docs: add authentication guide for app developers
Covers OAuth 2.0 with PKCE flow, bearer token usage, and the viewer
query for fetching authenticated user info.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>