You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
74 lines
2.6 KiB
YAML
74 lines
2.6 KiB
YAML
![]()
8 years ago
|
# Copyright 2016 OpenMarket Ltd
|
||
|
#
|
||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||
|
# you may not use this file except in compliance with the License.
|
||
|
# You may obtain a copy of the License at
|
||
|
#
|
||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||
|
#
|
||
|
# Unless required by applicable law or agreed to in writing, software
|
||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||
|
# See the License for the specific language governing permissions and
|
||
|
# limitations under the License.
|
||
![]()
8 years ago
|
swagger: '2.0'
|
||
|
info:
|
||
|
title: "Matrix Client-Server Registration and Login API"
|
||
|
version: "1.0.0"
|
||
|
host: localhost:8008
|
||
|
schemes:
|
||
|
- https
|
||
|
- http
|
||
|
basePath: /_matrix/client/%CLIENT_MAJOR_VERSION%
|
||
|
consumes:
|
||
|
- application/json
|
||
|
produces:
|
||
|
- application/json
|
||
|
securityDefinitions:
|
||
|
$ref: definitions/security.yaml
|
||
|
paths:
|
||
|
"/logout":
|
||
|
post:
|
||
|
summary: Invalidates a user access token
|
||
|
description: |-
|
||
|
Invalidates an existing access token, so that it can no longer be used for
|
||
![]()
5 years ago
|
authorization. The device associated with the access token is also deleted.
|
||
![]()
5 years ago
|
`Device keys <#device-keys>`_ for the device are deleted alongside the device.
|
||
![]()
7 years ago
|
operationId: logout
|
||
![]()
8 years ago
|
security:
|
||
|
- accessToken: []
|
||
|
responses:
|
||
|
200:
|
||
![]()
4 years ago
|
description: The access token used in the request was successfully invalidated.
|
||
![]()
8 years ago
|
schema:
|
||
|
type: object
|
||
![]()
8 years ago
|
properties: {}
|
||
![]()
8 years ago
|
tags:
|
||
|
- Session management
|
||
![]()
6 years ago
|
"/logout/all":
|
||
|
post:
|
||
|
summary: Invalidates all access tokens for a user
|
||
|
description: |-
|
||
|
Invalidates all access tokens for a user, so that they can no longer be used for
|
||
![]()
5 years ago
|
authorization. This includes the access token that made this request. All devices
|
||
![]()
5 years ago
|
for the user are also deleted. `Device keys <#device-keys>`_ for the device are
|
||
|
deleted alongside the device.
|
||
![]()
6 years ago
|
|
||
![]()
4 years ago
|
This endpoint does not use the `User-Interactive Authentication API`_ because
|
||
|
User-Interactive Authentication is designed to protect against attacks where the
|
||
|
someone gets hold of a single access token then takes over the account. This
|
||
|
endpoint invalidates all access tokens for the user, including the token used in
|
||
|
the request, and therefore the attacker is unable to take over the account in
|
||
|
this way.
|
||
![]()
6 years ago
|
operationId: logout_all
|
||
|
security:
|
||
|
- accessToken: []
|
||
|
responses:
|
||
|
200:
|
||
![]()
4 years ago
|
description: The user's access tokens were successfully invalidated.
|
||
![]()
6 years ago
|
schema:
|
||
|
type: object
|
||
|
properties: {}
|
||
|
tags:
|
||
|
- Session management
|