From 745ee9797352fcc79d17923bad140e369aa95a30 Mon Sep 17 00:00:00 2001
From: salman aljammaz <salman@tailscale.com>
Date: Mon, 22 May 2023 12:52:40 +0100
Subject: [PATCH] api.md: update device authorized API docs to allow for deauth
 (#8162)

The authorize device API (/api/v2/device/{deviceID}/authorized)
will soon allow device deauthorisation.

Fixes corp#10160.

Signed-off-by: salman <salman@tailscale.com>
---
 api.md | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/api.md b/api.md
index 670f54d5b..028f71365 100644
--- a/api.md
+++ b/api.md
@@ -503,7 +503,8 @@ Returns the enabled and advertised subnet routes for a device.
 POST /api/v2/device/{deviceID}/authorized
 ```
 
-Authorize a device. This call marks a device as authorized for tailnets where device authorization is required.
+Authorize a device.
+This call marks a device as authorized or revokes its authorization for tailnets where device authorization is required, according to the `authorized` field in the payload.
 
 This returns a successful 2xx response with an empty JSON object in the response body.
 
@@ -515,7 +516,7 @@ The ID of the device.
 
 #### `authorized` (required in `POST` body)
 
-Specify whether the device is authorized. Only 'true' is currently supported.
+Specify whether the device is authorized.
 
 ``` jsonc
 {