diff --git a/Intersect.Server/Web/RestApi/Routes/OAuthController.cs b/Intersect.Server/Web/RestApi/Routes/OAuthController.cs
index 0ce18cd7db..f8c9c012fa 100644
--- a/Intersect.Server/Web/RestApi/Routes/OAuthController.cs
+++ b/Intersect.Server/Web/RestApi/Routes/OAuthController.cs
@@ -12,6 +12,7 @@
 using Intersect.Server.Web.Http;
 using Intersect.Server.Web.RestApi.Types;
 using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Http;
 using Microsoft.Extensions.Options;
 using Microsoft.IdentityModel.Tokens;
 using Newtonsoft.Json;
@@ -197,6 +198,8 @@ public class TokenRequestRefreshTokenGrant : TokenRequest
         }
 
         [HttpPost("token")]
+        [EndpointSummary("Request an Access Token")]
+        [EndpointDescription("Request an access token (and a refresh token) with a `password` grant, or a `refresh_token` grant.")]
         [Consumes(typeof(TokenRequest), ContentTypes.Json)]
         [ProducesResponseType<TokenResponse>((int)HttpStatusCode.OK, ContentTypes.Json)]
         [ProducesResponseType<StatusMessageResponseBody>((int)HttpStatusCode.BadRequest, ContentTypes.Json)]
@@ -300,7 +303,10 @@ private async Task<IActionResult> RequestTokenFrom(TokenRequestRefreshTokenGrant
             };
         }
 
+        [Authorize]
         [HttpDelete("tokens/{tokenId:guid}")]
+        [EndpointSummary("Delete a Refresh Token by ID")]
+        [EndpointDescription("Delete the Refresh Token specified by the tokenId parameter.")]
         [ProducesResponseType<UsernameAndTokenResponse>((int)HttpStatusCode.OK, ContentTypes.Json)]
         [ProducesResponseType<StatusMessageResponseBody>((int)HttpStatusCode.Forbidden, ContentTypes.Json)]
         [ProducesResponseType<StatusMessageResponseBody>((int)HttpStatusCode.InternalServerError, ContentTypes.Json)]
@@ -349,6 +355,8 @@ public async Task<IActionResult> DeleteTokenById(Guid tokenId)
 
         [Authorize]
         [HttpDelete("tokens/{username}")]
+        [EndpointSummary("Delete all Refresh Tokens for a User")]
+        [EndpointDescription("Delete all refresh tokens for the user specified by the username parameter.")]
         [ProducesResponseType<UsernameAndTokenResponse>((int)HttpStatusCode.OK, ContentTypes.Json)]
         [ProducesResponseType<StatusMessageResponseBody>((int)HttpStatusCode.Forbidden, ContentTypes.Json)]
         [ProducesResponseType<StatusMessageResponseBody>((int)HttpStatusCode.Gone, ContentTypes.Json)]
@@ -408,7 +416,10 @@ public async Task<IActionResult> DeleteTokensForUsername(string username, Cancel
             return InternalServerError("Failed to delete token");
         }
 
+        [Authorize]
         [HttpDelete("tokens/{username}/{tokenId:guid}")]
+        [EndpointSummary("Delete a Refresh Token by ID for a User")]
+        [EndpointDescription("Delete the Refresh Token specified by the tokenId parameter for the user specified by the username parameter.")]
         [ProducesResponseType<UsernameAndTokenResponse>((int)HttpStatusCode.OK, ContentTypes.Json)]
         [ProducesResponseType<StatusMessageResponseBody>((int)HttpStatusCode.Forbidden, ContentTypes.Json)]
         [ProducesResponseType<StatusMessageResponseBody>((int)HttpStatusCode.InternalServerError, ContentTypes.Json)]