clarification: add link to JSON signing algorithm on federation auth section (#2329)

Signed-Off-By: Logan Devine logan@zirco.dev
2026-03-11 14:04:10 +01:00 · 2026-03-10 11:34:47 -07:00 · 2026-03-10 11:34:47 -07:00 · a6112535bf
parent 6a001cccb0
commit a6112535bf
2 changed files with 7 additions and 6 deletions
--- a/changelogs/client_server/newsfragments/2329.clarification
+++ b/changelogs/client_server/newsfragments/2329.clarification
@ -0,0 +1 @@
 Add link to JSON signing algorithm in server-server auth section for clarity. Contributed by @thetayloredman.
--- a/content/server-server-api.md
+++ b/content/server-server-api.md
@ -277,12 +277,12 @@ queried from multiple servers to mitigate against DNS spoofing.
 Every HTTP request made by a homeserver is authenticated using public
 key digital signatures. The request method, target and body are signed
-by wrapping them in a JSON object and signing it using the JSON signing
+by wrapping them in a JSON object and signing it using the [JSON signing
-algorithm. The resulting signatures are added as an Authorization header
+algorithm](/appendices#signing-json). The resulting signatures are added
-with an auth scheme of `X-Matrix`. Note that the target field should
+as an Authorization header with an auth scheme of `X-Matrix`. Note that
-include the full path starting with `/_matrix/...`, including the `?`
+the target field should include the full path starting with `/_matrix/...`,
-and any query parameters if present, but should not include the leading
+including the `?` and any query parameters if present, but should not
-`https:`, nor the destination server's hostname.
+include the leading `https:`, nor the destination server's hostname.
 Step 1 sign JSON:
		`@ -0,0 +1 @@`
							`Add link to JSON signing algorithm in server-server auth section for clarity. Contributed by @thetayloredman.`