Clarify that logging out deletes devices too

Fixes https://github.com/matrix-org/matrix-doc/issues/1651
2019-05-26 21:30:55 -06:00 · 2019-05-26 21:30:55 -06:00 · 221d9f24fd
commit 221d9f24fd
parent 5c268ef21f
2 changed files with 4 additions and 2 deletions
--- a/api/client-server/logout.yaml
+++ b/api/client-server/logout.yaml
@ -32,7 +32,7 @@ paths:
      summary: Invalidates a user access token
      description: |-
        Invalidates an existing access token, so that it can no longer be used for
-        authorization.
+        authorization. The device associated with the access token is also deleted.
      operationId: logout
      security:
        - accessToken: []
@ -49,7 +49,8 @@ paths:
      summary: Invalidates all access tokens for a user
      description: |-
        Invalidates all access tokens for a user, so that they can no longer be used for
-        authorization. This includes the access token that made this request. 
+        authorization. This includes the access token that made this request. All devices
+        for the user are also deleted.

        This endpoint does not require UI authorization because UI authorization is
        designed to protect against attacks where the someone gets hold of a single access
--- a/changelogs/client_server/newsfragments/2028.clarification
+++ b/changelogs/client_server/newsfragments/2028.clarification
@ -0,0 +1 @@
+Clarify that devices are deleted upon logout.
				`@ -0,0 +1 @@`
				`Clarify that devices are deleted upon logout.`