docs: fix security callbacks documentation for single vs multiple schemes

docs/sdks/customize/authentication/security-callbacks.mdx

@@ -28,9 +28,9 @@ Instead of providing credentials once during SDK instantiation, pass a custom au
   ]}
 />
 
-## Example: Bearer authentication
+## Single security scheme
 
-In this example, bearer authentication is used as the only security scheme:
+When your OpenAPI spec defines a single security scheme, the SDK exposes the scheme name directly as a property that accepts a callback function returning the credential value.
 
 ```yaml
 security:
@@ -42,23 +42,181 @@ components:
       scheme: bearer
 ```
 
-The callback function passed when initializing the SDK acts as a _security source_ and is called whenever a request is made, allowing tokens to be refreshed if needed.
+The callback function is called whenever a request is made, allowing tokens to be refreshed if needed.
 
 <CodeWithTabs
   tabs={[
     {
       label: "TypeScript",
       language: "typescript",
       code: `import { SDK } from "<packageName>";
-  import { Security } from "<packageName>/models";
 
-  const sdk = new SDK({
-    security: async (): Promise<Security> => {
+const sdk = new SDK({
+  bearerAuth: async (): Promise<string> => {
+    // refresh token here
+    const token = await getToken();
+    return token;
+  },
+});`,
+    },
+    {
+      label: "Python",
+      language: "python",
+      code: `import requests
+  import sdk
+  from sdk.components import Security
+
+  def callback() -> Security:
+      # refresh token here
+      token = "<YOUR_JWT>"
+      return Security(bearer_auth=token)
+
+  s = sdk.SDK(security=with_authorization(callback))`,
+    },
+    {
+      label: "Go",
+      language: "go",
+      code: `import (
+    "context"
+    sdk "speakeasy"
+    "speakeasy/components"
+  )
+
+  s := sdk.New(
+      sdk.WithSecuritySource(func(ctx context.Context) (components.Security, error) {
+          // refresh token here
+          token := "<YOUR_JWT>"
+          return components.Security{BearerAuth: token}, nil
+      }),
+  )`,
+    },
+    {
+      label: "Java",
+      language: "java",
+      code: `import dev.speakeasyapi.speakeasy.SDK;
+  import dev.speakeasyapi.speakeasy.SecuritySource;
+  import dev.speakeasyapi.speakeasy.models.components.Security;
+
+
+  class BearerSource implements SecuritySource {
+
+      public Security getSecurity() {
+          // refresh token here
+          return Security.builder()
+              .bearerAuth("<YOUR_JWT>")
+              .build();
+      }
+  }
+
+  _____________________________________
+
+
+  import dev.speakeasyapi.speakeasy.SDK;
+  import dev.speakeasyapi.speakeasy.SecuritySource;
+  import dev.speakeasyapi.speakeasy.models.components.Security;
+
+  SDK s = SDK.builder()
+      .securitySource(new BearerSource())
+      .build();`,
+    },
+    {
+      label: "C#",
+      language: "csharp",
+      code: `using Speakeasy;
+  using Speakeasy.Models.Components;
+
+
+  Func<Security> tokenSource = () =>
+  {
       // refresh token here
-      const token = "<YOUR_JWT>";
-      return { bearerAuth: token };
+      var token = "<YOUR_JWT>"
+
+      return new Security { BearerAuth = token}
+  }
+
+  var sdk = new SDK(securitySource: tokenSource);`,
     },
-  });`,
+    {
+      label: "PHP",
+      language: "php",
+      code: `use Speakeasy\\Speakeasy;
+
+  $sdk = Speakeasy\\SDK::builder()
+      ->setSecuritySource(
+          function (): Security {
+              //refresh token here
+              var token = "<YOUR_JWT>";
+
+              return new Security(bearerAuth: $token);
+          }
+      )->build();
+
+  try {
+      $res = $sdk->drinks->listDrinks();
+
+      if ($res->Drinks != null) {
+          // handle response
+      }
+  } catch (Errors\\ErrorThrowable $e) {
+      // handle exception
+  }`,
+    },
+    {
+      label: "Ruby",
+      language: "ruby",
+      code: `require 'speakeasy'
+
+  sdk = Speakeasy::SDK.new(
+    security_source: -> {
+      # Refresh token here
+      token = '<YOUR_JWT>'
+
+      Models::Components::Security.new(bearer_auth: token)
+    }
+  )
+
+  res = sdk.drinks.list_drinks`,
+}
+]}
+/>
+
+## Multiple security schemes
+
+When your OpenAPI spec defines multiple security schemes, the SDK exposes a `security` property that accepts a callback function returning a `Security` object. This allows you to dynamically choose which authentication method to use.
+
+```yaml
+security:
+  - bearerAuth: []
+  - apiKeyAuth: []
+components:
+  securitySchemes:
+    bearerAuth:
+      type: http
+      scheme: bearer
+    apiKeyAuth:
+      type: apiKey
+      in: header
+      name: X-API-Key
+```
+
+The callback function is called whenever a request is made, allowing you to return the appropriate credentials.
+
+<CodeWithTabs
+  tabs={[
+    {
+      label: "TypeScript",
+      language: "typescript",
+      code: `import { SDK } from "<packageName>";
+import { Security } from "<packageName>/models";
+
+const sdk = new SDK({
+  security: async (): Promise<Security> => {
+    // Choose which auth method to use and refresh if needed
+    const token = await getToken();
+    return { bearerAuth: token };
+    // OR: return { apiKeyAuth: "your-api-key" };
+  },
+});`,
     },
     {
       label: "Python",