authentification with password is possible when performing update/add/delete

[syp.git] / devdoc / api.txt

diff --git a/devdoc/api.txt b/devdoc/api.txt
index cc1413e78b94de01a3009dff96e418787cc40302..590964a2cbaf3f391a702918acee9ef5a870259f 100644 (file)
--- a/devdoc/api.txt
+++ b/devdoc/api.txt
@@ -11,13 +11,15 @@ Client submits a classic html form to server.
 **note**: In this documentation, php notation is used (`_POST` and `_FILES`),
 but server may be written in any language.
 
+` _POST["password"]` may contains user password. If it is set, access is
+ checked. If it is not set, authentification cookie is checked. If neither are
+ present, or if one of them is wrong, access is denied.
+
 `_POST["request"]` is either:
 
 ## auth
  asks for authentication
 
- * ` _POST["password"]` must contains user password
-
 ## add
  adds a new feature