From c185e7dec0a1a3a4d5855fe95d7aebb52dcbafcd Mon Sep 17 00:00:00 2001
From: Wesley Moore <wes@wezm.net>
Date: Mon, 11 Dec 2023 04:47:29 +1000
Subject: [PATCH] Clarify that apps verify_credentials requires app token +
 read (#1190)

---
 content/en/methods/apps.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/content/en/methods/apps.md b/content/en/methods/apps.md
index 1abce81..d1dd5b2 100644
--- a/content/en/methods/apps.md
+++ b/content/en/methods/apps.md
@@ -84,7 +84,7 @@ GET /api/v1/apps/verify_credentials HTTP/1.1
 Confirm that the app's OAuth2 credentials work.
 
 **Returns:** [Application]({{< relref "entities/application" >}}), but without `client_id` or `client_secret`\
-**OAuth level:** App token\
+**OAuth level:** App token + `read`\
 **Version history:**\
 2.0.0 - added\
 2.7.2 - now returns `vapid_key`
@@ -94,7 +94,7 @@ Confirm that the app's OAuth2 credentials work.
 ##### Headers
 
 Authorization
-: {{<required>}} Provide this header with `Bearer <user token>` to gain authorized access to this API method.
+: {{<required>}} Provide this header with `Bearer <app token>` to gain authorized access to this API method.
 
 #### Response
 ##### 200: OK
@@ -125,4 +125,4 @@ If the Authorization header contains an invalid token, is malformed, or is not p
 
 {{< caption-link url="https://github.com/mastodon/mastodon/blob/main/app/controllers/api/v1/apps_controller.rb" caption="app/controllers/api/v1/apps_controller.rb" >}}
 
-{{< caption-link url="https://github.com/mastodon/mastodon/blob/main/app/controllers/api/v1/apps/credentials_controller.rb" caption="app/controllers/api/v1/apps/credentials_controller.rb" >}}
\ No newline at end of file
+{{< caption-link url="https://github.com/mastodon/mastodon/blob/main/app/controllers/api/v1/apps/credentials_controller.rb" caption="app/controllers/api/v1/apps/credentials_controller.rb" >}}