From 3cb90dfe85bc3ddd786f7b58029d38dd33185ff8 Mon Sep 17 00:00:00 2001
From: Hugh Nimmo-Smith <hughns@element.io>
Date: Wed, 17 Sep 2025 15:37:41 +0100
Subject: [PATCH] Add warning to deactivate API endpoint about OAuth 2.0 API

---
 data/api/client-server/account_deactivation.yaml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/data/api/client-server/account_deactivation.yaml b/data/api/client-server/account_deactivation.yaml
index 467af659..7d6552ea 100644
--- a/data/api/client-server/account_deactivation.yaml
+++ b/data/api/client-server/account_deactivation.yaml
@@ -35,6 +35,12 @@ paths:
         Unlike other endpoints, this endpoint does not take an `id_access_token`
         parameter because the homeserver is expected to sign the request to the
         identity server instead.
+
+        {{% boxes/warning %}}
+        Since this endpoint uses User-Interactive Authentication, it cannot be used when the access token was obtained
+        via the [OAuth 2.0 API](/client-server-api/#oauth-20-api).
+        {{% /boxes/warning %}}
+
       security:
         - {}
         - accessTokenQuery: []