clarification: add link to JSON signing algorithm on federation auth section (#2329)

Signed-Off-By: Logan Devine logan@zirco.dev
2026-03-11 05:54:10 +01:00 · 2026-03-10 11:34:47 -07:00 · 2026-03-10 11:34:47 -07:00 · a6112535bf
parent 6a001cccb0
commit a6112535bf
2 changed files with 7 additions and 6 deletions
--- a/changelogs/client_server/newsfragments/2329.clarification
+++ b/changelogs/client_server/newsfragments/2329.clarification
@ -0,0 +1 @@
+Add link to JSON signing algorithm in server-server auth section for clarity. Contributed by @thetayloredman.
--- a/content/server-server-api.md
+++ b/content/server-server-api.md
@ -277,12 +277,12 @@ queried from multiple servers to mitigate against DNS spoofing.

 Every HTTP request made by a homeserver is authenticated using public
 key digital signatures. The request method, target and body are signed
-by wrapping them in a JSON object and signing it using the JSON signing
-algorithm. The resulting signatures are added as an Authorization header
-with an auth scheme of `X-Matrix`. Note that the target field should
-include the full path starting with `/_matrix/...`, including the `?`
-and any query parameters if present, but should not include the leading
-`https:`, nor the destination server's hostname.
+by wrapping them in a JSON object and signing it using the [JSON signing
+algorithm](/appendices#signing-json). The resulting signatures are added
+as an Authorization header with an auth scheme of `X-Matrix`. Note that
+the target field should include the full path starting with `/_matrix/...`,
+including the `?` and any query parameters if present, but should not
+include the leading `https:`, nor the destination server's hostname.

 Step 1 sign JSON:
				`@ -0,0 +1 @@`
				`Add link to JSON signing algorithm in server-server auth section for clarity. Contributed by @thetayloredman.`