diff --git a/data/api/identity/definitions/security.yaml b/data/api/identity/definitions/security.yaml index 64225ec4..f3c668c5 100644 --- a/data/api/identity/definitions/security.yaml +++ b/data/api/identity/definitions/security.yaml @@ -11,8 +11,17 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -accessToken: +accessTokenQuery: type: apiKey - description: The access_token returned by a call to `/register`. + description: |- + The `access_token` returned by a call to `/register`, as a query parameter. name: access_token in: query +accessTokenBearer: + type: http + description: |- + The `access_token` returned by a call to `/register`, using the + `Authorization: Bearer` header. + + This is the preferred method. + scheme: bearer diff --git a/data/api/identity/v2_associations.yaml b/data/api/identity/v2_associations.yaml index c9b8ba6e..06aba5fc 100644 --- a/data/api/identity/v2_associations.yaml +++ b/data/api/identity/v2_associations.yaml @@ -23,7 +23,8 @@ paths: description: Determines if a given 3pid has been validated by a user. operationId: getValidated3pidV2 security: - - accessToken: [] + - accessTokenQuery: [] + - accessTokenBearer: [] parameters: - in: query name: sid @@ -128,7 +129,8 @@ paths: deprecated. operationId: bindV2 security: - - accessToken: [] + - accessTokenQuery: [] + - accessTokenBearer: [] requestBody: content: application/json: @@ -279,7 +281,8 @@ paths: homeserver is acting on behalf of a client. operationId: unbindV2 security: - - accessToken: [] + - accessTokenQuery: [] + - accessTokenBearer: [] requestBody: content: application/json: diff --git a/data/api/identity/v2_auth.yaml b/data/api/identity/v2_auth.yaml index 64433f81..e572bb42 100644 --- a/data/api/identity/v2_auth.yaml +++ b/data/api/identity/v2_auth.yaml @@ -58,7 +58,8 @@ paths: request. operationId: getAccount security: - - accessToken: [] + - accessTokenQuery: [] + - accessTokenBearer: [] responses: "200": description: The token holder's information. @@ -99,7 +100,8 @@ paths: future requests to the server. operationId: logout security: - - accessToken: [] + - accessTokenQuery: [] + - accessTokenBearer: [] responses: "200": description: The token was successfully logged out. diff --git a/data/api/identity/v2_email_associations.yaml b/data/api/identity/v2_email_associations.yaml index ad5c2517..c93042c2 100644 --- a/data/api/identity/v2_email_associations.yaml +++ b/data/api/identity/v2_email_associations.yaml @@ -40,7 +40,8 @@ paths: deprecated. operationId: emailRequestTokenV2 security: - - accessToken: [] + - accessTokenQuery: [] + - accessTokenBearer: [] requestBody: content: application/json: @@ -107,7 +108,8 @@ paths: deprecated. operationId: emailSubmitTokenPostV2 security: - - accessToken: [] + - accessTokenQuery: [] + - accessTokenBearer: [] requestBody: content: application/json: @@ -180,7 +182,8 @@ paths: used by end-users, and so the response should be human-readable. operationId: emailSubmitTokenGetV2 security: - - accessToken: [] + - accessTokenQuery: [] + - accessTokenBearer: [] parameters: - in: query name: sid diff --git a/data/api/identity/v2_invitation_signing.yaml b/data/api/identity/v2_invitation_signing.yaml index ae05c6fd..596461b3 100644 --- a/data/api/identity/v2_invitation_signing.yaml +++ b/data/api/identity/v2_invitation_signing.yaml @@ -27,7 +27,8 @@ paths: to `store-invite`, and fetch the sender of the invite. operationId: blindlySignStuffV2 security: - - accessToken: [] + - accessTokenQuery: [] + - accessTokenBearer: [] requestBody: content: application/json: diff --git a/data/api/identity/v2_lookup.yaml b/data/api/identity/v2_lookup.yaml index ce716abd..e5774c7a 100644 --- a/data/api/identity/v2_lookup.yaml +++ b/data/api/identity/v2_lookup.yaml @@ -28,7 +28,8 @@ paths: any of the algorithms defined in this specification. operationId: getHashDetails security: - - accessToken: [] + - accessTokenQuery: [] + - accessTokenBearer: [] responses: "200": description: The hash function information. @@ -70,7 +71,8 @@ paths: later in this specification. operationId: lookupUsersV2 security: - - accessToken: [] + - accessTokenQuery: [] + - accessTokenBearer: [] requestBody: content: application/json: diff --git a/data/api/identity/v2_phone_associations.yaml b/data/api/identity/v2_phone_associations.yaml index 7f44fb3d..2979ab56 100644 --- a/data/api/identity/v2_phone_associations.yaml +++ b/data/api/identity/v2_phone_associations.yaml @@ -40,7 +40,8 @@ paths: deprecated. operationId: msisdnRequestTokenV2 security: - - accessToken: [] + - accessTokenQuery: [] + - accessTokenBearer: [] requestBody: content: application/json: @@ -109,7 +110,8 @@ paths: deprecated. operationId: msisdnSubmitTokenPostV2 security: - - accessToken: [] + - accessTokenQuery: [] + - accessTokenBearer: [] requestBody: content: application/json: @@ -182,7 +184,8 @@ paths: used by end-users, and so the response should be human-readable. operationId: msisdnSubmitTokenGetV2 security: - - accessToken: [] + - accessTokenQuery: [] + - accessTokenBearer: [] parameters: - in: query name: sid diff --git a/data/api/identity/v2_store_invite.yaml b/data/api/identity/v2_store_invite.yaml index 230dd503..18380ce9 100644 --- a/data/api/identity/v2_store_invite.yaml +++ b/data/api/identity/v2_store_invite.yaml @@ -51,7 +51,8 @@ paths: the `address` of the pending invite for display purposes. operationId: storeInviteV2 security: - - accessToken: [] + - accessTokenQuery: [] + - accessTokenBearer: [] requestBody: content: application/json: diff --git a/data/api/identity/v2_terms.yaml b/data/api/identity/v2_terms.yaml index 550d0bdb..4b1f1a60 100644 --- a/data/api/identity/v2_terms.yaml +++ b/data/api/identity/v2_terms.yaml @@ -119,7 +119,8 @@ paths: may not be accepting all terms at once. operationId: agreeToTerms security: - - accessToken: [] + - accessTokenQuery: [] + - accessTokenBearer: [] requestBody: content: application/json: