Skip to content

Add basic documentation for personal sessions #5187

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Add basic documentation for personal sessions #5187

wants to merge 3 commits into from
+31 −1

Conversation

@reivilibre
Copy link
Contributor

@reivilibre reivilibre commented Oct 22, 2025
edited
Loading

Part of: #4492

Bit of a stub, but I think it's probably OK enough to be 'something is better than nothing'.

@cloudflare-workers-and-pages
Copy link

cloudflare-workers-and-pages bot commented Oct 22, 2025
edited
Loading

Deploying matrix-authentication-service-docs with  Cloudflare Pages  Cloudflare Pages

Latest commit: 9edf149
Status: ✅  Deploy successful!
Preview URL: https://889952d0.matrix-authentication-service-docs.pages.dev
Branch Preview URL: https://rei-pat-doc.matrix-authentication-service-docs.pages.dev

View logs

@reivilibre reivilibre marked this pull request as ready for review October 24, 2025 11:03
@reivilibre reivilibre requested a review from sandhose October 24, 2025 11:03
sandhose
sandhose reviewed Oct 27, 2025
View reviewed changes
docs/topics/authorization.md

For now, personal access tokens must be created by administrators through the [Admin API], satisfying use case (2).
[Element Admin](https://github.com/element-hq/element-admin), available by default in Element Server Suite, can be used to do this interactively.
You can also use the online beta deployment at [admin-beta.element.dev](https://admin-beta.element.dev/). <!--- TODO stable deployment -->
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'll bring up the stable deployment again tomorrow, fine with leaving the TODO for now

docs/topics/authorization.md
This works by presenting the client credentials to get back an access token.
The simplest type of client credentials is a client ID and client secret pair, but MAS also supports client authentication with a JWT ([RFC 7523]), which is a robust way to authenticate clients without a shared secret.

## Personal sessions (personal access tokens)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could we add a note about ownership of the token, that only the owner can refresh it?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

does 9edf149 suit?

@reivilibre reivilibre requested a review from a team as a code owner October 28, 2025 12:22
@reivilibre reivilibre requested a review from sandhose October 28, 2025 12:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sandhose sandhose Awaiting requested review from sandhose

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@reivilibre @sandhose