From 31196d43ce987b297070025cf2a0efdd020bc7d3 Mon Sep 17 00:00:00 2001 From: Andrew Williamson Date: Thu, 3 Mar 2022 13:54:22 +0000 Subject: [PATCH] Update auth_internal.rst --- docs/topics/api/auth_internal.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/topics/api/auth_internal.rst b/docs/topics/api/auth_internal.rst index cd5af1dffc..2be0978fac 100644 --- a/docs/topics/api/auth_internal.rst +++ b/docs/topics/api/auth_internal.rst @@ -11,7 +11,7 @@ your API keys, read the :ref:`documentation for external authentication ` instead. When using this authentication mechanism, the server creates a session and stores the -session id in the ``sessionid` cookie when the user logs in. +session id in the ``sessionid`` cookie when the user logs in. The client must then include that session id in an ``Authorization`` header on requests that need authentication. The clients never generate tokens or sessions themselves.