Document /logout/all

Fixes https://github.com/matrix-org/matrix-doc/issues/700

Signed-off-by: Travis Ralston <travpc@gmail.com>
pull/977/head
Travis Ralston 6 years ago
parent c3062b7db6
commit 4278cd56a4

@ -44,3 +44,26 @@ paths:
properties: {}
tags:
- Session management
"/logout/all":
post:
summary: Invalidates all access tokens for a user
description: |-
Invalidates all access tokens for a user, so that they can no longer be used for
authorization. This includes the access token that made this request.
This endpoint does not require UI authorization because UI authorization is
designed to protect against attacks where the someone gets hold of a single access
token then takes over the account. This endpoint invalidates all access tokens for
the user, including the token used in the request, and therefore the attacker is
unable to take over the account in this way.
operationId: logout_all
security:
- accessToken: []
responses:
200:
description: The user's access tokens were succesfully invalidated.
schema:
type: object
properties: {}
tags:
- Session management

Loading…
Cancel
Save