Skip to content

Commit d27f7e3

Browse files
sandhosesandhose
committed
Mention the stable scopes in the doc, remove the guest scope
1 parent b824e69 commit d27f7e3

File tree

1 file changed

+5
-15
lines changed

1 file changed

+5
-15
lines changed

docs/reference/scopes.md

Lines changed: 5 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -4,9 +4,8 @@ The [default policy](../topics/policy.md#authorization-requests) shipped with MA
44

55
- [`openid`](#openid)
66
- [`email`](#email)
7-
- [`urn:matrix:org.matrix.msc2967.client:api:*`](#urnmatrixorgmatrixmsc2967clientapi)
8-
- [`urn:matrix:org.matrix.msc2967.client:device:[device id]`](#urnmatrixorgmatrixmsc2967clientdevicedevice-id)
9-
- [`urn:matrix:org.matrix.msc2967.client:guest`](#urnmatrixorgmatrixmsc2967clientguest)
7+
- [`urn:matrix:client:api:*`](#urnmatrixclientapi)
8+
- [`urn:matrix:client:device:[device id]`](#urnmatrixclientdevicedevice-id)
109
- [`urn:synapse:admin:*`](#urnsynapseadmin)
1110
- [`urn:mas:admin`](#urnmasadmin)
1211
- [`urn:mas:graphql:*`](#urnmasgraphql)
@@ -33,13 +32,13 @@ The default policy allows any client and any user to request this scope.
3332

3433
Those scopes are specific to the Matrix protocol and are part of [MSC2967].
3534

36-
### `urn:matrix:org.matrix.msc2967.client:api:*`
35+
### `urn:matrix:client:api:*`
3736

3837
This scope grants access to the full Matrix client-server API.
3938

4039
The default policy allows any client and any user to request this scope.
4140

42-
### `urn:matrix:org.matrix.msc2967.client:device:[device id]`
41+
### `urn:matrix:client:device:[device id]`
4342

4443
This scope sets the device ID of the session, where `[device id]` is the device ID of the session.
4544
Currently, MAS only allows the following characters in the device ID: `a-z`, `A-Z`, `0-9` and `-`.
@@ -49,15 +48,6 @@ There can only be one device ID in the scope list of a session.
4948

5049
The default policy allows any client and any user to request this scope.
5150

52-
### `urn:matrix:org.matrix.msc2967.client:guest`
53-
54-
This scope grants access to a restricted set of endpoints that are available to guest users.
55-
It is mutually exclusive with the `urn:matrix:org.matrix.msc2967.client:api:*` scope.
56-
57-
Note that MAS doesn't yet implement any special semantic around guest users, but this scope is reserved for future use.
58-
59-
The default policy allows any client and any user to request this scope.
60-
6151
## Synapse-specific scopes
6252

6353
MAS also supports one Synapse-specific scope, which aren't formally defined in any specification.
@@ -67,7 +57,7 @@ MAS also supports one Synapse-specific scope, which aren't formally defined in a
6757
This scope grants access to the [Synapse admin API].
6858

6959
Because of how Synapse works for now, this scope by itself isn't sufficient to access the admin API.
70-
A session wanting to access the admin API also needs to have the `urn:matrix:org.matrix.msc2967.client:api:*` scope.
60+
A session wanting to access the admin API also needs to have the `urn:matrix:client:api:*` scope.
7161

7262
The default policy doesn't allow everyone to request this scope.
7363
It allows:

0 commit comments

Comments
 (0)