Clarify that e2e keys are also obliterated

turt2live · turt2live · commit a30dbc590da0 · 2019-05-26T21:39:09.000-06:00
diff --git a/api/client-server/logout.yaml b/api/client-server/logout.yaml
@@ -33,6 +33,7 @@ paths:
       description: |-
         Invalidates an existing access token, so that it can no longer be used for
         authorization. The device associated with the access token is also deleted.
+        `Device keys <#device-keys>`_ for the device are deleted alongside the device.
       operationId: logout
       security:
         - accessToken: []
@@ -50,7 +51,8 @@ paths:
       description: |-
         Invalidates all access tokens for a user, so that they can no longer be used for
         authorization. This includes the access token that made this request. All devices
-        for the user are also deleted.
+        for the user are also deleted. `Device keys <#device-keys>`_ for the device are
+        deleted alongside the device.
 
         This endpoint does not require UI authorization because UI authorization is
         designed to protect against attacks where the someone gets hold of a single access
