update

torcolvin · torcolvin · commit d92bdf450c8c · 2025-10-31T10:52:28.000-04:00
diff --git a/docs/api/components/schemas.yaml b/docs/api/components/schemas.yaml
@@ -384,7 +384,7 @@ Role:
       items:
         type: string
       readOnly: true
-    $ref: "#/CollectionAccessConfig"
+    $ref: '#/CollectionAccessConfig'
   title: Role
 User-session-information:
   type: object
@@ -407,6 +407,7 @@ User-session-information:
           description: A map of the channels in the default collection that the user is in along with the sequence number the user was granted access. This does not include inherited channels through roles.
           type: object
           additionalProperties:
+            x-additionalPropertiesName: channelName
             type: number
             minimum: 1
             description: The sequence number the user was granted access.
@@ -2116,13 +2117,13 @@ Startup-config:
 
             By default, this will only be accessible to the localhost.
           type: string
-          default: "127.0.0.1:4985"
+          default: '127.0.0.1:4985'
         admin_interface_authentication:
           description: Whether the admin API requires authentication
           type: boolean
           default: true
         compress_responses:
-          description: "If false, disables compression of HTTP responses"
+          description: 'If false, disables compression of HTTP responses'
           type: boolean
           default: true
         cors:
@@ -3162,7 +3163,7 @@ IndexInitStatus:
             "error": The index creation operation has failed.
     settings:
       allOf:
-        - $ref: "#/IndexSettings"
+        - $ref: '#/IndexSettings'
   required:
     - status
     - start_time
@@ -3180,11 +3181,18 @@ CORS:
       type: array
       items:
         type: string
+      example:
+        - Accept-Encoding
+        - Authorization
+        - Content-Type
+        - If-Match
     login_origin:
       description: |-
-        List of allowed origins to apply to public /{db}/_session API.
+        List of allowed origins to apply to public `/{db}/_session` API.
 
         To use cors on `/{db}/_sesssion`, the domain must be present in both `login_origin` and `origin`.
+
+        If configured, `Authorization` must be included in headers.
       type: array
       items:
         type: string
@@ -3195,7 +3203,7 @@ CORS:
       default: 0
     origin:
       description: |-
-        List of allowed origins, use `['*']` to allow access from everywhere.
+        List of allowed origins for the public API.
       type: array
       items:
         type: string
diff --git a/docs/api/paths/admin/db-_session.yaml b/docs/api/paths/admin/db-_session.yaml
@@ -32,7 +32,7 @@ post:
               description: Time until the session expires. Uses default value of 24 hours if left blank. This value must be greater or equal to 1.
               type: integer
   responses:
-    "200":
+    '200':
       description: Session created successfully. Returned body is dependant on if using Public or Admin APIs.
       content:
         application/json:
@@ -52,11 +52,11 @@ post:
             Example:
               value:
                 session_id: c5af80a039db4ed9d2b6865576b6999935282689
-                expires: "2022-01-21T15:24:44Z"
+                expires: '2022-01-21T15:24:44Z'
                 cookie_name: SyncGatewaySession
     "401":
       $ref: ../../components/responses.yaml#/Unauthorized
-    "404":
+    '404':
       $ref: ../../components/responses.yaml#/Not-found
   tags:
     - Session
diff --git a/docs/api/paths/public/db-_session.yaml b/docs/api/paths/public/db-_session.yaml
@@ -28,21 +28,19 @@ post:
     If `Origin` header is passed to this endpoint, the `Origin` header must match both the `cors.login_origin` and `cors.origin` configuration options.
   requestBody:
     description: The body can be used to override the credentials of the authenticating user, or blank if getting a user session for the authenticating user.
+    required: false
     content:
       application/json:
         schema:
-          oneOf:
-            - type: "null"
-              title: "Empty Body"
-            - type: object
-              title: "User Credentials"
-              properties:
-                name:
-                  description: User name to generate the session for.
-                  type: string
-                password:
-                  description: Password of the user to generate the session for.
-                  type: string
+          type: object
+          title: "User Credentials"
+          properties:
+            name:
+              description: User name to generate the session for. Omit this value to use the authenticating user's credentials.
+              type: string
+            password:
+              description: Password of the user to generate the session for. Omit this value to use the authenticating user's credentials.
+              type: string
   responses:
     "200":
       $ref: ../../components/responses.yaml#/User-session-information
