clarify the intended use of the oauth api call as per this issue:

author Christian Walde <walde.christian@googlemail.com>

Wed, 25 Jan 2017 17:31:15 +0000 (18:31 +0100)

committer Christian Walde <walde.christian@googlemail.com>

Wed, 25 Jan 2017 17:31:15 +0000 (18:31 +0100)
author Christian Walde <walde.christian@googlemail.com>
Wed, 25 Jan 2017 17:31:15 +0000 (18:31 +0100)
committer Christian Walde <walde.christian@googlemail.com>
Wed, 25 Jan 2017 17:31:15 +0000 (18:31 +0100)
diff --git a/docs/Using-the-API/API.md b/docs/Using-the-API/API.md

index 9f528087001eaa4535934ca4179ab50812aa2391..5d0c27ee8f452317128904d77fbc4e52276ece57 100644 (file)
--- a/docs/Using-the-API/API.md
+++ b/docs/Using-the-API/API.md
@@ -212,6 +212,8 @@ Form data:
  
  Creates a new OAuth app. Returns `id`, `client_id` and `client_secret` which can be used with [OAuth authentication in your 3rd party app](Testing-with-cURL.md).
  
+These values should be requested in the app itself from the API for each new app install + mastodon domain combo, and stored in the app for future requests.
+
  ___
  
  ## Entities
author	Christian Walde <walde.christian@googlemail.com>
	Wed, 25 Jan 2017 17:31:15 +0000 (18:31 +0100)
committer	Christian Walde <walde.christian@googlemail.com>
	Wed, 25 Jan 2017 17:31:15 +0000 (18:31 +0100)