summary refs log tree commit diff
path: root/docs
diff options
context:
space:
mode:
authorPatrick Cloke <clokep@users.noreply.github.com>2020-07-15 07:10:21 -0400
committerGitHub <noreply@github.com>2020-07-15 07:10:21 -0400
commit111e70d75c2e1e82f844e4a18a34ae579166dd9a (patch)
tree53c8cab739a6ad320898a9bf586898d7eb0a7a64 /docs
parentremove `retry_on_integrity_error` wrapper for persist_events (#7848) (diff)
downloadsynapse-111e70d75c2e1e82f844e4a18a34ae579166dd9a.tar.xz
Return the proper 403 Forbidden error during errors with JWT logins. (#7844)
Diffstat (limited to 'docs')
-rw-r--r--docs/jwt.md5
1 files changed, 1 insertions, 4 deletions
diff --git a/docs/jwt.md b/docs/jwt.md
index 93b8d05236..5be9fd26e3 100644
--- a/docs/jwt.md
+++ b/docs/jwt.md
@@ -31,10 +31,7 @@ The `token` field should include the JSON web token with the following claims:
   Providing the audience claim when not configured will cause validation to fail.
 
 In the case that the token is not valid, the homeserver must respond with
-`401 Unauthorized` and an error code of `M_UNAUTHORIZED`.
-
-(Note that this differs from the token based logins which return a
-`403 Forbidden` and an error code of `M_FORBIDDEN` if an error occurs.)
+`403 Forbidden` and an error code of `M_FORBIDDEN`.
 
 As with other login types, there are additional fields (e.g. `device_id` and
 `initial_device_display_name`) which can be included in the above request.