp module to the config here. |
-| **`typescript`**           | Configure TypeScript settings here. [More details](#typescript). |
+| Option                     | Description                                                                                                                                                                                    |
+|----------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| **`admin`**                | The configuration options for the Admin Panel, including Custom Components, Live Preview, etc. [More details](../admin/overview#admin-options).                                                |
+| **`bin`**                  | Register custom bin scripts for Payload to execute.                                                                                                                                            |
+| **`editor`**               | The Rich Text Editor which will be used by `richText` fields. [More details](../rich-text/overview).                                                                                           |
+| **`db`** \*                | The Database Adapter which will be used by Payload. [More details](../database/overview).                                                                                                      |
+| **`serverURL`**            | A string used to define the absolute URL of your app. This includes the protocol, for example `https://example.com`. No paths allowed, only protocol, domain and (optionally) port.            |
+| **`collections`**          | An array of Collections for Payload to manage. [More details](./collections).                                                                                                                  |
+| **`globals`**              | An array of Globals for Payload to manage. [More details](./globals).                                                                                                                          |
+| **`cors`**                 | Cross-origin resource sharing (CORS) is a mechanism that accept incoming requests from given domains. You can also customize the `Access-Control-Allow-Headers` header. [More details](#cors). |
+| **`localization`**         | Opt-in to translate your content into multiple locales. [More details](./localization).                                                                                                        |
+| **`graphQL`**              | Manage GraphQL-specific functionality, including custom queries and mutations, query complexity limits, etc. [More details](../graphql/overview#graphql-options).                              |
+| **`cookiePrefix`**         | A string that will be prefixed to all cookies that Payload sets.                                                                                                                               |
+| **`csrf`**                 | A whitelist array of URLs to allow Payload to accept cookies from. [More details](../authentication/overview#csrf-protection).                                                                 |
+| **`defaultDepth`**         | If a user does not specify `depth` while requesting a resource, this depth will be used. [More details](../queries/depth).                                                                     |
+| **`defaultMaxTextLength`** | The maximum allowed string length to be permitted application-wide. Helps to prevent malicious public document creation.                                                                       |
+| **`maxDepth`**             | The maximum allowed depth to be permitted application-wide. This setting helps prevent against malicious queries. Defaults to `10`. [More details](../queries/depth).                          |
+| **`indexSortableFields`**  | Automatically index all sortable top-level fields in the database to improve sort performance and add database compatibility for Azure Cosmos and similar.                                     |
+| **`upload`**               | Base Payload upload configuration. [More details](../upload/overview#payload-wide-upload-options).                                                                                             |
+| **`routes`**               | Control the routing structure that Payload binds itself to. [More details](../admin/overview#root-level-routes).                                                                               |
+| **`email`**                | Configure the Email Adapter for Payload to use. [More details](../email/overview).                                                                                                             |
+| **`debug`**                | Enable to expose more detailed error information.                                                                                                                                              |
+| **`telemetry`**            | Disable Payload telemetry by passing `false`. [More details](#telemetry).                                                                                                                      |
+| **`rateLimit`**            | Control IP-based rate limiting for all Payload resources. Used to prevent DDoS attacks, etc. [More details](../production/preventing-abuse#rate-limiting-requests).                            |
+| **`hooks`**                | An array of Root Hooks. [More details](../hooks/overview).                                                                                                                                     |
+| **`plugins`**              | An array of Plugins. [More details](../plugins/overview).                                                                                                                                      |
+| **`endpoints`**            | An array of Custom Endpoints added to the Payload router. [More details](../rest-api/overview#custom-endpoints).                                                                               |
+| **`custom`**               | Extension point for adding custom data (e.g. for plugins).                                                                                                                                     |
+| **`i18n`**                 | Internationalization configuration. Pass all i18n languages you'd like the admin UI to support. Defaults to English-only. [More details](./i18n).                                              |
+| **`secret`** \*            | A secure, unguessable string that Payload will use for any encryption workflows - for example, password salt / hashing.                                                                        |
+| **`sharp`**                | If you would like Payload to offer cropping, focal point selection, and automatic media resizing, install and pass the Sharp module to the config here.                                        |
+| **`typescript`**           | Configure TypeScript settings here. [More details](#typescript).                                                                                                                               |
 
 _\* An asterisk denotes that a property is required._
 
 <Banner type="warning">
-  <strong>Reminder:</strong>
+  <strong>Note:</strong>
   Some properties are removed from the client-side bundle. [More details](../admin/components#accessing-the-payload-config).
 </Banner>
 
 
-### TypeScript
+### Typescript Config
 
-Payload exposes a variety of TypeScript settings that you can leverage. These settings are used to auto-generate TypeScript interfaces for your Collections and Globals, and to ensure that Payload uses your [Generated Types](../typescript/overview) for all Local API methods.
+Payload exposes a variety of TypeScript settings that you can leverage. These settings are used to auto-generate TypeScript interfaces for your [Collections](../configuration/collections) and [Globals](../configuration/globals), and to ensure that Payload uses your [Generated Types](../typescript/overview) for all [Local API](../local-api/overview) methods.
 
 To customize the TypeScript settings, use the `typescript` property in your Payload Config:
 
@@ -130,39 +130,59 @@ The following options are available:
 | **`declare`**     | By default, Payload adds a `declare` block to your generated types, which makes sure that Payload uses your generated types for all Local API methods. Opt out by setting `typescript.declare: false`. |
 | **`outputFile`**  | Control the output path and filename of Payload's auto-generated types by defining the `typescript.outputFile` property to a full, absolute path. |
 
-#### Importing Payload Config types
-
-You can import config types as follows:
-
-```ts
-import { Config } from 'payload'
-
-// This is the type used for an incoming Payload Config.
-// Only the bare minimum properties are marked as required.
-```
-
-```ts
-import { SanitizedConfig } from 'payload'
-
-// This is the type used after an incoming Payload Config is fully sanitized.
-// Generally, this is only used internally by Payload.
-```
-
 ## Config Location
 
-For Payload command-line scripts, we need to be able to locate your Payload Config. We'll check a variety of locations for the presence of `payload.config.ts` by default, including the root current working directory, your `tsconfig`'s `rootDir`, and your `tsconfig`'s `outDir`.
+For Payload command-line scripts, we need to be able to locate your Payload Config. We'll check a variety of locations for the presence of `payload.config.ts` by default, including:
 
-In development mode, if the configuration file is not found at the root, Payload will attempt to read your `tsconfig.json`, and search in the directory specified in `compilerOptions.rootDir` (typically "src").
+1. The root current working directory
+1. The `compilerOptions` in your `tsconfig`*
+1. The `dist` directory*
 
-In production mode, Payload will first attempt to find the config file in the output directory specified in `compilerOptions.outDir` of your `tsconfig.json`, then fallback to the source directory (`compilerOptions.rootDir`), and finally will check the 'dist' directory.
+_\* Config location detection is different between development and production environments. See below for more details._
 
-Please ensure your `tsconfig.json` is properly configured if you want Payload to accurately auto-detect your configuration file location. If `tsconfig.json` does not exist or doesn't specify `rootDir` or `outDir`, Payload will default to the current working directory.
+<Banner type="warning">
+  <strong>Important:</strong>
+  Ensure your `tsconfig.json` is properly configured for Payload to auto-detect your config location. If if does not exist, or does not specify the proper `compilerOptions`, Payload will default to the current working directory.
+</Banner>
+
+**Development Mode**
+
+In development mode, if the configuration file is not found at the root, Payload will attempt to read your `tsconfig.json`, and attempt to find the config file specified in the `rootDir`:
+
+```json
+{
+  // ...
+  // highlight-start
+  "compilerOptions": {
+    "rootDir": "src"
+  }
+  // highlight-end
+}
+```
+
+**Production Mode**
+
+In production mode, Payload will first attempt to find the config file in the `outDir` of your `tsconfig.json`, and if not found, will fallback to the `rootDor` directory:
+
+```json
+{
+  // ...
+  // highlight-start
+  "compilerOptions": {
+    "outDir": "dist",
+    "rootDir": "src"
+  }
+  // highlight-end
+}
+```
+
+If none was in either location, Payload will finally check the `dist` directory.
 
 ### Customizing the Config Location
 
-In addition to the above automated detection, you can specify your own location for the Payload Config. This is done by using the environment variable `PAYLOAD_CONFIG_PATH`. The path you provide via this environment variable can either be absolute or relative to your current working directory. This can be useful in situations where your Payload Config is not in a standard location, or you wish to switch between multiple configurations.
+In addition to the above automated detection, you can specify your own location for the Payload Config. This can be useful in situations where your config is not in a standard location, or you wish to switch between multiple configurations. To do this, Payload exposes an [Environment Variable](..environment-variables) to bypass all automatic config detection.
 
-**Example in package.json:**
+To use a custom config location, set the `PAYLOAD_CONFIG_PATH` environment variable:
 
 ```json
 {
@@ -172,10 +192,59 @@ In addition to the above automated detection, you can specify your own location
 }
 ```
 
-When `PAYLOAD_CONFIG_PATH` is set, Payload will use this path to load the configuration, bypassing all automated detection.
+<Banner type="info">
+  <strong>Tip:</strong>
+  `PAYLOAD_CONFIG_PATH` can be either an absolute path, or path relative to your current working directory.
+</Banner>
 
 ## Telemetry
 
 Payload collects **completely anonymous** telemetry data about general usage. This data is super important to us and helps us accurately understand how we're growing and what we can do to build the software into everything that it can possibly be. The telemetry that we collect also help us demonstrate our growth in an accurate manner, which helps us as we seek investment to build and scale our team. If we can accurately demonstrate our growth, we can more effectively continue to support Payload as free and open-source software. To opt out of telemetry, you can pass `telemetry: false` within your Payload Config.
 
 For more information about what we track, take a look at our [privacy policy](/privacy).
+
+## Cross-origin resource sharing (CORS)
+
+Cross-origin resource sharing (CORS) can be configured with either a whitelist array of URLS to allow CORS requests from, a wildcard string (`*`) to accept incoming requests from any domain, or a object with the following properties:
+
+| Option    | Description                                                                                                                                                                        |
+| --------- | --------------------------------------------------------------------------------------------------------------------------------------- |
+| **`origins`** | Either a whitelist array of URLS to allow CORS requests from, or a wildcard string (`'*'`) to accept incoming requests from any domain. |
+| **`headers`**  | A list of allowed headers that will be appended in `Access-Control-Allow-Headers`. |
+
+Here's an example showing how to allow incoming requests from any domain:
+
+```ts
+import { buildConfig } from 'payload/config'
+
+export default buildConfig({
+  // ...
+  cors: '*' // highlight-line
+})
+```
+
+Here's an example showing how to append a new header (`x-custom-header`) in `Access-Control-Allow-Headers`:
+
+```ts
+import { buildConfig } from 'payload/config'
+
+export default buildConfig({
+  // ...
+  // highlight-start
+  cors: {
+    origins: ['http://localhost:3000']
+    headers: ['x-custom-header']
+  }
+  // highlight-end
+})
+```
+
+## TypeScript
+
+You can import types from Payload to help make writing your config easier and type-safe. There are two main types that represent the Payload Config, `Config` and `SanitizedConfig`.
+
+The `Config` type represents a raw Payload Config in its full form. Only the bare minimum properties are marked as required. The `SanitizedConfig` type represents a Payload Config after it has been fully sanitized. Generally, this is only used internally by Payload.
+
+```ts
+import { Config, SanitizedConfig } from 'payload'
+```

docs/email/overview.mdx

@@ -10,7 +10,7 @@ keywords: email, overview, config, configuration, documentation, Content Managem
 
 Payload has a few email adapters that can be imported to enable email functionality. The [@payloadcms/email-nodemailer](https://www.npmjs.com/package/@payloadcms/email-nodemailer) package will be the package most will want to install. This package provides an easy way to use [Nodemailer](https://nodemailer.com) for email and won't get in your way for those already familiar.
 
-The email adapter should be passed into the `email` property of the Payload Config. This will allow Payload to send emails for things like password resets, new user verification, and any other email sending needs you may have.
+The email adapter should be passed into the `email` property of the Payload Config. This will allow Payload to send [auth-related emails](../authentication/email) for things like password resets, new user verification, and any other email sending needs you may have.
 
 ## Configuration
 

docs/fields/array.mdx

@@ -34,9 +34,9 @@ keywords: array, fields, config, configuration, documentation, Content Managemen
 | **`validate`**         | Provide a custom validation function that will be executed on both the [Admin Panel](../admin/overview) and the backend. [More](/docs/fields/overview#validation)                                                                                                                                       |
 | **`minRows`**          | A number for the fewest allowed items during validation when a value is present.                                                                                                                                                                                                   |
 | **`maxRows`**          | A number for the most allowed items during validation when a value is present.                                                                                                                                                                                                     |
-| **`saveToJWT`**        | If this field is top-level and nested in a config supporting [Authentication](/docs/authentication/config), include its data in the user JWT.                                                                                                                                      |
-| **`hooks`**            | Provide field-based hooks to control logic for this field. [More](/docs/fields/overview#field-level-hooks)                                                                                                                                                                         |
-| **`access`**           | Provide field-based access control to denote what users can see and do with this field's data. [More](/docs/fields/overview#field-level-access-control)                                                                                                                            |
+| **`saveToJWT`**        | If this field is top-level and nested in a config supporting [Authentication](/docs/authentication/overview), include its data in the user JWT.                                                                                                                                      |
+| **`hooks`**            | Provide Field Hooks to control logic for this field. [More details](../hooks/fields).                                                                                                                                                                         |
+| **`access`**           | Provide Field Access Control to denote what users can see and do with this field's data. [More details](../access-control/fields).                                                                                                                                                  |
 | **`hidden`**           | Restrict this field's visibility from all APIs entirely. Will still be saved to the database, but will not appear in any API or the Admin Panel.                                                                                                                                   |
 | **`defaultValue`**     | Provide an array of row data to be used for this field's default value. [More](/docs/fields/overview#default-values)                                                                                                                                                               |
 | **`localized`**        | Enable localization for this field. Requires [localization to be enabled](/docs/configuration/localization) in the Base config. If enabled, a separate, localized set of all data within this Array will be kept, so there is no need to specify each nested field as `localized`. |

docs/fields/blocks.mdx

@@ -36,9 +36,9 @@ keywords: blocks, fields, config, configuration, documentation, Content Manageme
 | **`validate`**         | Provide a custom validation function that will be executed on both the Admin Panel and the backend. [More](/docs/fields/overview#validation)                                                                                                                                       |
 | **`minRows`**          | A number for the fewest allowed items during validation when a value is present.                                                                                                                                                                                                   |
 | **`maxRows`**          | A number for the most allowed items during validation when a value is present.                                                                                                                                                                                                     |
-| **`saveToJWT`**        | If this field is top-level and nested in a config supporting [Authentication](/docs/authentication/config), include its data in the user JWT.                                                                                                                                      |
-| **`hooks`**            | Provide field-level hooks to control logic for this field. [More](/docs/fields/overview#field-level-hooks)                                                                                                                                                                         |
-| **`access`**           | Provide field-level access control to denote what users can see and do with this field's data. [More](/docs/fields/overview#field-level-access-control)                                                                                                                            |
+| **`saveToJWT`**        | If this field is top-level and nested in a config supporting [Authentication](/docs/authentication/overview), include its data in the user JWT.                                                                                                                                      |
+| **`hooks`**            | Provide Field Hooks to control logic for this field. [More details](../hooks/fields).                                                                                                                                                                         |
+| **`access`**           | Provide Field Access Control to denote what users can see and do with this field's data. [More details](../access-control/fields).                                                                                                                                                  |
 | **`hidden`**           | Restrict this field's visibility from all APIs entirely. Will still be saved to the database, but will not appear in any API response or the Admin Panel.                                                                                                                          |
 | **`defaultValue`**     | Provide an array of block data to be used for this field's default value. [More](/docs/fields/overview#default-values)                                                                                                                                                             |
 | **`localized`**        | Enable localization for this field. Requires [localization to be enabled](/docs/configuration/localization) in the Base config. If enabled, a separate, localized set of all data within this field will be kept, so there is no need to specify each nested field as `localized`. |

docs/fields/checkbox.mdx

@@ -23,9 +23,9 @@ keywords: checkbox, fields, config, configuration, documentation, Content Manage
 | **`label`**            | Text used as a field label in the Admin Panel or an object with keys for each language.                                                                                     |
 | **`validate`**         | Provide a custom validation function that will be executed on both the Admin Panel and the backend. [More](/docs/fields/overview#validation)                                |
 | **`index`**            | Build an [index](/docs/database/overview) for this field to produce faster queries. Set this field to `true` if your users will perform queries on this field's data often. |
-| **`saveToJWT`**        | If this field is top-level and nested in a config supporting [Authentication](/docs/authentication/config), include its data in the user JWT.                               |
-| **`hooks`**            | Provide field-based hooks to control logic for this field. [More](/docs/fields/overview#field-level-hooks)                                                                  |
-| **`access`**           | Provide field-based access control to denote what users can see and do with this field's data. [More](/docs/fields/overview#field-level-access-control)                     |
+| **`saveToJWT`**        | If this field is top-level and nested in a config supporting [Authentication](/docs/authentication/overview), include its data in the user JWT.                               |
+| **`hooks`**            | Provide Field Hooks to control logic for this field. [More details](../hooks/fields).                                                                                                                                                                         |
+| **`access`**           | Provide Field Access Control to denote what users can see and do with this field's data. [More details](../access-control/fields).                                                                                                                                                  |
 | **`hidden`**           | Restrict this field's visibility from all APIs entirely. Will still be saved to the database, but will not appear in any API or the Admin Panel.                            |
 | **`defaultValue`**     | Provide data to be used for this field's default value, will default to false if field is also `required`. [More](/docs/fields/overview#default-values)                     |
 | **`localized`**        | Enable localization for this field. Requires [localization to be enabled](/docs/configuration/localization) in the Base config.                                             |

docs/fields/code.mdx

@@ -32,9 +32,9 @@ This field uses the `monaco-react` editor syntax highlighting.
 | **`minLength`**        | Used by the default validation function to ensure values are of a minimum character length.                                                                                 |
 | **`maxLength`**        | Used by the default validation function to ensure values are of a maximum character length.                                                                                 |
 | **`validate`**         | Provide a custom validation function that will be executed on both the Admin Panel and the backend. [More](/docs/fields/overview#validation)                                |
-| **`saveToJWT`**        | If this field is top-level and nested in a config supporting [Authentication](/docs/authentication/config), include its data in the user JWT.                               |
-| **`hooks`**            | Provide field-based hooks to control logic for this field. [More](/docs/fields/overview#field-level-hooks)                                                                  |
-| **`access`**           | Provide field-based access control to denote what users can see and do with this field's data. [More](/docs/fields/overview#field-level-access-control)                     |
+| **`saveToJWT`**        | If this field is top-level and nested in a config supporting [Authentication](/docs/authentication/overview), include its data in the user JWT.                               |
+| **`hooks`**            | Provide Field Hooks to control logic for this field. [More details](../hooks/fields).                                                                                                                                                                         |
+| **`access`**           | Provide Field Access Control to denote what users can see and do with this field's data. [More details](../access-control/fields).                                                                                                                                                  |
 | **`hidden`**           | Restrict this field's visibility from all APIs entirely. Will still be saved to the database, but will not appear in any API or the Admin Panel.                            |
 | **`defaultValue`**     | Provide data to be used for this field's default value. [More](/docs/fields/overview#default-values)                                                                        |
 | **`localized`**        | Enable localization for this field. Requires [localization to be enabled](/docs/configuration/localization) in the Base config.                                             |

docs/fields/date.mdx

@@ -28,9 +28,9 @@ This field uses [`react-datepicker`](https://www.npmjs.com/package/react-datepic
 | **`label`**            | Text used as a field label in the Admin Panel or an object with keys for each language.                                                                                     |
 | **`index`**            | Build an [index](/docs/database/overview) for this field to produce faster queries. Set this field to `true` if your users will perform queries on this field's data often. |
 | **`validate`**         | Provide a custom validation function that will be executed on both the Admin Panel and the backend. [More](/docs/fields/overview#validation)                                |
-| **`saveToJWT`**        | If this field is top-level and nested in a config supporting [Authentication](/docs/authentication/config), include its data in the user JWT.                               |
-| **`hooks`**            | Provide field-based hooks to control logic for this field. [More](/docs/fields/overview#field-level-hooks)                                                                  |
-| **`access`**           | Provide field-based access control to denote what users can see and do with this field's data. [More](/docs/fields/overview#field-level-access-control)                     |
+| **`saveToJWT`**        | If this field is top-level and nested in a config supporting [Authentication](/docs/authentication/overview), include its data in the user JWT.                               |
+| **`hooks`**            | Provide Field Hooks to control logic for this field. [More details](../hooks/fields).                                                                                                                                                                         |
+| **`access`**           | Provide Field Access Control to denote what users can see and do with this field's data. [More details](../access-control/fields).                                                                                                                                                  |
 | **`hidden`**           | Restrict this field's visibility from all APIs entirely. Will still be saved to the database, but will not appear in any API or the Admin Panel.                            |
 | **`defaultValue`**     | Provide data to be used for this field's default value. [More](/docs/fields/overview#default-values)                                                                        |
 | **`localized`**        | Enable localization for this field. Requires [localization to be enabled](/docs/configuration/localization) in the Base config.                                             |

docs/fields/email.mdx

@@ -24,9 +24,9 @@ keywords: email, fields, config, configuration, documentation, Content Managemen
 | **`unique`**           | Enforce that each entry in the Collection has a unique value for this field.                                                                                                |
 | **`index`**            | Build an [index](/docs/database/overview) for this field to produce faster queries. Set this field to `true` if your users will perform queries on this field's data often. |
 | **`validate`**         | Provide a custom validation function that will be executed on both the Admin Panel and the backend. [More](/docs/fields/overview#validation)                                |
-| **`saveToJWT`**        | If this field is top-level and nested in a config supporting [Authentication](/docs/authentication/config), include its data in the user JWT.                               |
-| **`hooks`**            | Provide field-based hooks to control logic for this field. [More](/docs/fields/overview#field-level-hooks)                                                                  |
-| **`access`**           | Provide field-based access control to denote what users can see and do with this field's data. [More](/docs/fields/overview#field-level-access-control)                     |
+| **`saveToJWT`**        | If this field is top-level and nested in a config supporting [Authentication](/docs/authentication/overview), include its data in the user JWT.                               |
+| **`hooks`**            | Provide Field Hooks to control logic for this field. [More details](../hooks/fields).                                                                                                                                                                         |
+| **`access`**           | Provide Field Access Control to denote what users can see and do with this field's data. [More details](../access-control/fields).                                                                                                                                                  |
 | **`hidden`**           | Restrict this field's visibility from all APIs entirely. Will still be saved to the database, but will not appear in any API or the Admin Panel.                            |
 | **`defaultValue`**     | Provide data to be used for this field's default value. [More](/docs/fields/overview#default-values)                                                                        |
 | **`localized`**        | Enable localization for this field. Requires [localization to be enabled](/docs/configuration/localization) in the Base config.                                             |

docs/fields/group.mdx

@@ -26,9 +26,9 @@ keywords: group, fields, config, configuration, documentation, Content Managemen
 | **`fields`** \*        | Array of field types to nest within this Group.                                                                                                                                                                                                                                    |
 | **`label`**            | Used as a heading in the Admin Panel and to name the generated GraphQL type.                                                                                                                                                                                                       |
 | **`validate`**         | Provide a custom validation function that will be executed on both the Admin Panel and the backend. [More](/docs/fields/overview#validation)                                                                                                                                       |
-| **`saveToJWT`**        | If this field is top-level and nested in a config supporting [Authentication](/docs/authentication/config), include its data in the user JWT.                                                                                                                                      |
-| **`hooks`**            | Provide field-based hooks to control logic for this field. [More](/docs/fields/overview#field-level-hooks)                                                                                                                                                                         |
-| **`access`**           | Provide field-based access control to denote what users can see and do with this field's data. [More](/docs/fields/overview#field-level-access-control)                                                                                                                            |
+| **`saveToJWT`**        | If this field is top-level and nested in a config supporting [Authentication](/docs/authentication/overview), include its data in the user JWT.                                                                                                                                      |
+| **`hooks`**            | Provide Field Hooks to control logic for this field. [More details](../hooks/fields).                                                                                                                                                                         |
+| **`access`**           | Provide Field Access Control to denote what users can see and do with this field's data. [More details](../access-control/fields).                                                                                                                                                  |
 | **`hidden`**           | Restrict this field's visibility from all APIs entirely. Will still be saved to the database, but will not appear in any API or the Admin Panel.                                                                                                                                   |
 | **`defaultValue`**     | Provide an object of data to be used for this field's default value. [More](/docs/fields/overview#default-values)                                                                                                                                                                  |
 | **`localized`**        | Enable localization for this field. Requires [localization to be enabled](/docs/configuration/localization) in the Base config. If enabled, a separate, localized set of all data within this Group will be kept, so there is no need to specify each nested field as `localized`. |

docs/fields/json.mdx

@@ -31,9 +31,9 @@ This field uses the `monaco-react` editor syntax highlighting.
 | **`index`**            | Build an [index](/docs/database/overview) for this field to produce faster queries. Set this field to `true` if your users will perform queries on this field's data often. |
 | **`validate`**         | Provide a custom validation function that will be executed on both the Admin Panel and the backend. [More](/docs/fields/overview#validation)                                |
 | **`jsonSchema`**       | Provide a JSON schema that will be used for validation. [JSON schemas](https://json-schema.org/learn/getting-started-step-by-step)                                          |
-| **`saveToJWT`**        | If this field is top-level and nested in a config supporting [Authentication](/docs/authentication/config), include its data in the user JWT.                               |
-| **`hooks`**            | Provide field-based hooks to control logic for this field. [More](/docs/fields/overview#field-level-hooks)                                                                  |
-| **`access`**           | Provide field-based access control to denote what users can see and do with this field's data. [More](/docs/fields/overview#field-level-access-control)                     |
+| **`saveToJWT`**        | If this field is top-level and nested in a config supporting [Authentication](/docs/authentication/overview), include its data in the user JWT.                               |
+| **`hooks`**            | Provide Field Hooks to control logic for this field. [More details](../hooks/fields).                                                                                                                                                                         |
+| **`access`**           | Provide Field Access Control to denote what users can see and do with this field's data. [More details](../access-control/fields).                                                                                                                                                  |
 | **`hidden`**           | Restrict this field's visibility from all APIs entirely. Will still be saved to the database, but will not appear in any API or the Admin Panel.                            |
 | **`defaultValue`**     | Provide data to be used for this field's default value. [More](/docs/fields/overview#default-values)                                                                        |
 | **`localized`**        | Enable localization for this field. Requires [localization to be enabled](/docs/configuration/localization) in the Base config.                                             |

docs/fields/number.mdx

@@ -32,9 +32,9 @@ keywords: number, fields, config, configuration, documentation, Content Manageme
 | **`unique`**           | Enforce that each entry in the Collection has a unique value for this field.                                                                                                |
 | **`index`**            | Build an [index](/docs/database/overview) for this field to produce faster queries. Set this field to `true` if your users will perform queries on this field's data often. |
 | **`validate`**         | Provide a custom validation function that will be executed on both the Admin Panel and the backend. [More](/docs/fields/overview#validation)                                |
-| **`saveToJWT`**        | If this field is top-level and nested in a config supporting [Authentication](/docs/authentication/config), include its data in the user JWT.                               |
-| **`hooks`**            | Provide field-based hooks to control logic for this field. [More](/docs/fields/overview#field-level-hooks)                                                                  |
-| **`access`**           | Provide field-based access control to denote what users can see and do with this field's data. [More](/docs/fields/overview#field-level-access-control)                     |
+| **`saveToJWT`**        | If this field is top-level and nested in a config supporting [Authentication](/docs/authentication/overview), include its data in the user JWT.                               |
+| **`hooks`**            | Provide Field Hooks to control logic for this field. [More details](../hooks/fields).                                                                                                                                                                         |
+| **`access`**           | Provide Field Access Control to denote what users can see and do with this field's data. [More details](../access-control/fields).                                                                                                                                                  |
 | **`hidden`**           | Restrict this field's visibility from all APIs entirely. Will still be saved to the database, but will not appear in any API or the Admin Panel.                            |
 | **`defaultValue`**     | Provide data to be used for this field's default value. [More](/docs/fields/overview#default-values)                                                                        |
 | **`localized`**        | Enable localization for this field. Requires [localization to be enabled](/docs/configuration/localization) in the Base config.                                             |

docs/fields/overview.mdx

@@ -2,7 +2,7 @@
 title: Fields Overview
 label: Overview
 order: 10
-desc: Fields are the building blocks of Payload, find out how to add or remove a field, change field type, add hooks, define access control and validation.
+desc: Fields are the building blocks of Payload, find out how to add or remove a field, change field type, add hooks, define Access Control and Validation.
 keywords: overview, fields, config, configuration, documentation, Content Management System, cms, headless, javascript, node, react, nextjs
 ---
 
@@ -375,6 +375,8 @@ export const MyCollection: CollectionConfig = {
 <Banner type="warning">
   <strong>Reminder:</strong>
   The Custom ID Fields can only be of type [`Number`](./number) or [`Text`](./text).
+
+  Custom ID fields with type `text` must not contain `/` or `.` characters.
 </Banner>
 
 ## TypeScript

docs/fields/point.mdx

@@ -34,9 +34,9 @@ The data structure in the database matches the GeoJSON structure to represent po
 | **`unique`**           | Enforce that each entry in the Collection has a unique value for this field.                                                                                                              |
 | **`index`**            | Build an [index](/docs/database/overview) for this field to produce faster queries. To support location queries, point index defaults to `2dsphere`, to disable the index set to `false`. |
 | **`validate`**         | Provide a custom validation function that will be executed on both the Admin Panel and the backend. [More](/docs/fields/overview#validation)                                              |
-| **`saveToJWT`**        | If this field is top-level and nested in a config supporting [Authentication](/docs/authentication/config), include its data in the user JWT.                                             |
-| **`hooks`**            | Provide field-based hooks to control logic for this field. [More](/docs/fields/overview#field-level-hooks)                                                                                |
-| **`access`**           | Provide field-based access control to denote what users can see and do with this field's data. [More](/docs/fields/overview#field-level-access-control)                                   |
+| **`saveToJWT`**        | If this field is top-level and nested in a config supporting [Authentication](/docs/authentication/overview), include its data in the user JWT.                                             |
+| **`hooks`**            | Provide Field Hooks to control logic for this field. [More details](../hooks/fields).                                                                                                                                                                         |
+| **`access`**           | Provide Field Access Control to denote what users can see and do with this field's data. [More details](../access-control/fields).                                                                                                                                                  |
 | **`hidden`**           | Restrict this field's visibility from all APIs entirely. Will still be saved to the database, but will not appear in any API or the Admin Panel.                                          |
 | **`defaultValue`**     | Provide data to be used for this field's default value. [More](/docs/fields/overview#default-values)                                                                                      |
 | **`localized`**        | Enable localization for this field. Requires [localization to be enabled](/docs/configuration/localization) in the Base config.                                                           |

docs/fields/radio.mdx

@@ -27,9 +27,9 @@ keywords: radio, fields, config, configuration, documentation, Content Managemen
 | **`label`**            | Text used as a field label in the Admin Panel or an object with keys for each language.                                                                                     |
 | **`validate`**         | Provide a custom validation function that will be executed on both the Admin Panel and the backend. [More](/docs/fields/overview#validation)                                |
 | **`index`**            | Build an [index](/docs/database/overview) for this field to produce faster queries. Set this field to `true` if your users will perform queries on this field's data often. |
-| **`saveToJWT`**        | If this field is top-level and nested in a config supporting [Authentication](/docs/authentication/config), include its data in the user JWT.                               |
-| **`hooks`**            | Provide field-based hooks to control logic for this field. [More](/docs/fields/overview#field-level-hooks)                                                                  |
-| **`access`**           | Provide field-based access control to denote what users can see and do with this field's data. [More](/docs/fields/overview#field-level-access-control)                     |
+| **`saveToJWT`**        | If this field is top-level and nested in a config supporting [Authentication](/docs/authentication/overview), include its data in the user JWT.                               |
+| **`hooks`**            | Provide Field Hooks to control logic for this field. [More details](../hooks/fields).                                                                                                                                                                         |
+| **`access`**           | Provide Field Access Control to denote what users can see and do with this field's data. [More details](../access-control/fields).                                                                                                                                                  |
 | **`hidden`**           | Restrict this field's visibility from all APIs entirely. Will still be saved to the database, but will not appear in any API or the Admin Panel.                            |
 | **`defaultValue`**     | Provide data to be used for this field's default value. The default value must exist within provided values in `options`. [More](/docs/fields/overview#default-values)      |
 | **`localized`**        | Enable localization for this field. Requires [localization to be enabled](/docs/configuration/localization) in the Base config.                                             |

docs/fields/relationship.mdx

@@ -39,9 +39,9 @@ keywords: relationship, fields, config, configuration, documentation, Content Ma
 | **`unique`**           | Enforce that each entry in the Collection has a unique value for this field.                                                                                                    |
 | **`validate`**         | Provide a custom validation function that will be executed on both the Admin Panel and the backend. [More](/docs/fields/overview#validation)                                    |
 | **`index`**            | Build an [index](/docs/database/overview) for this field to produce faster queries. Set this field to `true` if your users will perform queries on this field's data often.     |
-| **`saveToJWT`**        | If this field is top-level and nested in a config supporting [Authentication](/docs/authentication/config), include its data in the user JWT.                                   |
-| **`hooks`**            | Provide field-based hooks to control logic for this field. [More](/docs/fields/overview#field-level-hooks)                                                                      |
-| **`access`**           | Provide field-based access control to denote what users can see and do with this field's data. [More](/docs/fields/overview#field-level-access-control)                         |
+| **`saveToJWT`**        | If this field is top-level and nested in a config supporting [Authentication](/docs/authentication/overview), include its data in the user JWT.                                   |
+| **`hooks`**            | Provide Field Hooks to control logic for this field. [More details](../hooks/fields).                                                                                                                                                                         |
+| **`access`**           | Provide Field Access Control to denote what users can see and do with this field's data. [More details](../access-control/fields).                                                                                                                                                  |
 | **`hidden`**           | Restrict this field's visibility from all APIs entirely. Will still be saved to the database, but will not appear in any API or the Admin Panel.                                |
 | **`defaultValue`**     | Provide data to be used for this field's default value. [More](/docs/fields/overview#default-values)                                                                            |
 | **`localized`**        | Enable localization for this field. Requires [localization to be enabled](/docs/configuration/localization) in the Base config.                                                 |

docs/fields/rich-text.mdx

@@ -46,9 +46,9 @@ Right now, Payload is officially supporting two rich text editors:
 | **`name`** \*          | To be used as the property name when stored and retrieved from the database. [More](/docs/fields/overview#field-names)                                  |
 | **`label`**            | Text used as a field label in the Admin Panel or an object with keys for each language.                                                                 |
 | **`validate`**         | Provide a custom validation function that will be executed on both the Admin Panel and the backend. [More](/docs/fields/overview#validation)            |
-| **`saveToJWT`**        | If this field is top-level and nested in a config supporting [Authentication](/docs/authentication/config), include its data in the user JWT.           |
-| **`hooks`**            | Provide field-based hooks to control logic for this field. [More](/docs/fields/overview#field-level-hooks)                                              |
-| **`access`**           | Provide field-based access control to denote what users can see and do with this field's data. [More](/docs/fields/overview#field-level-access-control) |
+| **`saveToJWT`**        | If this field is top-level and nested in a config supporting [Authentication](/docs/authentication/overview), include its data in the user JWT.           |
+| **`hooks`**            | Provide Field Hooks to control logic for this field. [More details](../hooks/fields).                                                                                                                                                                         |
+| **`access`**           | Provide Field Access Control to denote what users can see and do with this field's data. [More details](../access-control/fields).                                                                                                                                                  |
 | **`hidden`**           | Restrict this field's visibility from all APIs entirely. Will still be saved to the database, but will not appear in any API or the Admin Panel.        |
 | **`defaultValue`**     | Provide data to be used for this field's default value. [More](/docs/fields/overview#default-values)                                                    |
 | **`localized`**        | Enable localization for this field. Requires [localization to be enabled](/docs/configuration/localization) in the Base config.                         |

docs/fields/select.mdx

@@ -29,9 +29,9 @@ keywords: select, multi-select, fields, config, configuration, documentation, Co
 | **`unique`**           | Enforce that each entry in the Collection has a unique value for this field.                                                                                                  |
 | **`validate`**         | Provide a custom validation function that will be executed on both the Admin Panel and the backend. [More](/docs/fields/overview#validation)                                  |
 | **`index`**            | Build an [index](/docs/database/overview) for this field to produce faster queries. Set this field to `true` if your users will perform queries on this field's data often.   |
-| **`saveToJWT`**        | If this field is top-level and nested in a config supporting [Authentication](/docs/authentication/config), include its data in the user JWT.                                 |
-| **`hooks`**            | Provide field-based hooks to control logic for this field. [More](/docs/fields/overview#field-level-hooks)                                                                    |
-| **`access`**           | Provide field-based access control to denote what users can see and do with this field's data. [More](/docs/fields/overview#field-level-access-control)                       |
+| **`saveToJWT`**        | If this field is top-level and nested in a config supporting [Authentication](/docs/authentication/overview), include its data in the user JWT.                                 |
+| **`hooks`**            | Provide Field Hooks to control logic for this field. [More details](../hooks/fields).                                                                                                                                                                         |
+| **`access`**           | Provide Field Access Control to denote what users can see and do with this field's data. [More details](../access-control/fields).                                                                                                                                                  |
 | **`hidden`**           | Restrict this field's visibility from all APIs entirely. Will still be saved to the database, but will not appear in any API or the Admin Panel.                              |
 | **`defaultValue`**     | Provide data to be used for this field's default value. [More](/docs/fields/overview#default-values)                                                                          |
 | **`localized`**        | Enable localization for this field. Requires [localization to be enabled](/docs/configuration/localization) in the Base config.                                               |

docs/fields/text.mdx

@@ -29,9 +29,9 @@ keywords: text, fields, config, configuration, documentation, Content Management
 | **`maxLength`**        | Used by the default validation function to ensure values are of a maximum character length.                                                                                 |
 | **`validate`**         | Provide a custom validation function that will be executed on both the Admin Panel and the backend. [More](/docs/fields/overview#validation)                                |
 | **`index`**            | Build an [index](/docs/database/overview) for this field to produce faster queries. Set this field to `true` if your users will perform queries on this field's data often. |
-| **`saveToJWT`**        | If this field is top-level and nested in a config supporting [Authentication](/docs/authentication/config), include its data in the user JWT.                               |
-| **`hooks`**            | Provide field-based hooks to control logic for this field. [More](/docs/fields/overview#field-level-hooks)                                                                  |
-| **`access`**           | Provide field-based access control to denote what users can see and do with this field's data. [More](/docs/fields/overview#field-level-access-control)                     |
+| **`saveToJWT`**        | If this field is top-level and nested in a config supporting [Authentication](/docs/authentication/overview), include its data in the user JWT.                               |
+| **`hooks`**            | Provide Field Hooks to control logic for this field. [More details](../hooks/fields).                                                                                                                                                                         |
+| **`access`**           | Provide Field Access Control to denote what users can see and do with this field's data. [More details](../access-control/fields).                                                                                                                                                  |
 | **`hidden`**           | Restrict this field's visibility from all APIs entirely. Will still be saved to the database, but will not appear in any API or the Admin Panel.                            |
 | **`defaultValue`**     | Provide data to be used for this field's default value. [More](/docs/fields/overview#default-values)                                                                        |
 | **`localized`**        | Enable localization for this field. Requires [localization to be enabled](/docs/configuration/localization) in the Base config.                                             |

docs/fields/textarea.mdx

@@ -29,9 +29,9 @@ keywords: textarea, fields, config, configuration, documentation, Content Manage
 | **`maxLength`**        | Used by the default validation function to ensure values are of a maximum character length.                                                                                 |
 | **`validate`**         | Provide a custom validation function that will be executed on both the Admin Panel and the backend. [More](/docs/fields/overview#validation)                                |
 | **`index`**            | Build an [index](/docs/database/overview) for this field to produce faster queries. Set this field to `true` if your users will perform queries on this field's data often. |
-| **`saveToJWT`**        | If this field is top-level and nested in a config supporting [Authentication](/docs/authentication/config), include its data in the user JWT.                               |
-| **`hooks`**            | Provide field-based hooks to control logic for this field. [More](/docs/fields/overview#field-level-hooks)                                                                  |
-| **`access`**           | Provide field-based access control to denote what users can see and do with this field's data. [More](/docs/fields/overview#field-level-access-control)                     |
+| **`saveToJWT`**        | If this field is top-level and nested in a config supporting [Authentication](/docs/authentication/overview), include its data in the user JWT.                               |
+| **`hooks`**            | Provide Field Hooks to control logic for this field. [More details](../hooks/fields).                                                                                                                                                                         |
+| **`access`**           | Provide Field Access Control to denote what users can see and do with this field's data. [More details](../access-control/fields).                                                                                                                                                  |
 | **`hidden`**           | Restrict this field's visibility from all APIs entirely. Will still be saved to the database, but will not appear in any API or the Admin Panel.                            |
 | **`defaultValue`**     | Provide data to be used for this field's default value. [More](/docs/fields/overview#default-values)                                                                        |
 | **`localized`**        | Enable localization for this field. Requires [localization to be enabled](/docs/configuration/localization) in the Base config.                                             |

docs/fields/upload.mdx

@@ -44,9 +44,9 @@ keywords: upload, images media, fields, config, configuration, documentation, Co
 | **`unique`**           | Enforce that each entry in the Collection has a unique value for this field.                                                                                                |
 | **`validate`**         | Provide a custom validation function that will be executed on both the Admin Panel and the backend. [More](/docs/fields/overview#validation)                                |
 | **`index`**            | Build an [index](/docs/database/overview) for this field to produce faster queries. Set this field to `true` if your users will perform queries on this field's data often. |
-| **`saveToJWT`**        | If this field is top-level and nested in a config supporting [Authentication](/docs/authentication/config), include its data in the user JWT.                               |
-| **`hooks`**            | Provide field-based hooks to control logic for this field. [More](/docs/fields/overview#field-level-hooks)                                                                  |
-| **`access`**           | Provide field-based access control to denote what users can see and do with this field's data. [More](/docs/fields/overview#field-level-access-control)                     |
+| **`saveToJWT`**        | If this field is top-level and nested in a config supporting [Authentication](/docs/authentication/overview), include its data in the user JWT.                               |
+| **`hooks`**            | Provide Field Hooks to control logic for this field. [More details](../hooks/fields).                                                                                                                                                                         |
+| **`access`**           | Provide Field Access Control to denote what users can see and do with this field's data. [More details](../access-control/fields).                                                                                                                                                  |
 | **`hidden`**           | Restrict this field's visibility from all APIs entirely. Will still be saved to the database, but will not appear in any API or the Admin Panel.                            |
 | **`defaultValue`**     | Provide data to be used for this field's default value. [More](/docs/fields/overview#default-values)                                                                        |
 | **`localized`**        | Enable localization for this field. Requires [localization to be enabled](/docs/configuration/localization) in the Base config.                                             |

docs/getting-started/concepts.mdx

@@ -14,15 +14,15 @@ The Payload Config is central to everything that Payload does. It allows for the
 
 ## Database
 
-Payload is database agnostic, meaning you can use any type of database behind Payload's familiar APIs through a Database Adapter. [More details](../database/overview).
+Payload is database agnostic, meaning you can use any type of database behind Payload's familiar APIs through what is known as a Database Adapter. [More details](../database/overview).
 
 ## Collections
 
-A Collection is a group of records, called Documents, that all share a common schema. Each Collection saves to the [Database](../database/overview) based on the [Fields](../fields/overview) that you define. [More details](../configuration/collections).
+A Collection is a group of records, called Documents, that all share a common schema. Each Collection is stored in the [Database](../database/overview) based on the [Fields](../fields/overview) that you define. [More details](../configuration/collections).
 
 ## Globals
 
-Globals are in many ways similar to [Collections](../configuration/collections), except they correspond to only a single Document. Each Global saves to the [Database](../database/overview) based on the [Fields](../fields/overview) that you define. [More details](../configuration/globals).
+Globals are in many ways similar to [Collections](../configuration/collections), except they correspond to only a single Document. Each Global is stored in the [Database](../database/overview) based on the [Fields](../fields/overview) that you define. [More details](../configuration/globals).
 
 ## Fields
 
@@ -30,23 +30,23 @@ Fields are the building blocks of Payload. They define the schema of the Documen
 
 ## Hooks
 
-Hooks allow you to execute your own logic during specific events of the Document lifecycle, such as read or update. [More details](../hooks/overview).
+Hooks allow you to execute your own side effects during specific events of the Document lifecycle, such as before read, after create, etc. [More details](../hooks/overview).
+
+## Authentication
+
+Payload provides a secure, portable way to manage user accounts out of the box. Payload Authentication is designed to be used in both the Admin Panel, all well as your own external applications. [More details](../authentication/overview).
 
 ## Access Control
 
-Access Control determines what a user can and cannot do with any given Document. [More details](../access-control/overview).
+Access Control determines what a user can and cannot do with any given Document, such as read, update, etc., as well as what they can and cannot see within the Admin Panel. [More details](../access-control/overview).
 
 ## Admin Panel
 
 Payload dynamically generates a beautiful, fully type-safe interface to manage your users and data. The Admin Panel is a React application built using the Next.js App Router. [More details](../admin/overview).
 
-## Plugins
-
-Plugins allow for developers to easily inject custom—sometimes complex—functionality into Payload apps from a very small touch-point. [More details](../plugins/overview).
-
 ## Retrieving Data
 
-Everything Payload does (create, read, update, delete, login, logout, etc) is exposed to you via three APIs:
+Everything Payload does (create, read, update, delete, login, logout, etc.) is exposed to you via three APIs:
 
 - [Local API](#local-api) - Extremely fast, direct-to-database access
 - [REST API](#rest-api) - Standard HTTP endpoints for querying and mutating data
@@ -59,11 +59,11 @@ Everything Payload does (create, read, update, delete, login, logout, etc) is ex
 
 ### Local API
 
-By far one of the most powerful aspects of Payload is the fact that it gives you direct-to-database access to your data through the [Local API](../local-api/overview). It's _extremely_ fast and does not incur any typical REST API / GraphQL / HTTP overhead—you query your database directly in Node.js.
+By far one of the most powerful aspects of Payload is the fact that it gives you direct-to-database access to your data through the [Local API](../local-api/overview). It's _extremely_ fast and does not incur any typical HTTP overhead—you query your database directly in Node.js.
 
 The Local API is written in TypeScript, and so it is strongly typed and extremely nice to use. It works anywhere on the server, including custom Next.js Routes, Payload Hooks, Payload Access Control, and React Server Components.
 
-Here's a quick example of a React Server Component fetching page data with Payload's Local API:
+Here's a quick example of a React Server Component fetching data using the Local API:
 
 ```tsx
 import React from 'react'
@@ -100,9 +100,9 @@ const MyServerComponent: React.FC = () => {
 
 ### REST API
 
-By default, the Payload [REST API](../rest-api/overview) will be mounted automatically for you at the `/api` path of your app.
+By default, the Payload [REST API](../rest-api/overview) is mounted automatically for you at the `/api` path of your app.
 
-For example, if you have a [Collection](../configuration/collections) called `pages`:
+For example, if you have a Collection called `pages`:
 
 ```ts
 fetch('https://localhost:3000/api/pages') // highlight-line
@@ -116,27 +116,17 @@ fetch('https://localhost:3000/api/pages') // highlight-line
 
 ### GraphQL API
 
-Payload automatically exposes GraphQL queries and mutations for everything it does through a dedicated [GraphQL API](../graphql/overview).
-
-By default, you'll find the GraphQL route handler in your `/app/(payload)/api/graphql` folder, which makes the GraphQL endpoint available by default at `http://localhost:3000/api/graphql`.
-
-You'll also find a full GraphQL Playground which can be accessible via `http://localhost:3000/api/graphql-playground`.
+Payload automatically exposes GraphQL queries and mutations through a dedicated [GraphQL API](../graphql/overview). By default, the GraphQL route handler is mounted at the `/api/graphql` path of your app. You'll also find a full GraphQL Playground which can be accessible at the `/api/graphql-playground` path of your app.
 
 You can use any GraphQL client with Payload's GraphQL endpoint. Here are a few packages:
 
 - [`graphql-request`](https://www.npmjs.com/package/graphql-request) - a very lightweight GraphQL client
 - [`@apollo/client`](https://www.apollographql.com/docs/react/api/core/ApolloClient/) - an industry-standard GraphQL client with lots of nice features
 
-If you don't use GraphQL, you can delete those files! But if you do, you'll find that GraphQL is a first-class API in Payload. Either way, the overhead of GraphQL is completely constrained to these endpoints, and will not slow down / affect Payload outside of those endpoints themselves.
-
 <Banner type="info">
   For more information about the GraphQL API, [click here](../graphql/overview).
 </Banner>
 
-### Depth
-
-Documents can be related to other Documents through a concept called "relationships". When you query a Document, you can specify these relationships are populated. [More details](../queries/depth).
-
 ## Package Structure
 
 Payload is abstracted into a set of dedicated packages to keep the core `payload` package as lightweight as possible. This allows you to only install the parts of Payload based on your unique project requirements.
@@ -180,4 +170,7 @@ You can choose which Database Adapter you'd like to use for your project, and no
 
 Payload's Rich Text functionality is abstracted into separate packages and if you want to enable Rich Text in your project, you'll need to install one of these packages. We recommend Lexical for all new projects, and this is where Payload will focus its efforts on from this point, but Slate is still supported if you have already built with it.
 
-Rich Text is entirely optional and you may not need it for your project.
+<Banner type="info">
+  <strong>Note:</strong>
+  Rich Text is entirely optional and you may not need it for your project.
+</Banner>

docs/getting-started/installation.mdx

@@ -63,23 +63,13 @@ To install a Database Adapter, you can run **one** of the following commands:
     ```
 
 <Banner type="success">
-  <strong>Reminder:</strong>
+  <strong>Note:</strong>
   New [Database Adapters](/docs/database/overview) are becoming available every day. Check the docs for the most up-to-date list of what's available.
 </Banner>
 
 #### 2. Copy Payload files into your Next.js app folder
 
-Payload installs directly in your Next.js `/app` folder, and you'll need to place some files into that folder for Payload to run.
-
-The files that Payload needs to have in your `/app` folder do not regenerate, and will never change. Once you slot them in, you never have to revisit them. They are not meant to be edited and simply import Payload dependencies from `@payloadcms/next` for the REST / GraphQL API and Admin Panel UI.
-
-You can copy the Payload `/app` folder files from the Payload blank template on GitHub:
-
-```
-https://github.com/payloadcms/payload/tree/beta/templates/blank-3.0/src/app/(payload)
-```
-
-Once you have the required Payload files in place in your `/app` folder, you should have something like this:
+Payload installs directly in your Next.js `/app` folder, and you'll need to place some files into that folder for Payload to run. You can copy these files from the [Blank Template](https://github.com/payloadcms/payload/tree/beta/templates/blank-3.0/src/app/(payload)) on GitHub. Once you have the required Payload files in place in your `/app` folder, you should have something like this:
 
 ```plaintext
 app/
@@ -93,6 +83,8 @@ app/
   You may need to copy all of your existing frontend files, including your existing root layout, into its own newly created [Route Group](https://nextjs.org/docs/app/building-your-application/routing/route-groups), i.e. `(my-app)`.
 </Banner>
 
+The files that Payload needs to have in your `/app` folder do not regenerate, and will never change. Once you slot them in, you never have to revisit them. They are not meant to be edited and simply import Payload dependencies from `@payloadcms/next` for the REST / GraphQL API and Admin Panel.
+
 You can name the `(my-app)` folder anything you want. The name does not matter and will just be used to clarify your directory structure for yourself. Common names might be `(frontend)`, `(app)`, or similar. [More details](../admin/overview).
 
 #### 3. Add the Payload Plugin to your Next.js config

docs/getting-started/what-is-payload.mdx

@@ -15,7 +15,7 @@ keywords: documentation, getting started, guide, Content Management System, cms,
 
 - A full Admin Panel using React server / client components, matching the shape of your data and completely extensible with your own React components
 - Automatic database schema, including direct DB access and ownership, with migrations, transactions, proper indexing, and more
-- Instant REST, GraphQL, and straight-to-DB Node APIs
+- Instant REST, GraphQL, and straight-to-DB Node.js APIs
 - Authentication which can be used in your own apps
 - A deeply customizable access control pattern
 - File storage and image management tools like cropping / focal point selection
@@ -30,12 +30,14 @@ No matter what you're building, Payload will give you backend superpowers. It ca
 
 It's fully open source with an MIT license and you can self-host anywhere that you can run a Node app. You can also deploy serverless to hosts like Vercel, right inside your existing Next.js app folder.
 
+### Code-first and version controlled
+
+In Payload, there are no "click ops" - as in clicking around in an Admin Panel to define your schema. In Payload, everything is done the right way—code-first and version controlled like a proper backend. But once developers define how Payload should work, non-technical users can independently make use of its Admin Panel to manage whatever they need to without having to know code whatsoever.
+
 ### Fully extensible
 
 Even in spite of how much you get out of the box, you still have full control over every aspect of your app - be it database, admin UI, or anything else. Every part of Payload has been designed to be extensible and customizable with modern TypeScript / React. And you'll fully understand the code that you write.
 
-In Payload, there are no "click ops" - as in clicking around in an Admin Panel to define your schema. In Payload, everything is done the right way—code-first and version controlled like a proper backend. But once developers define how Payload should work, non-technical users can independently make use of its Admin Panel to manage whatever they need to without having to know code whatsoever.
-
 ## Use Cases
 
 Payload started as a headless Content Management System (CMS), but since, we've seen our community leverage Payload in ways far outside of simply managing pages and blog posts. It's grown into a full-stack TypeScript app framework.

docs/hooks/collections.mdx

@@ -8,7 +8,7 @@ keywords: hooks, collections, config, configuration, documentation, Content Mana
 
 Collection Hooks are [Hooks](./overview) that run on Documents within a specific [Collection](../configuration/collections). They allow you to execute your own logic during specific events of the Document lifecycle.
 
-To add hooks to a Collection, use the `hooks` property in your [Collection Config](../configuration/collections):
+To add Hooks to a Collection, use the `hooks` property in your [Collection Config](../configuration/collections):
 
 ```ts
 import type { CollectionConfig } from 'payload';
@@ -21,28 +21,10 @@ export const CollectionWithHooks: CollectionConfig = {
 }
 ```
 
-The following Collection Hooks are available:
-
-- [`beforeOperation`](#beforeoperation)
-- [`beforeValidate`](#beforevalidate)
-- [`beforeChange`](#beforechange)
-- [`afterChange`](#afterchange)
-- [`beforeRead`](#beforeread)
-- [`afterRead`](#afterread)
-- [`beforeDelete`](#beforedelete)
-- [`afterDelete`](#afterdelete)
-- [`afterOperation`](#afteroperation)
-
-Additionally, all [Auth-enabled Collections](../authentication/overview) feature the following auth-related Hooks:
-
-- [`beforeLogin`](#beforelogin)
-- [`afterLogin`](#afterlogin)
-- [`afterLogout`](#afterlogout)
-- [`afterRefresh`](#afterrefresh)
-- [`afterMe`](#afterme)
-- [`afterForgotPassword`](#afterforgotpassword)
-- [`refresh`](#refresh)
-- [`me`](#me)
+<Banner type="info">
+  <strong>Tip:</strong>
+  You can also set hooks on the field-level to isolate hook logic to specific fields. [More details](./fields).
+</Banner>
 
 ## Config Options
 
@@ -89,15 +71,15 @@ Available Collection operations include `create`, `read`, `update`, `delete`, `l
 import type { CollectionBeforeOperationHook } from 'payload'
 
 const beforeOperationHook: CollectionBeforeOperationHook = async ({
-  args, // original arguments passed into the operation
-  operation, // name of the operation
-  req, // full Request object
+  args,
+  operation,
+  req,
 }) => {
   return args // return modified operation arguments as necessary
 }
 ```
 
-The following arguments are passed to the `beforeOperation` hook:
+The following arguments are provided to the `beforeOperation` hook:
 
 | Option                   | Description                                                                                                                                                                                                           |
 | ------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
@@ -126,7 +108,7 @@ const beforeValidateHook: CollectionBeforeValidateHook = async ({
 }
 ```
 
-The following arguments are passed to the `beforeValidate` hook:
+The following arguments are provided to the `beforeValidate` hook:
 
 | Option                   | Description                                                                                                                                                                                                           |
 | ------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
@@ -151,7 +133,7 @@ const beforeChangeHook: CollectionBeforeChangeHook = async ({
 }
 ```
 
-The following arguments are passed to the `beforeChange` hook:
+The following arguments are provided to the `beforeChange` hook:
 
 | Option                   | Description                                                                                                                                                                                                           |
 | ------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
@@ -176,7 +158,7 @@ const afterChangeHook: CollectionAfterChangeHook = async ({
 }
 ```
 
-The following arguments are passed to the `afterChange` hook:
+The following arguments are provided to the `afterChange` hook:
 
 | Option                   | Description                                                                                                                                                                                                           |
 | ------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
@@ -201,7 +183,7 @@ const beforeReadHook: CollectionBeforeReadHook = async ({
 }
 ```
 
-The following arguments are passed to the `beforeRead` hook:
+The following arguments are provided to the `beforeRead` hook:
 
 | Option                   | Description                                                                                                                                                                                                           |
 | ------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
@@ -225,7 +207,7 @@ const afterReadHook: CollectionAfterReadHook = async ({
 }
 ```
 
-The following arguments are passed to the `afterRead` hook:
+The following arguments are provided to the `afterRead` hook:
 
 | Option                   | Description                                                                                                                                                                                                           |
 | ------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
@@ -248,7 +230,7 @@ const beforeDeleteHook: CollectionBeforeDeleteHook = async ({
 }) => {...}
 ```
 
-The following arguments are passed to the `beforeDelete` hook:
+The following arguments are provided to the `beforeDelete` hook:
 
 | Option                   | Description                                                                                                                                                                                                           |
 | ------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
@@ -271,7 +253,7 @@ const afterDeleteHook: CollectionAfterDeleteHook = async ({
 }) => {...}
 ```
 
-The following arguments are passed to the `afterDelete` hook:
+The following arguments are provided to the `afterDelete` hook:
 
 | Option                   | Description                                                                                                                                                                                                           |
 | ------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
@@ -297,7 +279,7 @@ const afterOperationHook: CollectionAfterOperationHook = async ({
 }
 ```
 
-The following arguments are passed to the `afterOperation` hook:
+The following arguments are provided to the `afterOperation` hook:
 
 | Option                   | Description                                                                                                                                                                                                           |
 | ------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
@@ -321,7 +303,7 @@ const beforeLoginHook: CollectionBeforeLoginHook = async ({
 }
 ```
 
-The following arguments are passed to the `beforeLogin` hook:
+The following arguments are provided to the `beforeLogin` hook:
 
 | Option                   | Description                                                                                                                                                                                                           |
 | ------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
@@ -343,7 +325,7 @@ const afterLoginHook: CollectionAfterLoginHook = async ({
 }) => {...}
 ```
 
-The following arguments are passed to the `afterLogin` hook:
+The following arguments are provided to the `afterLogin` hook:
 
 | Option                   | Description                                                                                                                                                                                                           |
 | ------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
@@ -365,7 +347,7 @@ const afterLogoutHook: CollectionAfterLogoutHook = async ({
 }) => {...}
 ```
 
-The following arguments are passed to the `afterLogout` hook:
+The following arguments are provided to the `afterLogout` hook:
 
 | Option                   | Description                                                                                                                                                                                                           |
 | ------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
@@ -386,7 +368,7 @@ const afterMeHook: CollectionAfterMeHook = async ({
 }) => {...}
 ```
 
-The following arguments are passed to the `afterMe` hook:
+The following arguments are provided to the `afterMe` hook:
 
 | Option                   | Description                                                                                                                                                                                                           |
 | ------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
@@ -407,7 +389,7 @@ const afterRefreshHook: CollectionAfterRefreshHook = async ({
 }) => {...}
 ```
 
-The following arguments are passed to the `afterRefresh` hook:
+The following arguments are provided to the `afterRefresh` hook:
 
 | Option                   | Description                                                                                                                                                                                                           |
 | ------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
@@ -431,7 +413,7 @@ const afterForgotPasswordHook: CollectionAfterForgotPasswordHook = async ({
 }) => {...}
 ```
 
-The following arguments are passed to the `afterForgotPassword` hook:
+The following arguments are provided to the `afterForgotPassword` hook:
 
 | Option                   | Description                                                                                                                                                                                                           |
 | ------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
@@ -452,7 +434,7 @@ const myRefreshHook: CollectionRefreshHook = async ({
 }) => {...}
 ```
 
-The following arguments are passed to the `afterRefresh` hook:
+The following arguments are provided to the `afterRefresh` hook:
 
 | Option                   | Description                                                                                                                                                                                                           |
 | ------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
@@ -472,7 +454,7 @@ const meHook: CollectionMeHook = async ({
 }) => {...}
 ```
 
-The following arguments are passed to the `me` hook:
+The following arguments are provided to the `me` hook:
 
 | Option                   | Description                                                                                                                                                                                                           |
 | ------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |

docs/hooks/context.mdx

@@ -6,22 +6,22 @@ desc: Context allows you to pass in extra data that can be shared between hooks
 keywords: hooks, context, payload context, payloadcontext, data, extra data, shared data, shared, extra
 ---
 
-The `context` object in hooks is used to share data across different hooks. The persists throughout the entire lifecycle of a request and is available within every hook. This allows you to add logic to your hooks based on the request state by setting properties to `req.context` and using them elsewhere.
+The `context` object is used to share data across different Hooks. This persists throughout the entire lifecycle of a request and is available within every Hook. By setting properties to `req.context`, you can effectively logic across multiple Hooks.
 
-## When to use Context
+## When To Use Context
 
 Context gives you a way forward on otherwise difficult problems such as:
 
-1. **Passing data between hooks**: Needing data in multiple hooks from a 3rd party API, it could be retrieved and used in `beforeChange` and later used again in an `afterChange` hook without having to fetch it twice.
+1. **Passing data between Hooks**: Needing data in multiple Hooks from a 3rd party API, it could be retrieved and used in `beforeChange` and later used again in an `afterChange` hook without having to fetch it twice.
 2. **Preventing infinite loops**: Calling `payload.update()` on the same document that triggered an `afterChange` hook will create an infinite loop, control the flow by assigning a no-op condition to context
 3. **Passing data to local API**: Setting values on the `req.context` and pass it to `payload.create()` you can provide additional data to hooks without adding extraneous fields.
 4. **Passing data between hooks and middleware or custom endpoints**: Hooks could set context across multiple collections and then be used in a final `postMiddleware`.
 
-## How to Use Context
+## How To Use Context
 
 Let's see examples on how context can be used in the first two scenarios mentioned above:
 
-### Passing data between hooks
+### Passing Data Between Hooks
 
 To pass data between hooks, you can assign values to context in an earlier hook in the lifecycle of a request and expect it the context in a later hook.
 
@@ -43,6 +43,7 @@ const Customer: CollectionConfig = {
       },
     ],
     afterChange: [
+
       async ({ context, doc, req }) => {
         // use context.customerData without needing to fetch it again
         if (context.customerData.contacted === false) {
@@ -57,7 +58,7 @@ const Customer: CollectionConfig = {
 }
 ```
 
-### Preventing infinite loops
+### Preventing Infinite Loops
 
 Let's say you have an `afterChange` hook, and you want to do a calculation inside the hook (as the document ID needed for the calculation is available in the `afterChange` hook, but not in the `beforeChange` hook). Once that's done, you want to update the document with the result of the calculation.
 

docs/hooks/fields.mdx

@@ -8,7 +8,7 @@ keywords: hooks, fields, config, configuration, documentation, Content Managemen
 
 Field Hooks are [Hooks](./overview) that run on Documents on a per-field basis. They allow you to execute your own logic during specific events of the Document lifecycle. Field Hooks offer incredible potential for isolating your logic from the rest of your [Collection Hooks](./collections) and [Global Hooks](./globals).
 
-To add hooks to a Field, use the `hooks` property in your [Field Config](../fields/overview):
+To add Hooks to a Field, use the `hooks` property in your [Field Config](../fields/overview):
 
 ```ts
 import type { Field } from 'payload';
@@ -21,14 +21,6 @@ export const FieldWithHooks: Field = {
 }
 ```
 
-The following Field Hooks are available:
-
-- [`beforeValidate`](#beforevalidate)
-- [`beforeChange`](#beforechange)
-- [`beforeDuplicate`](#beforeduplicate)
-- [`afterChange`](#afterchange)
-- [`afterRead`](#afterread)
-
 ## Config Options
 
 All Field Hooks accept an array of synchronous or asynchronous functions. These functions can optionally modify the return value of the field before the operation continues. All Field Hooks are formatted to accept the same arguments, although some arguments may be `undefined` based the specific hook type.
@@ -58,7 +50,7 @@ const FieldWithHooks: Field = {
 }
 ```
 
-The following arguments are available to all Field Hooks:
+The following arguments are provided to all Field Hooks:
 
 | Option                   | Description                                                                                                                                                                                                           |
 | ------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |

docs/hooks/globals.mdx

@@ -8,7 +8,7 @@ keywords: hooks, globals, config, configuration, documentation, Content Manageme
 
 Global Hooks are [Hooks](./overview) that run on [Global](../configuration/globals) Documents. They allow you to execute your own logic during specific events of the Document lifecycle.
 
-To add hooks to a Global, use the `hooks` property in your [Global Config](../configuration/globals):
+To add Hooks to a Global, use the `hooks` property in your [Global Config](../configuration/globals):
 
 ```ts
 import type { GlobalConfig } from 'payload';
@@ -21,13 +21,10 @@ export const GlobalWithHooks: GlobalConfig = {
 }
 ```
 
-The following Global Hooks are available:
-
-- [`beforeValidate`](#beforevalidate)
-- [`beforeChange`](#beforechange)
-- [`afterChange`](#afterchange)
-- [`beforeRead`](#beforeread)
-- [`afterRead`](#afterread)
+<Banner type="info">
+  <strong>Tip:</strong>
+  You can also set hooks on the field-level to isolate hook logic to specific fields. [More details](./fields).
+</Banner>
 
 ## Config Options
 
@@ -58,15 +55,15 @@ Runs before the `update` operation. This hook allows you to add or format data b
 import type { GlobalBeforeValidateHook } from 'payload'
 
 const beforeValidateHook: GlobalBeforeValidateHook = async ({
-  data, // incoming data to update or create with
-  req, // full Request object
-  originalDoc, // original document
+  data,
+  req,
+  originalDoc,
 }) => {
-  return data // Return data to update the document with
+  return data
 }
 ```
 
-The following arguments are passed to the `beforeValidate` hook:
+The following arguments are provided to the `beforeValidate` hook:
 
 | Option                   | Description                                                                                                                                                                                                           |
 | ------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
@@ -84,15 +81,15 @@ Immediately following validation, `beforeChange` hooks will run within the `upda
 import type { GlobalBeforeChangeHook } from 'payload'
 
 const beforeChangeHook: GlobalBeforeChangeHook = async ({
-  data, // incoming data to update or create with
-  req, // full Request object
-  originalDoc, // original document
+  data,
+  req,
+  originalDoc,
 }) => {
-  return data // Return data to update the document with
+  return data
 }
 ```
 
-The following arguments are passed to the `beforeChange` hook:
+The following arguments are provided to the `beforeChange` hook:
 
 | Option                   | Description                                                                                                                                                                                                           |
 | ------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
@@ -110,15 +107,15 @@ After a global is updated, the `afterChange` hook runs. Use this hook to purge c
 import type { GlobalAfterChangeHook } from 'payload'
 
 const afterChangeHook: GlobalAfterChangeHook = async ({
-  doc, // full document data
-  previousDoc, // document data before updating the collection
-  req, // full Request object
+  doc,
+  previousDoc,
+  req,
 }) => {
   return data
 }
 ```
 
-The following arguments are passed to the `afterChange` hook:
+The following arguments are provided to the `afterChange` hook:
 
 | Option                   | Description                                                                                                                                                                                                           |
 | ------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
@@ -136,12 +133,12 @@ Runs before `findOne` global operation is transformed for output by `afterRead`.
 import type { GlobalBeforeReadHook } from 'payload'
 
 const beforeReadHook: GlobalBeforeReadHook = async ({
-  doc, // full document data
-  req, // full Request object
+  doc,
+  req,
 }) => {...}
 ```
 
-The following arguments are passed to the `beforeRead` hook:
+The following arguments are provided to the `beforeRead` hook:
 
 | Option                   | Description                                                                                                                                                                                                           |
 | ------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
@@ -158,13 +155,13 @@ Runs as the last step before a global is returned. Flattens locales, hides prote
 import type { GlobalAfterReadHook } from 'payload'
 
 const afterReadHook: GlobalAfterReadHook = async ({
-  doc, // full document data
-  req, // full Request object
-  findMany, // boolean to denote if this hook is running against finding one, or finding many (useful in versions)
+  doc,
+  req,
+  findMany,
 }) => {...}
 ```
 
-The following arguments are passed to the `beforeRead` hook:
+The following arguments are provided to the `beforeRead` hook:
 
 | Option                   | Description                                                                                                                                                                                                           |
 | ------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |

docs/hooks/overview.mdx

@@ -2,13 +2,13 @@
 title: Hooks Overview
 label: Overview
 order: 10
-desc: Hooks allow you to add your own logic to Payload, including integrating with third-party APIs, adding auto-generated data, or modifing Payload's base functionality.
+desc: Hooks allow you to add your own logic to Payload, including integrating with third-party APIs, adding auto-generated data, or modifying Payload's base functionality.
 keywords: hooks, overview, config, configuration, documentation, Content Management System, cms, headless, javascript, node, react, nextjs
 ---
 
-Hooks allow you to execute your own logic during specific events of the Document lifecycle. With Hooks, you can transform Payload from a traditional CMS into a fully-fledged application framework. They allow you to perform business tasks, third-party integrations, etc. during precise moments within the data lifecycle.
+Hooks allow you to execute your own side effects during specific events of the Document lifecycle. They allow you to do things like mutate data, perform business logic, integrate with third-parties, or anything else, all during precise moments within your application.
 
-There are many use cases for Hooks, including:
+With Hooks, you can transform Payload from a traditional CMS into a fully-fledged application framework. There are many use cases for Hooks, including:
 
 - Modify data before it is read or updated
 - Encrypt and decrypt sensitive data
@@ -18,23 +18,79 @@ There are many use cases for Hooks, including:
 - Send emails when contact forms are submitted
 - Track data ownership or changes over time
 
-There are three main types of Hooks in Payload:
+There are four main types of Hooks in Payload:
 
+- [Root Hooks](#root-hooks)
 - [Collection Hooks](/docs/hooks/collections)
 - [Global Hooks](/docs/hooks/globals)
 - [Field Hooks](/docs/hooks/fields)
 
 <Banner type="warning">
   <strong>Reminder:</strong>
-  Payload also ships a set of _React_ hooks that you can use in your frontend application. Although they share a common name, these are very different things and should not be confused. [More details](../admin.hooks).
+  Payload also ships a set of _React_ hooks that you can use in your frontend application. Although they share a common name, these are very different things and should not be confused. [More details](../admin/hooks).
 </Banner>
 
-## Async vs. synchronous
+## Root Hooks
 
-All Hooks can be written as either synchronous or asynchronous functions. If the Hook should modify data before a document is updated or created, and it relies on asynchronous actions such as fetching data from a third party, it might make sense to define your Hook as an asynchronous function. This way you can be sure that your Hook completes before the operation's lifecycle continues. Async hooks are run in series - so if you have two async hooks defined, the second hook will wait for the first to complete before it starts.
+Root Hooks are not associated with any specific Collection, Global, or Field. They are useful for globally-oriented side effects, such as when an error occurs at the application level.
+
+To add Root Hooks, use the `hooks` property in your [Payload Config](/docs/configuration/config):
+
+```ts
+import {  buildConfig } from 'payload'
+
+export default buildConfig({
+  // ...
+  // highlight-start
+  hooks: {
+    afterError: () => {...}
+  },
+  // highlight-end
+})
+```
+
+The following options are available:
+
+| Option       | Description                                                                                   |
+|--------------|-----------------------------------------------------------------------------------------------|
+| **`afterError`** | Runs after an error occurs in the Payload application.                                         |
+
+### afterError
+
+The `afterError` Hook is triggered when an error occurs in the Payload application. This can be useful for logging errors to a third-party service, sending an email to the development team, logging the error to Sentry or DataDog, etc.
+
+```ts
+import {  buildConfig } from 'payload'
+
+export default buildConfig({
+  // ...
+  hooks: {
+    afterError: async ({ error }) => {
+      // Do something
+    }
+  },
+})
+```
+
+The following arguments are provided to the `afterError` Hook:
+
+| Argument | Description                                                                                   |
+|----------|-----------------------------------------------------------------------------------------------|
+| **`error`**  | The error that occurred.                                                                      |
+| **`context`**            | Custom context passed between Hooks. [More details](./context).                                                                                                                              |
+
+## Async vs. Synchronous
+
+All Hooks can be written as either synchronous or asynchronous functions. Choosing the right type depends on your use case, but switching between the two is as simple as adding or removing the `async` keyword.
+
+#### Asynchronous
+
+If the Hook should modify data before a Document is updated or created, and it relies on asynchronous actions such as fetching data from a third party, it might make sense to define your Hook as an asynchronous function. This way you can be sure that your Hook completes before the operation's lifecycle continues. Async hooks are run in series - so if you have two async hooks defined, the second hook will wait for the first to complete before it starts.
+
+#### Synchronous
 
 If your Hook simply performs a side-effect, such as updating a CRM, it might be okay to define it synchronously, so the Payload operation does not have to wait for your hook to complete.
 
-## Server-only execution
+## Server-only Execution
 
 Hooks are only triggered on the server and are automatically excluded from the client-side bundle. This means that you can safely use sensitive business logic in your Hooks without worrying about exposing it to the client.

docs/live-preview/overview.mdx

@@ -8,7 +8,7 @@ keywords: live preview, preview, live, iframe, iframe preview, visual editing, d
 
 With Live Preview you can render your front-end application directly within the [Admin Panel](../admin/overview). As you type, your changes take effect in real-time. No need to save a draft or publish your changes. This works in both [Server-side](./server) as well as [Client-side](./client) environments.
 
-Live Preview works by rendering an iframe on the page that loads your front-end application. The Admin Panel communicates with your app through [`window.postMessage`](https://developer.mozilla.org/en-US/docs/Web/API/Window/postMessage) events. These events are emitted every time a change is made to the document. Your app then listens for these events and re-renders itself with the data it receives.
+Live Preview works by rendering an iframe on the page that loads your front-end application. The Admin Panel communicates with your app through [`window.postMessage`](https://developer.mozilla.org/en-US/docs/Web/API/Window/postMessage) events. These events are emitted every time a change is made to the Document. Your app then listens for these events and re-renders itself with the data it receives.
 
 To add Live Preview, use the `admin.livePreview` property in your [Payload Config](../configuration/overview):
 
@@ -28,12 +28,16 @@ const config = buildConfig({
   }
 })
 ```
+<Banner type="warning">
+  <strong>Reminder:</strong>
+  Alternatively, you can define the <code>admin.livePreview</code> property on individual [Collection Admin Configs](../admin/collections) and [Global Admin Configs](../admin/globals). Settings defined here will be merged into the top-level as overrides.
+</Banner>
 
 {/* IMAGE OF LIVE PREVIEW HERE */}
 
 ## Options
 
-Setting up Live Preview is easy. This can be done either globally through the [Root Config](../configuration/overview), or on individual [Collection](../configuration/collections) and [Global](../configuration/globals) configs. Once configured, a new "Live Preview" tab will appear at the top of enabled documents. Navigating to this tab opens the preview window and loads your front-end application.
+Setting up Live Preview is easy. This can be done either globally through the [Root Admin Config](../admin/overview), or on individual [Collection Admin Configs](../admin/collections) and [Global Admin Configs](../admin/globals). Once configured, a new "Live Preview" tab will appear at the top of enabled Documents. Navigating to this tab opens the preview window and loads your front-end application.
 
 The following options are available:
 
@@ -46,11 +50,6 @@ The following options are available:
 
 _\* An asterisk denotes that a property is required._
 
-<Banner type="warning">
-  <strong>Reminder:</strong>
-  Alternatively, you can define the <code>admin.livePreview</code> property on individual [Collection](../configuration/collections) and [Global](../configuration/globals) configs. Settings defined here will be merged into the top-level as overrides.
-</Banner>
-
 ### URL
 
 The `url` property is a string that points to your front-end application. This value is used as the `src` attribute of the iframe rendering your front-end. Once loaded, the Admin Panel will communicate directly with your app through `window.postMessage` events.
@@ -74,7 +73,7 @@ const config = buildConfig({
 
 #### Dynamic URLs
 
-You can also pass a function in order to dynamically format URLs. This is useful for multi-tenant applications, localization, or any other scenario where the URL needs to be generated based on the document being edited.
+You can also pass a function in order to dynamically format URLs. This is useful for multi-tenant applications, localization, or any other scenario where the URL needs to be generated based on the Document being edited.
 
 To set dynamic URLs, set the `admin.livePreview.url` property in your [Payload Config](../configuration/overview) to a function:
 
@@ -105,8 +104,8 @@ The following arguments are provided to the `url` function:
 
 | Path               | Description                                                                                                       |
 | ------------------ | ----------------------------------------------------------------------------------------------------------------- |
-| **`data`**         | The data of the document being edited. This includes changes that have not yet been saved.                        |
-| **`documentInfo`** | Information about the document being edited like collection slug. [More details](../admin/hooks#usedocumentinfo). |
+| **`data`**         | The data of the Document being edited. This includes changes that have not yet been saved.                        |
+| **`documentInfo`** | Information about the Document being edited like collection slug. [More details](../admin/hooks#usedocumentinfo). |
 | **`locale`**       | The locale currently being edited (if applicable). [More details](../configuration/localization).                 |
 
 ### Breakpoints

docs/local-api/overview.mdx

@@ -19,8 +19,7 @@ Here are some common examples of how you can use the Local API:
 - Fetching Payload data within React Server Components
 - Seeding data via Node seed scripts that you write and maintain
 - Opening custom Next.js route handlers which feature additional functionality but still rely on Payload
-- Within Payload access control and hook functions
-- Within access control and hook functions
+- Within [Access Control](../access-control) and [Hooks](../hooks/overview)
 
 ## Accessing Payload
 
@@ -28,7 +27,7 @@ You can gain access to the currently running `payload` object via two ways:
 
 #### Accessing from args or `req`
 
-In most places within Payload itself, you can access `payload` directly from the arguments of hooks, access control, validation functions, and similar. This is the simplest way to access Payload in most cases. Most config functions take the `req` (Request) object, which has Payload bound to it (`req.payload`).
+In most places within Payload itself, you can access `payload` directly from the arguments of [Hooks](../hooks/overview), [Access Control](../access-control/overview), [Validation](../fields/overview#validations) functions, and similar. This is the simplest way to access Payload in most cases. Most config functions take the `req` (Request) object, which has Payload bound to it (`req.payload`).
 
 Example:
 

docs/migration-guide/overview.mdx

@@ -180,7 +180,6 @@ import {
   useFormInitializing,
   useFormModified,
   useFormProcessing,
-  useFormQueryParams,
   useFormSubmitted,
   useHotkey,
   useIntersect,
@@ -221,7 +220,6 @@ import {
   EntityVisibilityProvider,
   FieldComponentsProvider,
   FieldPropsProvider,
-  FormQueryParamsProvider,
   ListInfoProvider,
   ListQueryProvider,
   LocaleProvider,

docs/plugins/overview.mdx

@@ -6,7 +6,7 @@ desc: Plugins provide a great way to modularize Payload functionalities into eas
 keywords: plugins, config, configuration, extensions, custom, documentation, Content Management System, cms, headless, javascript, node, react, nextjs
 ---
 
-Payload Plugins take full advantage of the modularity of the [Payload Config](../configuration/overview), allowing developers to extend Payload's core functionality in a precise and granular way. This pattern allows developers to easily inject custom—sometimes complex—functionality into Payload apps from a very small touch-point.
+Payload Plugins take full advantage of the modularity of the [Payload Config](../configuration/overview), allowing developers developers to easily inject custom—sometimes complex—functionality into Payload apps from a very small touch-point. This is especially useful is sharing your work across multiple projects or with the greater Payload community.
 
 There are many [Official Plugins](#official-plugins) available that solve for some of the most common uses cases, such as the [Form Builder Plugin](./seo) or [SEO Plugin](./seo). There are also [Community Plugins](#community-plugins) available, maintained entirely by contributing members. To extend Payload's functionality in some other way, you can easily [build your own plugin](./build-your-own).
 

docs/plugins/stripe.mdx

@@ -8,11 +8,11 @@ keywords: plugins, stripe, payments, ecommerce
 
 [![NPM](https://img.shields.io/npm/v/@payloadcms/plugin-stripe)](https://www.npmjs.com/package/@payloadcms/plugin-stripe)
 
-With this plugin you can easily integrate [Stripe](https://stripe.com) into Payload. Simply provide your Stripe credentials and this plugin will open up a two-way communication channel between the two platforms. This enables you to easily sync data back and forth, as well as proxy the Stripe REST API through Payload's access control. Use this plugin to completely offload billing to Stripe and retain full control over your application's data.
+With this plugin you can easily integrate [Stripe](https://stripe.com) into Payload. Simply provide your Stripe credentials and this plugin will open up a two-way communication channel between the two platforms. This enables you to easily sync data back and forth, as well as proxy the Stripe REST API through Payload's [Access Control](../access-control). Use this plugin to completely offload billing to Stripe and retain full control over your application's data.
 
 For example, you might be building an e-commerce or SaaS application, where you have a `products` or a `plans` collection that requires either a one-time payment or a subscription. You can to tie each of these products to Stripe, then easily subscribe to billing-related events to perform your application's business logic, such as active purchases or subscription cancellations.
 
-To build a checkout flow on your front-end you can either use [Stripe Checkout](https://stripe.com/payments/checkout), or you can also build a completely custom checkout experience from scratch using [Stripe Web Elements](https://stripe.com/docs/payments/elements). Then to build fully custom, secure customer dashboards, you can leverage Payload's access control to restrict access to your Stripe resources so your users never have to leave your site to manage their accounts.
+To build a checkout flow on your front-end you can either use [Stripe Checkout](https://stripe.com/payments/checkout), or you can also build a completely custom checkout experience from scratch using [Stripe Web Elements](https://stripe.com/docs/payments/elements). Then to build fully custom, secure customer dashboards, you can leverage Payload's Access Control to restrict access to your Stripe resources so your users never have to leave your site to manage their accounts.
 
 The beauty of this plugin is the entirety of your application's content and business logic can be handled in Payload while Stripe handles solely the billing and payment processing. You can build a completely proprietary application that is endlessly customizable and extendable, on APIs and databases that you own. Hosted services like Shopify or BigCommerce might fracture your application's content then charge you for access.
 

docs/production/deployment.mdx

@@ -47,7 +47,7 @@ deploying to Production, it's a good idea to double-check that you are making pr
 ### The Secret Key
 
 When you initialize Payload, you provide it with a `secret` property. This property should be impossible to guess and
-extremely difficult for brute-force attacks to crack. Make sure your Production `secret` is a long, complex string. 
+extremely difficult for brute-force attacks to crack. Make sure your Production `secret` is a long, complex string.
 
 ### Double-check and thoroughly test all Access Control
 
@@ -78,7 +78,7 @@ Note that this is different than running `next dev`. Generally, Next.js apps com
 ### Secure Cookie Settings
 
 You should be using an SSL certificate for production Payload instances, which means you
-can [enable secure cookies](/docs/authentication/config) in your Authentication-enabled Collection configs.
+can [enable secure cookies](/docs/authentication/overview) in your Authentication-enabled Collection configs.
 
 ### Preventing API Abuse
 
@@ -88,7 +88,7 @@ more. [Click here to learn more](/docs/production/preventing-abuse).
 
 ## Database
 
-Payload can be used with any Postgres database or MongoDB-compatible database including AWS DocumentDB or Azure Cosmos DB. Make sure your production environment has access to the database that Payload uses. 
+Payload can be used with any Postgres database or MongoDB-compatible database including AWS DocumentDB or Azure Cosmos DB. Make sure your production environment has access to the database that Payload uses.
 
 Out of the box, Payload templates pass the `process.env.DATABASE_URI` environment variable to its database adapters, so make sure you've got that environment variable (and all others that you use) assigned in your deployment platform.
 

docs/production/preventing-abuse.mdx

@@ -38,7 +38,7 @@ If you do not need GraphQL it is advised that you disable it altogether with the
 
 Payload does not execute uploaded files on the server, but depending on your setup it may be used to transmit and store potentially dangerous files. If your configuration allows file uploads there is the potential that a bad actor uploads a malicious file that is then served to other users. Consider the following ways to mitigate the risks.
 
-First, enable email [verification](/docs/authentication/config#email-verification) when users are allowed to register new accounts and add other bot prevention services.
+First, enable email [verification](/docs/authentication/overview#email-verification) when users are allowed to register new accounts and add other bot prevention services.
 
 Review that `create` and `update` access on file upload collections are as restrictive as your application needs allow. Consider limiting `read` access of uploaded user's files and how you might limit user uploaded files from being served outside of Payload.
 

docs/queries/overview.mdx

@@ -6,7 +6,7 @@ desc: Payload provides a querying language through all APIs, allowing you to fil
 keywords: query, documents, overview, documentation, Content Management System, cms, headless, javascript, node, react, nextjs
 ---
 
-In Payload, "querying" means filtering or searching through Documents within a [Collection](../configuration/collections). The querying language in Payload is designed to be simple and powerful, allowing you to filter documents with extreme precision.
+In Payload, "querying" means filtering or searching through Documents within a [Collection](../configuration/collections). The querying language in Payload is designed to be simple and powerful, allowing you to filter Documents with extreme precision through an intuitive and standardized structure.
 
 Payload provides three common APIs for querying your data:
 

docs/rest-api/overview.mdx

@@ -599,7 +599,7 @@ export const Orders: CollectionConfig = {
     {
       path: '/:id/tracking',
       method: 'get',
-      handler: (req) => {
+      handler: async (req) => {
         const tracking = await getTrackingInfo(req.params.id)
 
         if (!tracking) {
@@ -614,7 +614,7 @@ export const Orders: CollectionConfig = {
     {
       path: '/:id/tracking',
       method: 'post',
-      handler: (req) => {
+      handler: async (req) => {
         // `data` is not automatically appended to the request
         // if you would like to read the body of the request
         // you can use `data = await req.json()`
@@ -637,9 +637,7 @@ export const Orders: CollectionConfig = {
 
 <Banner>
   <strong>Note:</strong>
-  <br />
-  **req** will have the **payload** object and can be used inside your endpoint handlers for making
-  calls like req.payload.find() that will make use of access control and hooks.
+  **req** will have the **payload** object and can be used inside your endpoint handlers for making calls like req.payload.find() that will make use of [Access Control](../access-control/overview) and [Hooks](../hooks/overview).
 </Banner>
 
 #### Helpful tips
@@ -656,7 +654,7 @@ import { addDataAndFileToRequest } from '@payloadcms/next/utilities'
 {
   path: '/:id/tracking',
   method: 'post',
-  handler: (req) => {
+  handler: async (req) => {
     await addDataAndFileToRequest(req)
     await req.payload.update({
       collection: 'tracking',
@@ -682,7 +680,7 @@ import { addLocalesToRequestFromData } from '@payloadcms/next/utilities'
 {
   path: '/:id/tracking',
   method: 'post',
-  handler: (req) => {
+  handler: async (req) => {
     await addLocalesToRequestFromData(req)
     // you now can access req.locale & req.fallbackLocale
     return Response.json({ message: 'success' })
@@ -690,8 +688,6 @@ import { addLocalesToRequestFromData } from '@payloadcms/next/utilities'
 }
 ```
 
-
-
 ## Method Override for GET Requests
 
 Payload supports a method override feature that allows you to send GET requests using the HTTP POST method. This can be particularly useful in scenarios when the query string in a regular GET request is too long.

docs/typescript/generating-types.mdx

@@ -6,7 +6,7 @@ desc: Generate your own TypeScript interfaces based on your collections and glob
 keywords: headless cms, typescript, documentation, Content Management System, cms, headless, javascript, node, react, nextjs
 ---
 
-While building your own custom functionality into Payload, like plugins, hooks, access control functions, custom views, GraphQL queries / mutations, or anything else, you may benefit from generating your own TypeScript types dynamically from your Payload Config itself.
+While building your own custom functionality into Payload, like [Plugins](../plugins/overview), [Hooks](../hooks/overview), [Access Control](../access-control/overview) functions, [Custom Views](../admin/views), [GraphQL queries / mutations](../graphql/overview), or anything else, you may benefit from generating your own TypeScript types dynamically from your Payload Config itself.
 
 ## Types generation script
 
@@ -106,7 +106,7 @@ For example, let's look at the following simple Payload Config:
 import type { Config } from 'payload'
 
 const config: Config = {
-  serverURL: process.env.PAYLOAD_PUBLIC_SERVER_URL,
+  serverURL: process.env.NEXT_PUBLIC_SERVER_URL,
   admin: {
     user: 'users',
   },

docs/typescript/overview.mdx

@@ -20,7 +20,7 @@ It's also possible to set up a TypeScript project from scratch. We plan to write
 
 ## Using Payload's Exported Types
 
-Payload exports a number of types that you may find useful while writing your own plugins, hooks, access control functions, custom views, GraphQL queries / mutations, or anything else.
+Payload exports a number of types that you may find useful while writing your own custom functionality like [Plugins](../plugins/overview), [Hooks](../hooks/overview), [Access Control](../access-control/overview) functions, [Custom Views](../admin/views), [GraphQL queries / mutations](../graphql/overview) or anything else.
 
 ## Config Types
 

docs/upload/storage-adapters.mdx

@@ -318,17 +318,17 @@ This plugin is configurable to work across many different Payload collections. A
 | ----------------------------- | -------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | `adapter` \*                  | [Adapter](https://github.com/payloadcms/plugin-cloud-storage/blob/master/src/types.ts#L51)         | Pass in the adapter that you'd like to use for this collection. You can also set this field to `null` for local development if you'd like to bypass cloud storage in certain scenarios and use local storage. |
 | `disableLocalStorage`         | `boolean`                                                                                          | Choose to disable local storage on this collection. Defaults to `true`.                                                                                                                                       |
-| `disablePayloadAccessControl` | `true`                                                                                             | Set to `true` to disable Payload's access control. [More](#payload-access-control)                                                                                                                            |
+| `disablePayloadAccessControl` | `true`                                                                                             | Set to `true` to disable Payload's Access Control. [More](#payload-access-control)                                                                                                                            |
 | `prefix`                      | `string`                                                                                           | Set to `media/images` to upload files inside `media/images` folder in the bucket.                                                                                                                             |
 | `generateFileURL`             | [GenerateFileURL](https://github.com/payloadcms/plugin-cloud-storage/blob/master/src/types.ts#L53) | Override the generated file URL with one that you create.                                                                                                                                                     |
 
 ## Payload Access Control
 
-Payload ships with access control that runs _even on statically served files_. The same `read` access control property on your `upload`-enabled collections is used, and it allows you to restrict who can request your uploaded files.
+Payload ships with [Access Control](../access-control/overview) that runs _even on statically served files_. The same `read` Access Control property on your `upload`-enabled collections is used, and it allows you to restrict who can request your uploaded files.
 
-To preserve this feature, by default, this plugin _keeps all file URLs exactly the same_. Your file URLs won't be updated to point directly to your cloud storage source, as in that case, Payload's access control will be completely bypassed and you would need public readability on your cloud-hosted files.
+To preserve this feature, by default, this plugin _keeps all file URLs exactly the same_. Your file URLs won't be updated to point directly to your cloud storage source, as in that case, Payload's Access control will be completely bypassed and you would need public readability on your cloud-hosted files.
 
-Instead, all uploads will still be reached from the default `/collectionSlug/staticURL/filename` path. This plugin will "pass through" all files that are hosted on your third-party cloud service—with the added benefit of keeping your existing access control in place.
+Instead, all uploads will still be reached from the default `/collectionSlug/staticURL/filename` path. This plugin will "pass through" all files that are hosted on your third-party cloud service—with the added benefit of keeping your existing Access Control in place.
 
 If this does not apply to you (your upload collection has `read: () => true` or similar) you can disable this functionality by setting `disablePayloadAccessControl` to `true`. When this setting is in place, this plugin will update your file URLs to point directly to your cloud host.
 

docs/versions/drafts.mdx

@@ -82,7 +82,7 @@ But, if you specify `draft` as `true`, Payload will automatically replace your p
 
 #### Restricting draft access
 
-You can use the `read` [Access Control](/docs/access-control/collections#read) method to restrict who is able to view drafts of your documents by simply returning a [query constraint](/docs/queries/overview) which restricts the documents that any given user is able to retrieve.
+You can use the `read` [Access Control](../access-control/collections#read) method to restrict who is able to view drafts of your documents by simply returning a [query constraint](/docs/queries/overview) which restricts the documents that any given user is able to retrieve.
 
 Here is an example that utilizes the `_status` field to require a user to be logged in to retrieve drafts:
 
@@ -120,13 +120,13 @@ export const Pages: CollectionConfig = {
   If you already have a collection with documents, and you <em>opt in</em> to draft functionality
   after you have already created existing documents, all of your old documents{' '}
   <em>will not have a _status field</em> until you resave them. For this reason, if you are{' '}
-  <em>adding</em> versions into an existing collection, you might want to write your access control
+  <em>adding</em> versions into an existing collection, you might want to write your Access Control
   function to allow for users to read both documents where{' '}
   <strong>_status is equal to "published"</strong> as well as where{' '}
   <strong>_status does not exist</strong>.
 </Banner>
 
-Here is an example for how to write an access control function that grants access to both documents where `_status` is equal to "published" and where `_status` does not exist:
+Here is an example for how to write an [Access Control](../access-control/overview) function that grants access to both documents where `_status` is equal to "published" and where `_status` does not exist:
 
 ```ts
 import type { CollectionConfig } from 'payload'

docs/versions/overview.mdx

@@ -43,7 +43,7 @@ For example, a use case for "versions enabled, drafts disabled" could be on a co
 
 ### Versions and drafts enabled
 
-If you have versions _and_ drafts enabled, you are able to control which documents are published, and which are considered draft. That lets you write [access control](/docs/access-control/overview) to control who can see published documents, and who can see draft documents. It also lets you save versions (drafts) that are _newer_ than your most recently published document, which is helpful if you want to draft changes and maybe even preview them before you publish the changes. Read more about Drafts [here](/docs/versions/drafts).
+If you have versions _and_ drafts enabled, you are able to control which documents are published, and which are considered draft. That lets you write [Access Control](../access-control/overview) to control who can see published documents, and who can see draft documents. It also lets you save versions (drafts) that are _newer_ than your most recently published document, which is helpful if you want to draft changes and maybe even preview them before you publish the changes. Read more about Drafts [here](/docs/versions/drafts).
 
 ### Versions, drafts, and autosave enabled
 
@@ -245,10 +245,10 @@ const result = await payload.restoreGlobalVersion({
 
 ## Access Control
 
-Versions expose a new access control function on both Collections and Globals that allow for you to control who can see versions of documents, and who can't.
-
-**New version access control:**
+Versions expose a new [Access Control](../access-control/overview) function on both [Collections](../configuration/collections) and [Globals](../configuration/globals) that allow for you to control who can see versions of documents, and who can't.
 
 | Function           | Allows/Denies Access                                                                                                   |
 | ------------------ | ---------------------------------------------------------------------------------------------------------------------- |
 | **`readVersions`** | Used to control who can read versions, and who can't. Will automatically restrict the Admin UI version viewing access. |
+
+For full details on how to use Access Control with Versions, see the [Access Control](../access-control/overview) documentation.

examples/auth/payload/README.md

@@ -95,7 +95,7 @@ See the [Collections](https://payloadcms.com/docs/configuration/collections) doc
 
 ### Security
 
-The [`cors`](https://payloadcms.com/docs/production/preventing-abuse#cross-origin-resource-sharing-cors), [`csrf`](https://payloadcms.com/docs/production/preventing-abuse#cross-site-request-forgery-csrf), and [`cookies`](https://payloadcms.com/docs/authentication/config#options) settings are all configured to ensure that the admin panel and front-end can communicate with each other securely.
+The [`cors`](https://payloadcms.com/docs/production/preventing-abuse#cross-origin-resource-sharing-cors), [`csrf`](https://payloadcms.com/docs/production/preventing-abuse#cross-site-request-forgery-csrf), and [`cookies`](https://payloadcms.com/docs/authentication/overview#options) settings are all configured to ensure that the admin panel and front-end can communicate with each other securely.
 
 For additional help, see the [Authentication](https://payloadcms.com/docs/authentication/overview#authentication-overview) docs.
 

examples/draft-preview/payload/README.md

@@ -37,18 +37,20 @@ See the [Collections](https://payloadcms.com/docs/configuration/collections) doc
   The `pages` collection is draft-enabled and has access control that restricts public users from viewing pages with a `_status` of `draft`. To fetch draft documents on your front-end, simply include the `draft=true` query param along with the `Authorization` header once you have entered [Preview Mode](#preview-mode).
 
   ```ts
-    const preview = true; // set this based on your own front-end environment (see `Preview Mode` below)
-    const pageSlug = 'example-page'; // same here
-    const searchParams = `?where[slug][equals]=${pageSlug}&depth=1${preview ? `&draft=true` : ''}`
+  const preview = true // set this based on your own front-end environment (see `Preview Mode` below)
+  const pageSlug = 'example-page' // same here
+  const searchParams = `?where[slug][equals]=${pageSlug}&depth=1${preview ? `&draft=true` : ''}`
 
-    // when previewing, send the payload token to bypass draft access control
-    const pageReq = await fetch(`${process.env.NEXT_PUBLIC_PAYLOAD_URL}/api/pages${searchParams}`, {
-      headers: {
-        ...preview ? {
-          Authorization: `JWT ${payloadToken}`,
-        } : {},
-      },
-    })
+  // when previewing, send the payload token to bypass draft access control
+  const pageReq = await fetch(`${process.env.NEXT_PUBLIC_PAYLOAD_URL}/api/pages${searchParams}`, {
+    headers: {
+      ...(preview
+        ? {
+            Authorization: `JWT ${payloadToken}`,
+          }
+        : {}),
+    },
+  })
   ```
 
   For more details on how to extend this functionality, see the [Authentication](https://payloadcms.com/docs/authentication) docs.
@@ -71,7 +73,7 @@ You might also want to render an admin bar on your front-end so that logged-in u
 
 ### CORS
 
-The [`cors`](https://payloadcms.com/docs/production/preventing-abuse#cross-origin-resource-sharing-cors), [`csrf`](https://payloadcms.com/docs/production/preventing-abuse#cross-site-request-forgery-csrf), and [`cookies`](https://payloadcms.com/docs/authentication/config#options) settings are configured to ensure that the admin panel and front-end can communicate with each other securely. If you are combining your front-end and admin panel into a single application that runs of a shared port and domain, you can simplify your config by removing these settings.
+The [`cors`](https://payloadcms.com/docs/production/preventing-abuse#cross-origin-resource-sharing-cors), [`csrf`](https://payloadcms.com/docs/production/preventing-abuse#cross-site-request-forgery-csrf), and [`cookies`](https://payloadcms.com/docs/authentication/overview#options) settings are configured to ensure that the admin panel and front-end can communicate with each other securely. If you are combining your front-end and admin panel into a single application that runs of a shared port and domain, you can simplify your config by removing these settings.
 
 For more details on this, see the [CORS](https://payloadcms.com/docs/production/preventing-abuse#cross-origin-resource-sharing-cors) docs.
 

examples/multi-tenant-single-domain/README.md

@@ -1,4 +1,4 @@
-# Payload Multi-Tenant Example
+# Payload Multi-Tenant Example (Single Domain)
 
 This example demonstrates how to achieve a multi-tenancy in [Payload](https://github.com/payloadcms/payload) on a single domain. Tenants are separated by a `Tenants` collection.
 
@@ -6,12 +6,16 @@ This example demonstrates how to achieve a multi-tenancy in [Payload](https://gi
 
 To spin up this example locally, follow these steps:
 
-1. First clone the repo
-2. `cd YOUR_PROJECT_REPO && cp .env.example .env`
-3. `pnpm i && pnpm dev`
-4. run `yarn seed` to seed the database
-5. open `http://localhost:3000/admin` to access the admin panel
-6. Login with email `demo@payloadcms.com` and password `demo`
+1. Clone this repo
+1. `cd` into this directory and run `pnpm i --ignore-workspace`\*, `yarn`, or `npm install`
+
+   > \*If you are running using pnpm within the Payload Monorepo, the `--ignore-workspace` flag is needed so that pnpm generates a lockfile in this example's directory despite the fact that one exists in root.
+
+1. `pnpm dev`, `yarn dev` or `npm run dev` to start the server
+   - Press `y` when prompted to seed the database
+1. `open http://localhost:3000` to access the home page
+1. `open http://localhost:3000/admin` to access the admin panel
+   - Login with email `demo@payloadcms.com` and password `demo`
 
 ## How it works
 

examples/multi-tenant-single-domain/next.config.mjs

@@ -0,0 +1,8 @@
+import { withPayload } from '@payloadcms/next/withPayload'
+
+/** @type {import('next').NextConfig} */
+const nextConfig = {
+  // Your Next.js config here
+}
+
+export default withPayload(nextConfig)

examples/multi-tenant-single-domain/package.json

@@ -1,21 +1,18 @@
 {
   "name": "multi-tenant-single-domain",
-  "description": "An example of a multi tenant application, using a single domain",
   "version": "1.0.0",
+  "description": "An example of a multi tenant application, using a single domain",
   "license": "MIT",
   "type": "module",
-  "engines": {
-    "node": "^18.20.2 || >=20.9.0"
-  },
   "scripts": {
-    "dev": "cross-env NODE_OPTIONS=--no-deprecation next dev --turbo",
     "_dev": "cross-env NODE_OPTIONS=--no-deprecation next dev",
     "build": "cross-env NODE_OPTIONS=--no-deprecation next build",
-    "payload": "cross-env NODE_OPTIONS=--no-deprecation payload",
-    "start": "cross-env NODE_OPTIONS=--no-deprecation next start",
-    "generate:types": "payload generate:types",
+    "dev": "cross-env NODE_OPTIONS=--no-deprecation && pnpm seed && next dev --turbo",
     "generate:schema": "payload-graphql generate:schema",
-    "seed": "tsx ./scripts/seed.ts"
+    "generate:types": "payload generate:types",
+    "payload": "cross-env NODE_OPTIONS=--no-deprecation payload",
+    "seed": "npm run payload migrate:fresh",
+    "start": "cross-env NODE_OPTIONS=--no-deprecation next start"
   },
   "dependencies": {
     "@payloadcms/db-mongodb": "3.0.0-beta.58",
@@ -42,6 +39,9 @@
     "tsx": "^4.16.2",
     "typescript": "5.5.2"
   },
+  "engines": {
+    "node": "^18.20.2 || >=20.9.0"
+  },
   "pnpm": {
     "overrides": {
       "@types/react": "npm:types-react@19.0.0-beta.2",

examples/multi-tenant-single-domain/scripts/seed.ts

@@ -1,182 +0,0 @@
-/**
- * This is an example of a standalone script that loads in the Payload config
- * and uses the Payload Local API to query the database.
- */
-
-import type { Payload } from 'payload';
-
-import { getPayload } from 'payload'
-import { importConfig } from 'payload/node'
-
-async function findOrCreateTenant({ data, payload }: { data: any; payload: Payload }) {
-  const tenantsQuery = await payload.find({
-    collection: 'tenants',
-    where: {
-      slug: {
-        equals: data.slug,
-      },
-    },
-  })
-
-  if (tenantsQuery.docs?.[0]) return tenantsQuery.docs[0]
-
-  return payload.create({
-    collection: 'tenants',
-    data,
-  })
-}
-
-async function findOrCreateUser({ data, payload }: { data: any; payload: Payload }) {
-  const usersQuery = await payload.find({
-    collection: 'users',
-    where: {
-      email: {
-        equals: data.email,
-      },
-    },
-  })
-
-  if (usersQuery.docs?.[0]) return usersQuery.docs[0]
-
-  return payload.create({
-    collection: 'users',
-    data,
-  })
-}
-
-async function findOrCreatePage({ data, payload }: { data: any; payload: Payload }) {
-  const pagesQuery = await payload.find({
-    collection: 'pages',
-    where: {
-      slug: {
-        equals: data.slug,
-      },
-    },
-  })
-
-  if (pagesQuery.docs?.[0]) return pagesQuery.docs[0]
-
-  return payload.create({
-    collection: 'pages',
-    data,
-  })
-}
-
-async function run() {
-  const awaitedConfig = await importConfig('../src/payload.config.ts')
-  const payload = await getPayload({ config: awaitedConfig })
-
-  const tenant1 = await findOrCreateTenant({
-    data: {
-      name: 'Tenant 1',
-      slug: 'tenant-1',
-    },
-    payload,
-  })
-
-  const tenant2 = await findOrCreateTenant({
-    data: {
-      name: 'Tenant 2',
-      slug: 'tenant-2',
-      public: true,
-    },
-    payload,
-  })
-
-  const tenant3 = await findOrCreateTenant({
-    data: {
-      name: 'Tenant 3',
-      slug: 'tenant-3',
-    },
-    payload,
-  })
-
-  await findOrCreateUser({
-    data: {
-      email: 'demo@payloadcms.com',
-      password: 'demo',
-      roles: ['super-admin'],
-    },
-    payload,
-  })
-
-  await findOrCreateUser({
-    data: {
-      email: 'tenant1@payloadcms.com',
-      password: 'test',
-      tenants: [
-        {
-          roles: ['super-admin'],
-          tenant: tenant1.id,
-        },
-      ],
-      username: 'tenant1',
-    },
-    payload,
-  })
-
-  await findOrCreateUser({
-    data: {
-      email: 'tenant2@payloadcms.com',
-      password: 'test',
-      tenants: [
-        {
-          roles: ['super-admin'],
-          tenant: tenant2.id,
-        },
-      ],
-      username: 'tenant2',
-    },
-    payload,
-  })
-
-  await findOrCreateUser({
-    data: {
-      email: 'multi-admin@payloadcms.com',
-      password: 'test',
-      tenants: [
-        {
-          roles: ['super-admin'],
-          tenant: tenant1.id,
-        },
-        {
-          roles: ['super-admin'],
-          tenant: tenant2.id,
-        },
-      ],
-      username: 'tenant3',
-    },
-    payload,
-  })
-
-  await findOrCreatePage({
-    data: {
-      slug: 'home',
-      tenant: tenant1.id,
-      title: 'Page for Tenant 1',
-    },
-    payload,
-  })
-
-  await findOrCreatePage({
-    data: {
-      slug: 'home',
-      tenant: tenant2.id,
-      title: 'Page for Tenant 2',
-    },
-    payload,
-  })
-
-  await findOrCreatePage({
-    data: {
-      slug: 'home',
-      tenant: tenant3.id,
-      title: 'Page for Tenant 3',
-    },
-    payload,
-  })
-
-  process.exit(0)
-}
-
-run().catch(console.error)

examples/multi-tenant-single-domain/src/app/(app)/[tenant]/[...slug]/page.tsx

@@ -2,7 +2,7 @@ import type { Where } from 'payload'
 
 import configPromise from '@payload-config'
 import { getPayloadHMR } from '@payloadcms/next/utilities'
-import { headers as getHeaders } from 'next/headers.js'
+import { headers as getHeaders } from 'next/headers'
 import { notFound, redirect } from 'next/navigation'
 import React from 'react'
 

examples/multi-tenant-single-domain/src/cms/collections/Users/index.ts

@@ -1,81 +0,0 @@
-import type { CollectionConfig } from 'payload'
-
-import { isSuperAdmin } from '../../access/isSuperAdmin'
-import { isSuperAdminOrSelf } from './access/isSuperAdminOrSelf'
-import { externalUsersLogin } from './endpoints/externalUsersLogin'
-import { ensureUniqueUsername } from './hooks/ensureUniqueUsername'
-
-const Users: CollectionConfig = {
-  slug: 'users',
-  access: {
-    create: isSuperAdmin,
-    delete: isSuperAdmin,
-    read: (args) => {
-      const { req } = args
-      if (!req?.user) return false
-
-      if (isSuperAdmin(args)) return true
-
-      return {
-        id: {
-          equals: req.user.id,
-        },
-      }
-    },
-    update: isSuperAdminOrSelf,
-  },
-  admin: {
-    useAsTitle: 'email',
-  },
-  auth: true,
-  endpoints: [externalUsersLogin],
-  fields: [
-    {
-      name: 'roles',
-      type: 'select',
-      defaultValue: ['user'],
-      hasMany: true,
-      options: ['super-admin', 'user'],
-    },
-    {
-      name: 'tenants',
-      type: 'array',
-      access: {
-        create: ({ req }) => {
-          if (isSuperAdmin({ req })) return true
-          return false
-        },
-        update: ({ req }) => {
-          if (isSuperAdmin({ req })) return true
-          return false
-        },
-      },
-      fields: [
-        {
-          name: 'tenant',
-          type: 'relationship',
-          index: true,
-          relationTo: 'tenants',
-          saveToJWT: true,
-        },
-        {
-          name: 'roles',
-          type: 'select',
-          defaultValue: ['viewer'],
-          hasMany: true,
-          options: ['super-admin', 'viewer'],
-        },
-      ],
-    },
-    {
-      name: 'username',
-      type: 'text',
-      hooks: {
-        beforeValidate: [ensureUniqueUsername],
-      },
-      index: true,
-    },
-  ],
-}
-
-export default Users

examples/multi-tenant-single-domain/src/cms/mocks/emptyObject.js

@@ -1 +0,0 @@
-export default {};

examples/multi-tenant-single-domain/src/cms/utilities/getTenantAccessIDs.ts

@@ -1,11 +0,0 @@
-import type { User } from '../../payload-types'
-
-export const getTenantAccessIDs = (user: User | null): string[] => {
-  if (!user) return []
-  return user?.tenants?.reduce((acc: string[], { tenant }) => {
-    if (tenant) {
-      acc.push(typeof tenant === 'string' ? tenant : tenant.id)
-    }
-    return acc
-  }, []) || []
-}

examples/multi-tenant-single-domain/src/cms/utilities/isPayloadAdminPanel.ts

@@ -1,5 +0,0 @@
-import type { PayloadRequest } from "payload";
-
-export const isPayloadAdminPanel = (req: PayloadRequest) => {
-  return req.headers.has('referer') && req.headers.get('referer')?.startsWith(`${process.env.NEXT_PUBLIC_SERVER_URL}${req.payload.config.routes.admin}`)
-}

examples/multi-tenant-single-domain/src/cms/utilities/parseCookies.ts

@@ -1,23 +0,0 @@
-import type { Request } from 'express'
-
-export function parseCookies(req: Request): { [key: string]: string } {
-  const list = {}
-  const rc = req.headers.cookie
-
-  if (rc) {
-    rc.split(';').forEach((cookie) => {
-      const parts = cookie.split('=')
-      const key = parts.shift().trim()
-      const encodedValue = parts.join('=')
-
-      try {
-        const decodedValue = decodeURI(encodedValue)
-        list[key] = decodedValue
-      } catch (e) {
-        // swallow e
-      }
-    })
-  }
-
-  return list
-}

examples/multi-tenant-single-domain/src/collections/Pages/access/byTenant.ts

@@ -5,7 +5,7 @@ import { parseCookies } from 'payload'
 import { isSuperAdmin } from '../../../access/isSuperAdmin'
 import { getTenantAccessIDs } from '../../../utilities/getTenantAccessIDs'
 
-export const byTenant: Access = (args) => {
+export const filterByTenantRead: Access = (args) => {
   const req = args.req
   const cookies = parseCookies(req.headers)
   const superAdmin = isSuperAdmin(args)
@@ -58,3 +58,34 @@ export const byTenant: Access = (args) => {
   // Deny access to all others
   return false
 }
+
+export const canMutatePage: Access = (args) => {
+  const req = args.req
+  const superAdmin = isSuperAdmin(args)
+
+  if (!req.user) return false
+
+  // super admins can mutate pages for any tenant
+  if (superAdmin) {
+    return true
+  }
+
+  const cookies = parseCookies(req.headers)
+  const selectedTenant = cookies.get('payload-tenant')
+
+  // tenant admins can add/delete/update
+  // pages they have access to
+  return (
+    req.user?.tenants?.reduce((hasAccess: boolean, accessRow) => {
+      if (hasAccess) return true
+      if (
+        accessRow &&
+        accessRow.tenant === selectedTenant &&
+        accessRow.roles?.includes('tenant-admin')
+      ) {
+        return true
+      }
+      return hasAccess
+    }, false) || false
+  )
+}

examples/multi-tenant-single-domain/src/collections/Pages/index.ts

@@ -2,24 +2,25 @@ import type { CollectionConfig } from 'payload'
 
 import { tenantField } from '../../fields/TenantField'
 import { isPayloadAdminPanel } from '../../utilities/isPayloadAdminPanel'
-import { byTenant } from './access/byTenant'
+import { canMutatePage, filterByTenantRead } from './access/byTenant'
 import { externalReadAccess } from './access/externalReadAccess'
 import { ensureUniqueSlug } from './hooks/ensureUniqueSlug'
 
 export const Pages: CollectionConfig = {
   slug: 'pages',
   access: {
-    delete: byTenant,
+    create: canMutatePage,
+    delete: canMutatePage,
     read: (args) => {
       // when viewing pages inside the admin panel
       // restrict access to the ones your user has access to
-      if (isPayloadAdminPanel(args.req)) return byTenant(args)
+      if (isPayloadAdminPanel(args.req)) return filterByTenantRead(args)
 
       // when viewing pages from outside the admin panel
       // you should be able to see your tenants and public tenants
       return externalReadAccess(args)
     },
-    update: byTenant,
+    update: canMutatePage,
   },
   admin: {
     useAsTitle: 'title',

examples/multi-tenant-single-domain/src/collections/Tenants/access/byTenant.ts

@@ -0,0 +1,66 @@
+import type { Access } from 'payload'
+
+import { parseCookies } from 'payload'
+
+import { isSuperAdmin } from '../../../access/isSuperAdmin'
+import { getTenantAccessIDs } from '../../../utilities/getTenantAccessIDs'
+
+export const filterByTenantRead: Access = (args) => {
+  const req = args.req
+
+  // Super admin can read all
+  if (isSuperAdmin(args)) return true
+
+  const tenantIDs = getTenantAccessIDs(req.user)
+
+  // Allow public tenants to be read by anyone
+  const publicConstraint = {
+    public: {
+      equals: true,
+    },
+  }
+
+  // If a user has tenant ID access,
+  // return constraint to allow them to read those tenants
+  if (tenantIDs.length) {
+    return {
+      or: [
+        publicConstraint,
+        {
+          id: {
+            in: tenantIDs,
+          },
+        },
+      ],
+    }
+  }
+
+  return publicConstraint
+}
+
+export const canMutateTenant: Access = (args) => {
+  const req = args.req
+  const superAdmin = isSuperAdmin(args)
+
+  if (!req.user) return false
+
+  // super admins can mutate pages for any tenant
+  if (superAdmin) {
+    return true
+  }
+
+  const cookies = parseCookies(req.headers)
+
+  return {
+    id: {
+      in:
+        req.user?.tenants
+          ?.map(({ roles, tenant }) =>
+            roles?.includes('tenant-admin')
+              ? tenant && (typeof tenant === 'string' ? tenant : tenant.id)
+              : null,
+          )
+          .filter(Boolean) || [],
+    },
+  }
+}

examples/multi-tenant-single-domain/src/collections/Tenants/index.ts

@@ -1,15 +1,15 @@
 import type { CollectionConfig } from 'payload'
 
 import { isSuperAdmin } from '../../access/isSuperAdmin'
-import { tenantRead } from './access/read'
+import { canMutateTenant, filterByTenantRead } from './access/byTenant'
 
 export const Tenants: CollectionConfig = {
   slug: 'tenants',
   access: {
     create: isSuperAdmin,
-    delete: isSuperAdmin,
-    read: tenantRead,
-    update: isSuperAdmin,
+    delete: canMutateTenant,
+    read: filterByTenantRead,
+    update: canMutateTenant,
   },
   admin: {
     useAsTitle: 'name',

examples/multi-tenant-single-domain/src/collections/Users/access/create.ts

@@ -0,0 +1,19 @@
+import type { Access } from 'payload'
+
+import type { User } from '../../../../payload-types'
+
+import { isSuperAdmin } from '../../../access/isSuperAdmin'
+import { getTenantAdminTenantAccessIDs } from '../../../utilities/getTenantAccessIDs'
+
+export const createAccess: Access<User> = (args) => {
+  const { req } = args
+  if (!req.user) return false
+
+  if (isSuperAdmin(args)) return true
+
+  const adminTenantAccessIDs = getTenantAdminTenantAccessIDs(req.user)
+
+  if (adminTenantAccessIDs.length > 0) return true
+
+  return false
+}

examples/multi-tenant-single-domain/src/collections/Users/access/read.ts

@@ -0,0 +1,51 @@
+import type { User } from '@/payload-types'
+import type { Access, Where } from 'payload'
+
+import { parseCookies } from 'payload'
+
+import { isSuperAdmin } from '../../../access/isSuperAdmin'
+import { getTenantAdminTenantAccessIDs } from '../../../utilities/getTenantAccessIDs'
+
+export const readAccess: Access<User> = (args) => {
+  const { req } = args
+  if (!req?.user) return false
+
+  const cookies = parseCookies(req.headers)
+  const superAdmin = isSuperAdmin(args)
+  const selectedTenant = cookies.get('payload-tenant')
+
+  if (selectedTenant) {
+    // If it's a super admin,
+    // give them read access to only pages for that tenant
+    if (superAdmin) {
+      return {
+        'tenants.tenant': {
+          equals: selectedTenant,
+        },
+      }
+    }
+
+    const tenantAccessIDs = getTenantAdminTenantAccessIDs(req.user)
+    const hasTenantAccess = tenantAccessIDs.some((id) => id === selectedTenant)
+
+    // If NOT super admin,
+    // give them access only if they have access to tenant ID set in cookie
+    if (hasTenantAccess) {
+      return {
+        'tenants.tenant': {
+          equals: selectedTenant,
+        },
+      }
+    }
+  }
+
+  if (superAdmin) return true
+
+  const adminTenantAccessIDs = getTenantAdminTenantAccessIDs(req.user)
+
+  return {
+    'tenants.tenant': {
+      in: adminTenantAccessIDs,
+    },
+  } as Where
+}

examples/multi-tenant-single-domain/src/collections/Users/access/updateAndDelete.ts

@@ -0,0 +1,19 @@
+import type { Access } from 'payload'
+
+import { isSuperAdmin } from '../../../access/isSuperAdmin'
+import { getTenantAdminTenantAccessIDs } from '../../../utilities/getTenantAccessIDs'
+
+export const updateAndDeleteAccess: Access = (args) => {
+  const { req } = args
+  if (!req.user) return false
+
+  if (isSuperAdmin(args)) return true
+
+  const adminTenantAccessIDs = getTenantAdminTenantAccessIDs(req.user)
+
+  return {
+    'tenants.tenant': {
+      in: adminTenantAccessIDs,
+    },
+  }
+}

examples/multi-tenant-single-domain/src/collections/Users/index.ts

@@ -0,0 +1,93 @@
+import type { CollectionConfig } from 'payload'
+
+import type { User } from '../../../payload-types'
+
+import { getTenantAdminTenantAccessIDs } from '../../utilities/getTenantAccessIDs'
+import { createAccess } from './access/create'
+import { readAccess } from './access/read'
+import { updateAndDeleteAccess } from './access/updateAndDelete'
+import { externalUsersLogin } from './endpoints/externalUsersLogin'
+import { ensureUniqueUsername } from './hooks/ensureUniqueUsername'
+
+const Users: CollectionConfig = {
+  slug: 'users',
+  access: {
+    create: createAccess,
+    delete: updateAndDeleteAccess,
+    read: readAccess,
+    update: updateAndDeleteAccess,
+  },
+  admin: {
+    useAsTitle: 'email',
+  },
+  auth: true,
+  endpoints: [externalUsersLogin],
+  fields: [
+    {
+      name: 'roles',
+      type: 'select',
+      defaultValue: ['user'],
+      hasMany: true,
+      options: ['super-admin', 'user'],
+    },
+    {
+      name: 'tenants',
+      type: 'array',
+      fields: [
+        {
+          name: 'tenant',
+          type: 'relationship',
+          filterOptions: ({ user }) => {
+            if (!user) {
+              // Would like to query where exists true on id
+              // but that is not working
+              return {
+                id: {
+                  like: '',
+                },
+              }
+            }
+            if (user?.roles?.includes('super-admin')) {
+              // Would like to query where exists true on id
+              // but that is not working
+              return {
+                id: {
+                  like: '',
+                },
+              }
+            }
+            const adminTenantAccessIDs = getTenantAdminTenantAccessIDs(user as User)
+            return {
+              id: {
+                in: adminTenantAccessIDs,
+              },
+            }
+          },
+          index: true,
+          relationTo: 'tenants',
+          required: true,
+          saveToJWT: true,
+        },
+        {
+          name: 'roles',
+          type: 'select',
+          defaultValue: ['tenant-viewer'],
+          hasMany: true,
+          options: ['tenant-admin', 'tenant-viewer'],
+          required: true,
+        },
+      ],
+      saveToJWT: true,
+    },
+    {
+      name: 'username',
+      type: 'text',
+      hooks: {
+        beforeValidate: [ensureUniqueUsername],
+      },
+      index: true,
+    },
+  ],
+}
+
+export default Users

examples/multi-tenant-single-domain/src/components/TenantSelector/index.client.tsx

@@ -1,12 +1,11 @@
 'use client'
-
 import type { Option } from '@payloadcms/ui/elements/ReactSelect'
 import type { OptionObject } from 'payload'
 
 import { SelectInput, useAuth } from '@payloadcms/ui'
 import React from 'react'
 
-import type { Tenant, User } from '../../../payload-types'
+import type { Tenant, User } from '../../../payload-types.js'
 
 import './index.scss'