No custom HTTP headers
Use the obvious way: in the same place as the ID server address
This commit is contained in:
David Baker
parent
2694bb1090
commit
21b9eaf8de
1 changed files with 7 additions and 3 deletions
|
|
@ -77,9 +77,13 @@ API, as specified in [MSC1961](https://github.com/matrix-org/matrix-doc/issues/1
|
|||
|
||||
When clients supply an identity server to the Homeserver in order for the Homeserver
|
||||
to make calls to the IS on its behalf, it must also supply its access token for the
|
||||
Identity Server either as the `is_token` query parameter or a bearer token in the
|
||||
`X-Identity-Authorization` HTTP header with the same syntax as an `Authorizationn`
|
||||
header.
|
||||
Identity Server alongside in the `is_token` key of the same JSON object. That is,
|
||||
in the main request object for a `requestToken` request and in the `threepidCreds`
|
||||
object when supplying 3PID credentials (eg. in the `m.email.identity` UI auth stage).
|
||||
Exxceptions to this are any requests where the only IS operation the Homeserver may
|
||||
perform is unbinding, ie. `/_matrix/client/r0/account/deactivate` and
|
||||
`/_matrix/client/r0/account/3pid/delete`, in which case the unbind is authenticated
|
||||
by a signed request from the Homeserver.
|
||||
|
||||
### IS Register API
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue