matrix-spec/api/client-server/registration.yaml

swagger: '2.0'
info:
  title: "Matrix Client-Server Registration API"
  version: "1.0.0"
host: localhost:8008
schemes:
  - https
  - http
basePath: /_matrix/client/%CLIENT_MAJOR_VERSION%
consumes:
  - application/json
produces:
  - application/json
paths:
  "/register":
    post:
      summary: Register for an account on this homeserver.
      description: |-
        Register for an account on this homeserver.

        There are two kinds of user account:

        - `user` accounts. These accounts may use the full API described in this specification.

        - `guest` accounts. These accounts may have limited permissions and may not be supported by all servers.

      parameters:
        - in: query
          name: kind
          type: string
          x-example: guest
          required: false
          default: user
          enum:
            - guest
            - user
          description: The kind of account to register. Defaults to `user`.
        - in: body
          name: body
          schema:
            type: object
            example: |-
              {
                "username": "cheeky_monkey",
                "password": "ilovebananas",
                "bind_email": false
              }
            properties:
              bind_email:
                type: boolean
                description: |-
                  If true, the server binds the email used for authentication to
                  the Matrix ID with the ID Server.
              username:
                type: string
                description: |-
                  The local part of the desired Matrix ID. If omitted,
                  the homeserver MUST generate a Matrix ID local part.
              password:
                type: string
                description: The desired password for the account.
            required: ["password"]
      responses:
        200:
          description: The account has been registered.
          examples:
            application/json: |-
              {
                "user_id": "@cheeky_monkey:matrix.org",
                "access_token": "abc123",
                "home_server": "matrix.org",
                "refresh_token": "def456"
              }
          schema:
            type: object
            properties:
              user_id:
                type: string
                description: The fully-qualified Matrix ID that has been registered.
              access_token:
                type: string
                description: |-
                  An access token for the account.
                  This access token can then be used to authorize other requests.
                  The access token may expire at some point, and if so, it SHOULD come with a ``refresh_token``.
                  There is no specific error message to indicate that a request has failed because
                  an access token has expired; instead, if a client has reason to believe its
                  access token is valid, and it receives an auth error, they should attempt to
                  refresh for a new token on failure, and retry the request with the new token.
              refresh_token:
                type: string
                # TODO: Work out how to linkify /tokenrefresh
                description: |-
                  (optional) A ``refresh_token`` may be exchanged for a new ``access_token`` using the /tokenrefresh API endpoint.
              home_server:
                type: string
                description: The hostname of the homeserver on which the account has been registered.
        400:
          description: |-
            Part of the request was invalid. This may include one of the following error codes:

            * ``M_USER_IN_USE`` : The desired user ID is already taken.
            * ``M_EXCLUSIVE`` : The desired user ID is in the exclusive namespace
              claimed by an application service.

            These errors may be returned at any stage of the registration process,
            including after authentication if the requested user ID was registered
            whilst the client was performing authentication.

            Homeservers MUST perform the relevant checks and return these codes before
            performing `User-Interactive Authentication`_, although they may also return
            them after authentication is completed if, for example, the requested user ID
            was registered whilst the client was performing authentication.
          examples:
            application/json: |-
              {
                  "errcode": "M_USER_IN_USE",
                  "error": "Desired user ID is already taken."
              }
        429:
          description: This request was rate-limited.
          schema:
            "$ref": "definitions/error.yaml"
      tags:
        - User data
Swaggerify /register endpoint Need to move registration/login/auth sections around once #94 lands. 9 years ago			`swagger: '2.0'`
			`info:`
Replace version numbers with release numbers 9 years ago			`title: "Matrix Client-Server Registration API"`
Swaggerify /register endpoint Need to move registration/login/auth sections around once #94 lands. 9 years ago			`version: "1.0.0"`
			`host: localhost:8008`
			`schemes:`
			`- https`
			`- http`
Replace version numbers with release numbers 9 years ago			`basePath: /_matrix/client/%CLIENT_MAJOR_VERSION%`
Swaggerify /register endpoint Need to move registration/login/auth sections around once #94 lands. 9 years ago			`consumes:`
			`- application/json`
			`produces:`
			`- application/json`
			`paths:`
			`"/register":`
			`post:`
			`summary: Register for an account on this homeserver.`
			`description: \|-`
			`Register for an account on this homeserver.`
Specify guest accounts 9 years ago
			`There are two kinds of user account:`

			- `user` accounts. These accounts may use the full API described in this specification.

			- `guest` accounts. These accounts may have limited permissions and may not be supported by all servers.

Swaggerify /register endpoint Need to move registration/login/auth sections around once #94 lands. 9 years ago			`parameters:`
Specify guest accounts 9 years ago			`- in: query`
			`name: kind`
			`type: string`
			`x-example: guest`
			`required: false`
			`default: user`
			`enum:`
			`- guest`
			`- user`
			description: The kind of account to register. Defaults to `user`.
Swaggerify /register endpoint Need to move registration/login/auth sections around once #94 lands. 9 years ago			`- in: body`
			`name: body`
			`schema:`
			`type: object`
			`example: \|-`
			`{`
			`"username": "cheeky_monkey",`
			`"password": "ilovebananas",`
			`"bind_email": false`
			`}`
			`properties:`
			`bind_email:`
			`type: boolean`
			`description: \|-`
			`If true, the server binds the email used for authentication to`
			`the Matrix ID with the ID Server.`
			`username:`
			`type: string`
			`description: \|-`
			`The local part of the desired Matrix ID. If omitted,`
			`the homeserver MUST generate a Matrix ID local part.`
			`password:`
			`type: string`
			`description: The desired password for the account.`
			`required: ["password"]`
			`responses:`
			`200:`
			`description: The account has been registered.`
			`examples:`
			`application/json: \|-`
			`{`
			`"user_id": "@cheeky_monkey:matrix.org",`
			`"access_token": "abc123",`
			`"home_server": "matrix.org",`
			`"refresh_token": "def456"`
			`}`
			`schema:`
			`type: object`
			`properties:`
			`user_id:`
			`type: string`
			`description: The fully-qualified Matrix ID that has been registered.`
			`access_token:`
			`type: string`
			`description: \|-`
			`An access token for the account.`
			`This access token can then be used to authorize other requests.`
			The access token may expire at some point, and if so, it SHOULD come with a ``refresh_token``.
			`There is no specific error message to indicate that a request has failed because`
			`an access token has expired; instead, if a client has reason to believe its`
			`access token is valid, and it receives an auth error, they should attempt to`
			`refresh for a new token on failure, and retry the request with the new token.`
			`refresh_token:`
			`type: string`
			`# TODO: Work out how to linkify /tokenrefresh`
			`description: \|-`
			(optional) A ``refresh_token`` may be exchanged for a new ``access_token`` using the /tokenrefresh API endpoint.
			`home_server:`
			`type: string`
Consistently spell homeserver as homeserver 9 years ago			`description: The hostname of the homeserver on which the account has been registered.`
Swaggerify /register endpoint Need to move registration/login/auth sections around once #94 lands. 9 years ago			`400:`
			`description: \|-`
Review comments 9 years ago			`Part of the request was invalid. This may include one of the following error codes:`

Fix list formatting so that we aren't including everything in blockquotes 9 years ago			* ``M_USER_IN_USE`` : The desired user ID is already taken.
			* ``M_EXCLUSIVE`` : The desired user ID is in the exclusive namespace
			`claimed by an application service.`
Review comments 9 years ago
Typo 9 years ago			`These errors may be returned at any stage of the registration process,`
Review comments 9 years ago			`including after authentication if the requested user ID was registered`
			`whilst the client was performing authentication.`
Remove duplicated registration/login APIs Currently the spec duplicates all of the account-management APIs. There's still work to be done here, but the complete duplication is confusing. 9 years ago
Consistently spell homeserver as homeserver 9 years ago			`Homeservers MUST perform the relevant checks and return these codes before`
Remove duplicated registration/login APIs Currently the spec duplicates all of the account-management APIs. There's still work to be done here, but the complete duplication is confusing. 9 years ago			performing `User-Interactive Authentication`_, although they may also return
			`them after authentication is completed if, for example, the requested user ID`
			`was registered whilst the client was performing authentication.`
Swaggerify /register endpoint Need to move registration/login/auth sections around once #94 lands. 9 years ago			`examples:`
			`application/json: \|-`
			`{`
			`"errcode": "M_USER_IN_USE",`
			`"error": "Desired user ID is already taken."`
			`}`
			`429:`
			`description: This request was rate-limited.`
			`schema:`
			`"$ref": "definitions/error.yaml"`
Generate swagger-ui output for client-server API Depends on: https://github.com/matrix-org/matrix-doc/pull/212 https://github.com/matrix-org/matrix-doc/pull/208 https://github.com/matrix-org/matrix-doc/pull/207 for the actual rendered output to not throw javascript errors at runtime. 9 years ago			`tags:`
			`- User data`