Return the proper 403 Forbidden error during errors with JWT logins. (#7844)

author: Patrick Cloke <clokep@users.noreply.github.com> 2020-07-15 07:10:21 -0400
committer: GitHub <noreply@github.com> 2020-07-15 07:10:21 -0400
commit: 111e70d75c2e1e82f844e4a18a34ae579166dd9a (patch)
tree: 53c8cab739a6ad320898a9bf586898d7eb0a7a64 /docs/jwt.md
parent: remove `retry_on_integrity_error` wrapper for persist_events (#7848) (diff)
download: synapse-111e70d75c2e1e82f844e4a18a34ae579166dd9a.tar.xz
1 files changed, 1 insertions, 4 deletions
diff --git a/docs/jwt.md b/docs/jwt.md
index 93b8d05236..5be9fd26e3 100644
--- a/docs/jwt.md
+++ b/docs/jwt.md
@@ -31,10 +31,7 @@ The `token` field should include the JSON web token with the following claims:
   Providing the audience claim when not configured will cause validation to fail.
 
 In the case that the token is not valid, the homeserver must respond with
-`401 Unauthorized` and an error code of `M_UNAUTHORIZED`.
-
-(Note that this differs from the token based logins which return a
-`403 Forbidden` and an error code of `M_FORBIDDEN` if an error occurs.)
+`403 Forbidden` and an error code of `M_FORBIDDEN`.
 
 As with other login types, there are additional fields (e.g. `device_id` and
 `initial_device_display_name`) which can be included in the above request.
author	Patrick Cloke <clokep@users.noreply.github.com>	2020-07-15 07:10:21 -0400
committer	GitHub <noreply@github.com>	2020-07-15 07:10:21 -0400
commit	111e70d75c2e1e82f844e4a18a34ae579166dd9a (patch)
tree	53c8cab739a6ad320898a9bf586898d7eb0a7a64 /docs/jwt.md
parent	remove `retry_on_integrity_error` wrapper for persist_events (#7848) (diff)
download	synapse-111e70d75c2e1e82f844e4a18a34ae579166dd9a.tar.xz