diff --git a/api/client-server/login.yaml b/api/client-server/login.yaml
index a6e21a38..c0db2299 100644
--- a/api/client-server/login.yaml
+++ b/api/client-server/login.yaml
@@ -28,6 +28,42 @@ securityDefinitions:
   $ref: definitions/security.yaml
 paths:
   "/login":
+    get:
+      summary: Get the supported login types to authenticate users
+      description: |-
+        Gets the homeserver's supported login types to authenticate users. Clients
+        should pick one of these and supply it as the ``type`` when logging in.
+      operationId: getLoginFlows
+      responses:
+        200:
+          description: The login types the homeserver supports
+          examples:
+            application/json: {
+              "flows": [
+                {"type": "m.login.password"}
+              ]
+            }
+          schema:
+            type: object
+            properties:
+              flows:
+                type: array
+                description: The homeserver's supported login types
+                items:
+                  type: object
+                  title: LoginFlow
+                  properties:
+                    type:
+                      description: |-
+                        The login type. This is supplied as the ``type`` when
+                        logging in.
+                      type: string
+        429:
+          description: This request was rate-limited.
+          schema:
+            "$ref": "definitions/error.yaml"
+      tags:
+        - Session management
     post:
       summary: Authenticates the user.
       description: |-