diff --git a/api/client-server/login.yaml b/api/client-server/login.yaml
index 03a1622c0..a6e21a389 100644
--- a/api/client-server/login.yaml
+++ b/api/client-server/login.yaml
@@ -75,7 +75,7 @@ paths:
               token:
                 type: string
                 description: |-
-                  Required when ``type`` is ``m.login.token``. The login token.
+                  Required when ``type`` is ``m.login.token``. Part of `Token-based`_ login.
               device_id:
                 type: string
                 description: |-
diff --git a/specification/client_server_api.rst b/specification/client_server_api.rst
index 1041dc154..dec3a4f44 100644
--- a/specification/client_server_api.rst
+++ b/specification/client_server_api.rst
@@ -510,8 +510,9 @@ To use this authentication type, clients should submit an auth dict as follows:
 The ``nonce`` should be a random string generated by the client for the
 request. The same ``nonce`` should be used if retrying the request.
 
-There are many ways a client may receive a ``token``, including via an email or
-from an existing logged in device.
+A client may receive a login ``token`` via some external service, such as email
+or SMS. Note that a login token is separate from an access token, the latter
+providing general authentication to various API endpoints.
 
 The ``txn_id`` may be used by the server to disallow other devices from using
 the token, thus providing "single use" tokens while still allowing the device