Filip/matrix-spec
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-spec synced 2025-12-20 16:38:37 +01:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Add note where an endpoint uses capability negotiation (#2223)
Some checks failed
Spec / 🔎 Validate OpenAPI specifications (push) Has been cancelled
Details
Spec / 🔎 Check Event schema examples (push) Has been cancelled
Details
Spec / 🔎 Check OpenAPI definitions examples (push) Has been cancelled
Details
Spec / 🔎 Check JSON Schemas inline examples (push) Has been cancelled
Details
Spec / ⚙️ Calculate baseURL for later jobs (push) Has been cancelled
Details
Spec / 📢 Run towncrier for changelog (push) Has been cancelled
Details
Spell Check / Spell Check with Typos (push) Has been cancelled
Details
Spec / 🐍 Build OpenAPI definitions (push) Has been cancelled
Details
Spec / 📖 Build the spec (push) Has been cancelled
Details
Spec / 🔎 Validate generated HTML (push) Has been cancelled
Details
Spec / 📖 Build the historical backup spec (push) Has been cancelled
Details

Browse source
This commit is contained in:
Hugh Nimmo-Smith 2025-10-08 16:32:44 +01:00 committed by GitHub
parent 7f4072d993
commit fda3be5ee3
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
4 changed files with 22 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
changelogs/client_server/newsfragments/2223.clarification Normal file
View file

@ -0,0 +1 @@
Add note to each endpoint that uses capability negotiation.

12
data/api/client-server/administrative_contact.yaml
View file

@ -99,6 +99,10 @@ paths:
has been removed, making this endpoint behave as though it was `false`. has been removed, making this endpoint behave as though it was `false`.
This results in this endpoint being an equivalent to `/3pid/bind` rather This results in this endpoint being an equivalent to `/3pid/bind` rather
than dual-purpose. than dual-purpose.
This endpoint uses [capabilities negotiation](/client-server-api/#capabilities-negotiation).
Clients SHOULD check the value of the [`m.3pid_changes` capability](/client-server-api/#m3pid_changes-capability)
to determine if this endpoint is available.
operationId: post3PIDs operationId: post3PIDs
deprecated: true deprecated: true
security: security:
@ -202,6 +206,10 @@ paths:
Homeservers should prevent the caller from adding a 3PID to their account if it has Homeservers should prevent the caller from adding a 3PID to their account if it has
already been added to another user's account on the homeserver. already been added to another user's account on the homeserver.
This endpoint uses [capabilities negotiation](/client-server-api/#capabilities-negotiation).
Clients SHOULD check the value of the [`m.3pid_changes` capability](/client-server-api/#m3pid_changes-capability)
to determine if this endpoint is available.
{{% boxes/warning %}} {{% boxes/warning %}}
Since this endpoint uses User-Interactive Authentication, it cannot be used when the access token was obtained Since this endpoint uses User-Interactive Authentication, it cannot be used when the access token was obtained
via the [OAuth 2.0 API](/client-server-api/#oauth-20-api). via the [OAuth 2.0 API](/client-server-api/#oauth-20-api).
@ -331,6 +339,10 @@ paths:
Unlike other endpoints, this endpoint does not take an `id_access_token` Unlike other endpoints, this endpoint does not take an `id_access_token`
parameter because the homeserver is expected to sign the request to the parameter because the homeserver is expected to sign the request to the
identity server instead. identity server instead.
This endpoint uses [capabilities negotiation](/client-server-api/#capabilities-negotiation).
Clients SHOULD check the value of the [`m.3pid_changes` capability](/client-server-api/#m3pid_changes-capability)
to determine if this endpoint is available.
operationId: delete3pidFromAccount operationId: delete3pidFromAccount
security: security:
- accessTokenQuery: [] - accessTokenQuery: []

4
data/api/client-server/password_management.yaml
View file

@ -34,6 +34,10 @@ paths:
valid access token is provided. The homeserver SHOULD NOT revoke the valid access token is provided. The homeserver SHOULD NOT revoke the
access token provided in the request. Whether other access tokens for access token provided in the request. Whether other access tokens for
the user are revoked depends on the request parameters. the user are revoked depends on the request parameters.
This endpoint uses [capabilities negotiation](/client-server-api/#capabilities-negotiation).
Clients SHOULD check the value of the [`m.change_password` capability](/client-server-api/#mchange_password-capability)
to determine if this endpoint is available.
security: security:
- {} - {}
- accessTokenQuery: [] - accessTokenQuery: []

5
data/api/client-server/profile.yaml
View file

@ -29,6 +29,11 @@ paths:
Servers MAY reject `null` values. Servers that accept `null` values SHOULD store Servers MAY reject `null` values. Servers that accept `null` values SHOULD store
them rather than treating `null` as a deletion request. Clients that want to delete a them rather than treating `null` as a deletion request. Clients that want to delete a
field, including its key and value, SHOULD use the `DELETE` endpoint instead. field, including its key and value, SHOULD use the `DELETE` endpoint instead.
This endpoint uses [capabilities negotiation](/client-server-api/#capabilities-negotiation)
depending on the `keyName`. Clients SHOULD check the value of the
[`m.profile_fields` capability](/client-server-api/#mprofile_fields-capability) to detect
which `keyName`s they are allowed to modify.
operationId: setProfileField operationId: setProfileField
security: security:
- accessTokenQuery: [] - accessTokenQuery: []