Merge pull request #2028 from matrix-org/travis/1.0/access-token-devices

Clarify that logging out deletes devices too
pull/977/head
Travis Ralston 6 years ago committed by GitHub
commit 9e31aed6c7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

@ -32,7 +32,8 @@ paths:
summary: Invalidates a user access token summary: Invalidates a user access token
description: |- description: |-
Invalidates an existing access token, so that it can no longer be used for Invalidates an existing access token, so that it can no longer be used for
authorization. authorization. The device associated with the access token is also deleted.
`Device keys <#device-keys>`_ for the device are deleted alongside the device.
operationId: logout operationId: logout
security: security:
- accessToken: [] - accessToken: []
@ -49,7 +50,9 @@ paths:
summary: Invalidates all access tokens for a user summary: Invalidates all access tokens for a user
description: |- description: |-
Invalidates all access tokens for a user, so that they can no longer be used for Invalidates all access tokens for a user, so that they can no longer be used for
authorization. This includes the access token that made this request. authorization. This includes the access token that made this request. All devices
for the user are also deleted. `Device keys <#device-keys>`_ for the device are
deleted alongside the device.
This endpoint does not require UI authorization because UI authorization is This endpoint does not require UI authorization because UI authorization is
designed to protect against attacks where the someone gets hold of a single access designed to protect against attacks where the someone gets hold of a single access

@ -0,0 +1 @@
Clarify that devices are deleted upon logout.
Loading…
Cancel
Save