diff --git a/api/client-server/administrative_contact.yaml b/api/client-server/administrative_contact.yaml
index af7cdcd6..c196c109 100644
--- a/api/client-server/administrative_contact.yaml
+++ b/api/client-server/administrative_contact.yaml
@@ -151,7 +151,9 @@ paths:
                     then be prompted to provide it to the client.
 
                     If this field is not present, the client can assume that
-                    verification will happen without the client's involvement.
+                    verification will happen without the client's involvement
+                    provided the homeserver advertises this specification version
+                    in the ``/versions`` response (ie: r0.5.0).
                   example: "https://example.org/path/to/submitToken"
         403:
           description: The credentials could not be verified with the identity server.
diff --git a/api/client-server/definitions/request_token_response.yaml b/api/client-server/definitions/request_token_response.yaml
index bca57227..e47db8a0 100644
--- a/api/client-server/definitions/request_token_response.yaml
+++ b/api/client-server/definitions/request_token_response.yaml
@@ -30,6 +30,8 @@ properties:
       prompted to provide it to the client.
 
       If this field is not present, the client can assume that verification
-      will happen without the client's involvement.
+      will happen without the client's involvement provided the homeserver
+      advertises this specification version in the ``/versions`` response
+      (ie: r0.5.0).
     example: "https://example.org/path/to/submitToken"
 required: ['sid']