wholetrans/docs-matrix-spec
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Add txn_id rationale

Browse source
This commit is contained in:
Erik Johnston 2015-09-28 14:51:10 +01:00
parent 97154cc6b2
commit ce53a17180
1 changed files with 7 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

7
specification/1-client_server_api.rst
View file

@ -251,6 +251,13 @@ request. The same ``nonce`` should be used if retrying the request.
There are many ways a client may receive a ``token``, including via an email or There are many ways a client may receive a ``token``, including via an email or
from an existing logged in device. from an existing logged in device.
The ``txn_id`` may be used by the server to disallow other devices from using
the token, thus providing "single use" tokens while still allowing the device
to retry the request. This would be done by tying the token to the ``txn_id``
server side, as well as potentially invalidating the token completely once the
device has successfully logged in (e.g. when we receive a request from the
newly provisioned access_token).
OAuth2-based OAuth2-based
~~~~~~~~~~~~ ~~~~~~~~~~~~
:Type: :Type: