diff --git a/changelogs/client_server/newsfragments/3605.feature.1 b/changelogs/client_server/newsfragments/3605.feature.1
new file mode 100644
index 00000000..37ad505d
--- /dev/null
+++ b/changelogs/client_server/newsfragments/3605.feature.1
@@ -0,0 +1 @@
+Add `is_guest` to `/account/whoami` as per [MSC3069](https://github.com/matrix-org/matrix-doc/pull/3069).
\ No newline at end of file
diff --git a/changelogs/client_server/newsfragments/3605.feature.2 b/changelogs/client_server/newsfragments/3605.feature.2
new file mode 100644
index 00000000..41651c8a
--- /dev/null
+++ b/changelogs/client_server/newsfragments/3605.feature.2
@@ -0,0 +1 @@
+Expand guest access to sending any room event and state event as per [MSC3419](https://github.com/matrix-org/matrix-doc/pull/3419).
\ No newline at end of file
diff --git a/content/client-server-api/modules/guest_access.md b/content/client-server-api/modules/guest_access.md
index dbdc2bfb..2cfe1789 100644
--- a/content/client-server-api/modules/guest_access.md
+++ b/content/client-server-api/modules/guest_access.md
@@ -38,38 +38,43 @@ rather than allowing all homeservers to enforce the rules on each other.
The following API endpoints are allowed to be accessed by guest accounts
for retrieving events:
-- [GET /rooms/:room\_id/state](#get_matrixclientv3roomsroomidstate)
-- [GET /rooms/:room\_id/context/:event\_id](#get_matrixclientv3roomsroomidcontexteventid)
-- [GET /rooms/:room\_id/event/:event\_id](#get_matrixclientv3roomsroomideventeventid)
-- [GET /rooms/:room\_id/state/:event\_type/:state\_key](#get_matrixclientv3roomsroomidstateeventtypestatekey)
-- [GET /rooms/:room\_id/messages](#get_matrixclientv3roomsroomidmessages)
-- {{% added-in v="1.1" %}} [GET /rooms/:room\_id/members](#get_matrixclientv3roomsroomidmembers)
-- [GET /rooms/:room\_id/initialSync](#get_matrixclientv3roomsroomidinitialsync)
-- [GET /sync](#get_matrixclientv3sync)
-- [GET /events](#get_matrixclientv3events) as used for room previews.
+* [GET /rooms/{roomId}/state](#get_matrixclientv3roomsroomidstate)
+* [GET /rooms/{roomId}/context/{eventId}](#get_matrixclientv3roomsroomidcontexteventid)
+* [GET /rooms/{roomId}/event/{eventId}](#get_matrixclientv3roomsroomideventeventid)
+* [GET /rooms/{roomId}/state/{eventType}/{stateKey}](#get_matrixclientv3roomsroomidstateeventtypestatekey)
+* [GET /rooms/{roomId}/messages](#get_matrixclientv3roomsroomidmessages)
+* {{< added-in v="1.1" >}} [GET /rooms/{roomId}/members](#get_matrixclientv3roomsroomidmembers)
+* [GET /rooms/{roomId}/initialSync](#get_matrixclientv3roomsroomidinitialsync)
+* [GET /sync](#get_matrixclientv3sync)
+* [GET /events](#get_matrixclientv3events) as used for room previews.
The following API endpoints are allowed to be accessed by guest accounts
for sending events:
-- [POST /rooms/:room\_id/join](#post_matrixclientv3roomsroomidjoin)
-- [POST /rooms/:room\_id/leave](#post_matrixclientv3roomsroomidleave)
-- [PUT /rooms/:room\_id/send/m.room.message/:txn\_id](#put_matrixclientv3roomsroomidsendeventtypetxnid)
-- [PUT /sendToDevice/{eventType}/{txnId}](#put_matrixclientv3sendtodeviceeventtypetxnid)
+* [POST /rooms/{roomId}/join](#post_matrixclientv3roomsroomidjoin)
+* [POST /rooms/{roomId}/leave](#post_matrixclientv3roomsroomidleave)
+* [PUT /rooms/{roomId}/send/{eventType}/{txnId}](#put_matrixclientv3roomsroomidsendeventtypetxnid)
+
+ * {{< changed-in v="1.2" >}} Guests can now send *any* event type rather than just `m.room.message` events.
+
+* {{< added-in v="1.2" >}} [PUT /rooms/{roomId}/state/{eventType}/{stateKey}](#put_matrixclientv3roomsroomidstateeventtypestatekey)
+* [PUT /sendToDevice/{eventType}/{txnId}](#put_matrixclientv3sendtodeviceeventtypetxnid)
The following API endpoints are allowed to be accessed by guest accounts
for their own account maintenance:
-- [PUT /profile/:user\_id/displayname](#put_matrixclientv3profileuseriddisplayname)
-- [GET /devices](#get_matrixclientv3devices)
-- [GET /devices/{deviceId}](#get_matrixclientv3devicesdeviceid)
-- [PUT /devices/{deviceId}](#put_matrixclientv3devicesdeviceid)
+* [PUT /profile/{userId}/displayname](#put_matrixclientv3profileuseriddisplayname)
+* [GET /devices](#get_matrixclientv3devices)
+* [GET /devices/{deviceId}](#get_matrixclientv3devicesdeviceid)
+* [PUT /devices/{deviceId}](#put_matrixclientv3devicesdeviceid)
+* {{< added-in v="1.2" >}} [GET /account/whoami](#get_matrixclientv3accountwhoami)
The following API endpoints are allowed to be accessed by guest accounts
for end-to-end encryption:
-- [POST /keys/upload](#post_matrixclientv3keysupload)
-- [POST /keys/query](#post_matrixclientv3keysquery)
-- [POST /keys/claim](#post_matrixclientv3keysclaim)
+* [POST /keys/upload](#post_matrixclientv3keysupload)
+* [POST /keys/query](#post_matrixclientv3keysquery)
+* [POST /keys/claim](#post_matrixclientv3keysclaim)
#### Server behaviour
@@ -88,3 +93,6 @@ properly enforce the permissions outlined in this section.
Homeservers may want to enable protections such as captchas for guest
registration to prevent spam, denial of service, and similar attacks.
+
+Homeservers may want to put stricter rate limits on guest accounts,
+particularly for sending state events.
diff --git a/data/api/client-server/whoami.yaml b/data/api/client-server/whoami.yaml
index d53ed158..727f7e64 100644
--- a/data/api/client-server/whoami.yaml
+++ b/data/api/client-server/whoami.yaml
@@ -65,6 +65,13 @@ paths:
is associated with the access token (such as in the case
of application services) then this field can be omitted.
Otherwise this is required.
+ is_guest:
+ x-addedInMatrixVersion: "1.2"
+ type: boolean
+ description: |-
+ When `true`, the user is a [Guest User](#guest-access). When
+ not present or `false`, the user is presumed to be a non-guest
+ user.
401:
description:
The token is not recognised
diff --git a/layouts/shortcodes/changed-in.html b/layouts/shortcodes/changed-in.html
new file mode 100644
index 00000000..0eb35faa
--- /dev/null
+++ b/layouts/shortcodes/changed-in.html
@@ -0,0 +1,8 @@
+{{ $ver := .Params.v }}
+{{ $this := .Params.this }}
+
+{{ if $this }}
+ **[Changed in this version]**
+{{ else }}
+ **[Changed in `v{{ $ver }}`]**
+{{ end }} {{/* Do not leave an empty line at the end of this file otherwise the inline behaviour breaks. */}}
\ No newline at end of file