From cb7bbf3787b10ecbde67eb5afb9b773553c4f64e Mon Sep 17 00:00:00 2001 From: Will Hunt Date: Thu, 29 Apr 2021 16:00:21 +0100 Subject: [PATCH] I don't think this is a concern --- proposals/2778-appservice-login.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/proposals/2778-appservice-login.md b/proposals/2778-appservice-login.md index 1b7c45a3..c91f81a8 100644 --- a/proposals/2778-appservice-login.md +++ b/proposals/2778-appservice-login.md @@ -82,9 +82,7 @@ create more work for all parties involved for little benefit. ## Security considerations -The /login endpoint will generate an access token which can be used to control the appservice user, which -is superflous as the appservice `as_token` should be used to authenticate all requests on behalf of ghosts. -This can safely be ignored or used, but is an extra token hanging around. +None ## Unstable prefix