letro/letro-authentication-service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

Make clear that owners are the ones to regenerate

Browse Source
This commit is contained in:
Olivier 'reivilibre
2025-10-28 12:22:24 +00:00
parent b5a6057c09
commit ef73828361
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
docs/topics/authorization.md
View File

@@ -133,7 +133,7 @@ The simplest type of client credentials is a client ID and client secret pair, b
Personal access tokens are a credential that can be issued to give access to a user,
with predefined scopes and a predefined expiry time.
Either before or after expiry, the token can be regenerated, which produces a new
Either before or after expiry, the owner of the token can regenerate it, which produces a new
access token with the same scopes but a new expiry time.
Personal access tokens are intended to fulfill two basic use cases:
@@ -144,7 +144,7 @@ Personal access tokens are intended to fulfill two basic use cases:
In the future, users will be able to create their own personal access tokens, but this is currently not implemented
so (1) is currently not supported.
For now, personal access tokens must be created by administrators through the [Admin API], satisfying use case (2).
For now, personal access tokens must be created, regenerated and revoked by administrators through the [Admin API], satisfying use case (2).
[Element Admin](https://github.com/element-hq/element-admin), available by default in Element Server Suite, can be used to do this interactively.
You can also use the online beta deployment at [admin-beta.element.dev](https://admin-beta.element.dev/). <!--- TODO stable deployment -->