diff --git a/api/client-server/definitions/sid.yaml b/api/client-server/definitions/sid.yaml
new file mode 100644
index 000000000..50b45ca96
--- /dev/null
+++ b/api/client-server/definitions/sid.yaml
@@ -0,0 +1,38 @@
+# Copyright 2019 The Matrix.org Foundation C.I.C.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+type: object
+properties:
+  sid:
+    type: string
+    description: |-
+      The session ID. Session IDs are opaque strings generated by the identity
+      server. They must consist entirely of the characters
+      ``[0-9a-zA-Z.=_-]``. Their length must not exceed 255 characters and they
+      must not be empty.
+    example: "123abc"
+  submit_url:
+    type: string
+    description: |-
+      An optional field containing a URL where the client must
+      submit the validation token to, with identical parameters
+      to the Identity Service API's
+      ``/validate/email/submitToken`` endpoint. The homeserver
+      must send this token to the user (if applicable), which
+      should then be prompted to provide it to the client.
+
+      If this field is not present, the client can assume that
+      verification will happen without the client's
+      involvement.
+    example: "https://example.org/path/to/submitToken"
+required: ['sid']