wholetrans/docs-matrix-spec
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

login with invalid token gives a 403

Browse source
This commit is contained in:
Richard van der Hoff 2016-08-09 16:28:29 +01:00
parent 1f1dfdd91c
commit 0248afe6ac
1 changed files with 3 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

5
specification/client_server_api.rst
View file

@ -552,7 +552,7 @@ explicitly, as follows:
}
In the case that the homeserver does not know about the supplied 3pid, the
homeserver must respond with 403 Forbidden.
homeserver must respond with ``403 Forbidden``.
To log in using a login token, a client should submit an auth dict as follows:
@ -564,7 +564,8 @@ To log in using a login token, a client should submit an auth dict as follows:
}
As with `token-based`_ interactive login, the ``token`` must be a macroon with
a caveat which includes the user id.
a caveat which includes the user id. In the case that the token is not valid, the
homeserver must respond with ``403 Forbidden`` and an error code of ``M_FORBIDDEN``.
{{login_cs_http_api}}