diff --git a/changelogs/client_server/newsfragments/1081.clarification b/changelogs/client_server/newsfragments/1081.clarification
new file mode 100644
index 00000000..3ccb2333
--- /dev/null
+++ b/changelogs/client_server/newsfragments/1081.clarification
@@ -0,0 +1 @@
+Fix various typos throughout the specification.
diff --git a/content/client-server-api/_index.md b/content/client-server-api/_index.md
index 3edb5b16..da19a7de 100644
--- a/content/client-server-api/_index.md
+++ b/content/client-server-api/_index.md
@@ -1056,8 +1056,8 @@ as follows:
 }
 ```
 
-As with [token-based]() interactive login, the `token` must encode the
-user ID. In the case that the token is not valid, the homeserver must
+The `token` must encode the user ID, since there is no other identifying
+data in the request. In the case that the token is not valid, the homeserver must
 respond with `403 Forbidden` and an error code of `M_FORBIDDEN`.
 
 If the homeserver advertises `m.login.sso` as a viable flow, and the