mirror of
https://github.com/matrix-org/matrix-spec
synced 2025-12-20 16:38:37 +01:00
0e280ed014
Some checks are pending
Spec / 🔎 Validate OpenAPI specifications (push) Waiting to run
Spec / 🔎 Check Event schema examples (push) Waiting to run
Spec / 🔎 Check OpenAPI definitions examples (push) Waiting to run
Spec / 🔎 Check JSON Schemas inline examples (push) Waiting to run
Spec / ⚙️ Calculate baseURL for later jobs (push) Waiting to run
Spec / 🐍 Build OpenAPI definitions (push) Blocked by required conditions
Spec / 📢 Run towncrier for changelog (push) Waiting to run
Spec / 📖 Build the spec (push) Blocked by required conditions
Spec / 🔎 Validate generated HTML (push) Blocked by required conditions
Spec / 📖 Build the historical backup spec (push) Blocked by required conditions
Spell Check / Spell Check with Typos (push) Waiting to run
Signed-off-by: Johannes Marbach <n0-0ne+github@mailbox.org>
87 lines
3.1 KiB
YAML
87 lines
3.1 KiB
YAML
# Copyright 2016 OpenMarket Ltd
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
openapi: 3.1.0
|
|
info:
|
|
title: Matrix Client-Server Registration and Login API
|
|
version: 1.0.0
|
|
paths:
|
|
/logout:
|
|
post:
|
|
summary: Invalidates a user access token
|
|
description: |-
|
|
Invalidates an existing access token, so that it can no longer be used for
|
|
authorization. The device associated with the access token is also deleted.
|
|
[Device keys](/client-server-api/#device-keys) for the device are deleted alongside the device.
|
|
operationId: logout
|
|
security:
|
|
- accessTokenQuery: []
|
|
- accessTokenBearer: []
|
|
responses:
|
|
"200":
|
|
description: The access token used in the request was successfully invalidated.
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: object
|
|
properties: {}
|
|
tags:
|
|
- Session management
|
|
/logout/all:
|
|
post:
|
|
summary: Invalidates all access tokens for a user
|
|
description: |-
|
|
Invalidates all access tokens for a user, so that they can no longer be used for
|
|
authorization. This includes the access token that made this request. All devices
|
|
for the user are also deleted. [Device keys](/client-server-api/#device-keys) for the device are
|
|
deleted alongside the device.
|
|
|
|
This endpoint does not use the [User-Interactive Authentication API](/client-server-api/#user-interactive-authentication-api) because
|
|
User-Interactive Authentication is designed to protect against attacks where
|
|
someone gets hold of a single access token then takes over the account. This
|
|
endpoint invalidates all access tokens for the user, including the token used in
|
|
the request, and therefore the attacker is unable to take over the account in
|
|
this way.
|
|
operationId: logout_all
|
|
security:
|
|
- accessTokenQuery: []
|
|
- accessTokenBearer: []
|
|
responses:
|
|
"200":
|
|
description: The user's access tokens were successfully invalidated.
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: object
|
|
properties: {}
|
|
tags:
|
|
- Session management
|
|
servers:
|
|
- url: "{protocol}://{hostname}{basePath}"
|
|
variables:
|
|
protocol:
|
|
enum:
|
|
- http
|
|
- https
|
|
default: https
|
|
hostname:
|
|
default: localhost:8008
|
|
basePath:
|
|
default: /_matrix/client/v3
|
|
components:
|
|
securitySchemes:
|
|
accessTokenQuery:
|
|
$ref: definitions/security.yaml#/accessTokenQuery
|
|
accessTokenBearer:
|
|
$ref: definitions/security.yaml#/accessTokenBearer
|