From fb7a2cc4cc7f0b49cabeec08d4ceb2dd2350e945 Mon Sep 17 00:00:00 2001 From: Dirk Klimpel <5740567+dklimpel@users.noreply.github.com> Date: Wed, 3 Aug 2022 11:41:19 +0200 Subject: [PATCH] Update doc for setting `macaroon_secret_key` (#13443) * Update doc for setting `macaroon_secret_key` * newsfile --- changelog.d/13443.doc | 1 + docs/usage/configuration/config_documentation.md | 10 +++++++--- 2 files changed, 8 insertions(+), 3 deletions(-) create mode 100644 changelog.d/13443.doc diff --git a/changelog.d/13443.doc b/changelog.d/13443.doc new file mode 100644 index 0000000000..0db5d1b3b4 --- /dev/null +++ b/changelog.d/13443.doc @@ -0,0 +1 @@ +Update documentation for config setting `macaroon_secret_key`. \ No newline at end of file diff --git a/docs/usage/configuration/config_documentation.md b/docs/usage/configuration/config_documentation.md index 2e2e59195b..3a9466a837 100644 --- a/docs/usage/configuration/config_documentation.md +++ b/docs/usage/configuration/config_documentation.md @@ -2495,9 +2495,13 @@ track_appservice_user_ips: true --- ### `macaroon_secret_key` -A secret which is used to sign access tokens. If none is specified, -the `registration_shared_secret` is used, if one is given; otherwise, -a secret key is derived from the signing key. +A secret which is used to sign +- access token for guest users, +- short-term login token used during SSO logins (OIDC or SAML2) and +- token used for unsubscribing from email notifications. + +If none is specified, the `registration_shared_secret` is used, if one is given; +otherwise, a secret key is derived from the signing key. Example configuration: ```yaml