You're looking at an unstable version of this specification. Unstable specifications may change at any time without notice.

Switch to the current stable release.

Changes since last release

Git commithttps://github.com/matrix-org/matrix-spec/tree/3e1cbe1
Checklistchecklist.md

Client-Server API

New Endpoints

  • Add GET /_matrix/client/v1/admin/lock/{userId}, as per MSC4323. (#2278)
  • Add PUT /_matrix/client/v1/admin/lock/{userId}, as per MSC4323. (#2278)
  • Add GET /_matrix/client/v1/admin/suspend/{userId}, as per MSC4323. (#2278)
  • Add PUT /_matrix/client/v1/admin/suspend/{userId}, as per MSC4323. (#2278)

Removed Endpoints

  • The score request parameter on /_matrix/client/v3/rooms/{roomId}/report/{eventId} was removed as per MSC4277. (#2311)

Backwards Compatible Changes

  • Add the account management capabilities for the OAuth 2.0 authentication API, as per MSC4191. (#2270)
  • Add OAuth 2.0 aware clients, as per MSC3824. (#2272)
  • Add administrator endpoints to lock and suspend server-local users and add the m.account_management capability, as per MSC4323. (#2278)
  • Add m.recent_emoji account data event to track recently used emoji as per MSC4356. (#2291)
  • Add m.forget_forced_upon_leave capability for servers to transparently auto-forget rooms that the user leaves as per MSC4267. (#2292)
  • Add support for m.room.redaction events at the PUT /rooms/{roomId}/send/{eventType}/{txnId} endpoint, as per MSC4169. (#2298)
  • Clients supporting the ol HTML element must also support the start attribute, as per MSC4313. (#2299)
  • Add recommendation about excluding non-cross-signed devices from encrypted conversations, as per MSC4153. (#2301)
  • Add invite blocking, as per MSC4380. (#2305)
  • /_matrix/client/v3/rooms/{roomId}/report and /_matrix/client/v3/rooms/{roomId}/report/{eventId} may respond with HTTP 200 regardless of the reported subject’s existence or add a random delay when generating responses as per MSC4277. (#2311)
  • Add M_USER_LIMIT_EXCEEDED common error code, as per MSC4335. (#2315)
  • Add the OAuth 2.0 Device Authorization Grant (RFC 8628) as a supported grant type, as per MSC4341. (#2320)
  • Add the is_animated flag to the info object of the m.image msgtype and the m.sticker event, as per MSC4230. (#2328, #2338)

Spec Clarifications

  • The optional submit_url response parameter of the /requestToken endpoints uses the same request and response parameters and error codes as the Identity Service API’s POST /_matrix/identity/v2/validate/email/submitToken, as per MSC4183. (#2277)
  • Update non-historic mentions of matrix-doc repo to matrix-spec/-proposals. Contributed by @HarHarLinks. (#2280)
  • Remove unintended TeX formatting. Contributed by @HarHarLinks. (#2283)
  • Clarify the requiredness of event_id in predecessor. (#2304)
  • Clarify terminology for keys in cross-signing module. (#2306)
  • Add 404 responses to the OpenAPI of GET /login and GET /auth_metadata endpoints. The responses were already defined in text but not written in OpenAPI. (#2316)
  • Fix various typos throughout the specification. Contributed by @HarHarLinks. (#2318)
  • Clarified attachment encryption to require secure generation of keys and hash verification. (#2324)
  • Order the common and other error codes alphabetically and remove duplicate M_THREEPID_IN_USE definition. (#2336)
  • Fix various typos throughout the specification. (#2337)

Server-Server API

Removed Endpoints

  • Remove /v1/send_join and /v1/send_leave, as per MSC4376. (#2319)

Spec Clarifications

  • Clarify what the minimum_valid_until_ts field means when it is set in key queries. (#2191)
  • Specify validation for PDUs passed to and returned from federation membership endpoints. (#2284)
  • Specify that callers of /_matrix/federation/v1/openid/userinfo must validate the returned user ID. (#2288)
  • Change m.signing_update typo to m.signing_key_update. Contributed by @velikopter (#2300)
  • Add link to JSON signing algorithm in server-server auth section for clarity. Contributed by @thetayloredman. (#2329)
  • Fix various typos throughout the specification. (#2338)

Application Service API

Spec Clarifications

  • Fix various typos throughout the specification. (#2330)

Identity Service API

Spec Clarifications

  • Clarify the error codes that can be returned with a 400 HTTP status code by the POST /_matrix/identity/v2/validate/email/submitToken and POST /_matrix/identity/v2/validate/msisdn/submitToken endpoints, introducing the M_TOKEN_INCORRECT error code, as per MSC4183. (#2277)
  • Order the standard error codes alphabetically. (#2336)

Push Gateway API

No significant changes.

Room Versions

Spec Clarifications

  • Clarify meaning of floating-point powerlevels. (#2297)
  • Remove the post-1.16 release note for room version 12. (#2303)

Appendices

Spec Clarifications

  • Add identifier pronunciation guidelines. Contributed by @HarHarLinks. (#2307)

Internal Changes/Tooling

Backwards Compatible Changes

  • Include the spec release version in the filenames in the tarballs generated by CI. (#2276)

Spec Clarifications

  • Clarify vendor prefixing requirements. (#2222)
  • Auto-create draft releases when building release tags. (#2275)
  • Replace the Twitter link in the footer with our BlueSky and Mastodon socials. (#2282)
  • Upgrade to docsy v0.13.0. (#2287)
  • Updates to the release documentation. (#2289)
  • Remove unused leftover CSS files. (#2290)
  • Update the footer social links to match matrix.org. Contributed by @HarHarLinks. (#2317)
  • Fix various typos throughout the specification. Contributed by @HarHarLinks. (#2318)
  • Render error code sections as definition lists to improve readability. (#2323)