Only error if the token doesn't match

specification/application_service_api.rst

@@ -193,7 +193,8 @@ Authorization
 Homeservers MUST include a query parameter named ``access_token`` containing the
 ``hs_token`` from the application service's registration when making requests to
 the application service. Application services MUST verify the provided ``access_token``
-matches their known ``hs_token``, failing the request with a ``M_FORBIDDEN`` error.
+matches their known ``hs_token``, failing the request with a ``M_FORBIDDEN`` error
+if it does not match.
 
 Legacy routes
 +++++++++++++