diff options
Diffstat (limited to 'docs/api/invitations.md')
| -rw-r--r-- | docs/api/invitations.md | 32 |
1 files changed, 22 insertions, 10 deletions
diff --git a/docs/api/invitations.md b/docs/api/invitations.md index 0f21a0e..ddbef8a 100644 --- a/docs/api/invitations.md +++ b/docs/api/invitations.md @@ -91,17 +91,11 @@ The response will include the following fields: | Field | Type | Description | |:------------|:-------|:--| -| `issuer` | object | The details of the login that issued the invitation. | +| `id` | string | The ID of the invitation. | +| `issuer` | string | The login name of the invitation's issuer. | | `issued_at` | string | The timestamp from which the invitation will expire. | -The `issuer` object will include the following fields: - -| Field | Type | Description | -|:-------|:-------|:--| -| `id` | string | The login ID of the invitation's issuer. | -| `name` | string | The login name of the invitation's issuer. | - -Clients should present the issuer's name to the user when presenting an invitation, so as to personalize the invitation and help them understand their connection with the service. +Clients should present the `issuer` to the user when presenting an invitation, so as to personalize the invitation and help them understand their connection with the service. ### Invitation not found @@ -140,7 +134,25 @@ The request must have the following fields: <!-- This prose is duplicated from authentication.md, with small changes for context. If you edit it here, edit it there, too. --> -This endpoint will respond with a status of `204 No Content` when successful. +This endpoint will respond with a status of `200 Okay` when successful. The body of the response will be a JSON object describing the newly-created login: + +```json +{ + "id": "Labcd1234", + "name": "Andrea" +} +``` + +The response will include the following fields: + +| Field | Type | Description | +|:------------|:-------|:--| +| `id` | string | A unique identifier for the newly-created login. This can be used to associate the login with other events, or to make API calls targeting the login. | +| `name` | string | The login's name. | + +The returned name may not be identical to the name requested, as the name will be converted to [normalization form C](http://www.unicode.org/reports/tr15/) automatically. The returned name will include this normalization; the service will use the normalized name elsewhere, and does not store the originally requested name. + +The provided password will also be converted to normalization form C. However, the normalized password is not returned to the client. The response will include a `Set-Cookie` header for the `identity` cookie, providing the client with a newly-minted identity token associated with the login created for this request. See the [authentication](./authentication.md) section for details on how this cookie may be used. |