diff --git a/docs/source/interface.rst b/docs/source/interface.rst index 678d5c45973b040cf45e34f94f415674887b9574..5231e7265a355117ccd1bc0af68084ba1ef6b66e 100644 --- a/docs/source/interface.rst +++ b/docs/source/interface.rst @@ -7,6 +7,18 @@ Client When enabled in a Tahoe-LAFS client node, ZKAPAuthorizer publishes an HTTP-based interface inside the main Tahoe-LAFS web interface. +All endpoints in the interface require an authorization token. +Without the token, +requests will receive an HTTP UNAUTHORIZED (401) response. + +To be authorized to access the resources at the endpoints, +requests must include the correct secret token in the value for **Authorization** in the request header. +For example, if the secret token is ``ABCDEF``:: + + Authorization: tahoe-lafs ABCDEF + +The correct value for the token can be read from the Tahoe-LAFS node's ``private/api_auth_token`` file. + ``GET /storage-plugins/privatestorageio-zkapauthz-v1/version`` ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~