[#1427] Bugfix for `enforce_oauth_admin_scope_usage`. Admin API documentation entry.

author: Ivan Tashkinov <ivantashkinov@gmail.com> 2019-12-06 16:56:23 +0300
committer: Ivan Tashkinov <ivantashkinov@gmail.com> 2019-12-06 16:56:23 +0300
commit: 93a80ee9155bf5257aa92afaca2fe017f28aabfa (patch)
tree: c9e8cc5733bac57bbd3ab687a469ea14c3514028 /docs/API
parent: 13926537b644c3a4f1904c2fcd5d25fe0f284663 (diff)
download: pleroma-93a80ee9155bf5257aa92afaca2fe017f28aabfa.tar.gz
1 files changed, 7 insertions, 0 deletions
diff --git a/docs/API/admin_api.md b/docs/API/admin_api.md
index 2cac317de..b19793150 100644
--- a/docs/API/admin_api.md
+++ b/docs/API/admin_api.md
@@ -2,6 +2,13 @@
 
 Authentication is required and the user must be an admin.
 
+Configuration options:
+ 
+* `[:auth, :enforce_oauth_admin_scope_usage]` — OAuth admin scope requirement toggle.
+    If `true`, admin actions explicitly demand admin OAuth scope(s) presence in OAuth token (client app must support admin scopes).
+    If `false` and token doesn't have admin scope(s), `is_admin` user flag grants access to admin-specific actions.
+    Note that client app needs to explicitly support admin scopes and request them when obtaining auth token.
+
 ## `GET /api/pleroma/admin/users`
 
 ### List users
author	Ivan Tashkinov <ivantashkinov@gmail.com>	2019-12-06 16:56:23 +0300
committer	Ivan Tashkinov <ivantashkinov@gmail.com>	2019-12-06 16:56:23 +0300
commit	93a80ee9155bf5257aa92afaca2fe017f28aabfa (patch)
tree	c9e8cc5733bac57bbd3ab687a469ea14c3514028 /docs/API
parent	13926537b644c3a4f1904c2fcd5d25fe0f284663 (diff)
download	pleroma-93a80ee9155bf5257aa92afaca2fe017f28aabfa.tar.gz