Clarify that submit_url is without authentication

The request is authorized by its parameters, not by an additional access token.

Fixes https://github.com/matrix-org/matrix-doc/issues/2298
pull/977/head
Travis Ralston 5 years ago
parent ae163ab818
commit e95eafb2ba

@ -157,9 +157,10 @@ paths:
An optional field containing a URL where the client must
submit the validation token to, with identical parameters
to the Identity Service API's ``POST
/validate/email/submitToken`` endpoint. The homeserver must
send this token to the user (if applicable), who should
then be prompted to provide it to the client.
/validate/email/submitToken`` endpoint (without the requirement
for an access token). The homeserver must send this token to the
user (if applicable), who should then be prompted to provide it
to the client.
If this field is not present, the client can assume that
verification will happen without the client's involvement

@ -25,9 +25,9 @@ properties:
description: |-
An optional field containing a URL where the client must submit the
validation token to, with identical parameters to the Identity Service
API's ``POST /validate/email/submitToken`` endpoint. The homeserver must
send this token to the user (if applicable), who should then be
prompted to provide it to the client.
API's ``POST /validate/email/submitToken`` endpoint (without the requirement
for an access token). The homeserver must send this token to the user (if
applicable), who should then be prompted to provide it to the client.
If this field is not present, the client can assume that verification
will happen without the client's involvement provided the homeserver

Loading…
Cancel
Save