From a4968992b75a78d149187e687522a88e73640495 Mon Sep 17 00:00:00 2001
From: Tulir Asokan <tulir@maunium.net>
Date: Thu, 14 Mar 2024 23:16:33 +0200
Subject: [PATCH] Add HTTP status code and link to C-S spec

Signed-off-by: Tulir Asokan <tulir@maunium.net>
---
 content/application-service-api.md | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/content/application-service-api.md b/content/application-service-api.md
index 8f7083a3..a7526e64 100644
--- a/content/application-service-api.md
+++ b/content/application-service-api.md
@@ -436,9 +436,11 @@ an application service-defined namespace will receive the same
 `M_EXCLUSIVE` error code, but only if the application service has
 defined the namespace as `exclusive`.
 
-If either endpoint is called with the `m.login.application_service` login type,
-but without a valid `as_token`, the endpoints will return an error with the
-`M_MISSING_TOKEN` or `M_UNKNOWN_TOKEN` error code.
+If `/register` or `/login` is called with the `m.login.application_service`
+login type, but without a valid `as_token`, the endpoints will return an error
+with the `M_MISSING_TOKEN` or `M_UNKNOWN_TOKEN` error code and 401 as the HTTP
+status code. This is the same behavior as invalid auth in the client-server API
+(see [Using access tokens](/client-server-api/#using-access-tokens)).
 
 #### Pinging