17284: Fix missing "/" in error message.

[arvados.git] / doc / api / tokens.html.textile.liquid

diff --git a/doc/api/tokens.html.textile.liquid b/doc/api/tokens.html.textile.liquid
index 1846d60b0ec5f87831e0a3912b746cc1c5c34cca..9d8f456509b12d730d2d22bdcae6a8b785f74eb6 100644 (file)
--- a/doc/api/tokens.html.textile.liquid
+++ b/doc/api/tokens.html.textile.liquid
@@ -27,7 +27,7 @@ The "browser authentication process is documented in detail on the Arvados wiki.
 
 h2. User activation
 
-"Creation and activation of new users is described here.":{{site.baseurl}}/admin/activation.html
+"Creation and activation of new users is described here.":{{site.baseurl}}/admin/user-management.html
 
 h2. Creating tokens via the API
 
@@ -43,7 +43,7 @@ API clients may be marked as "trusted" by making an API call to create or update
 
 A authorization token which is not associated with a trusted client may only use the @current@ method to query its own api_client_authorization object.  The "untrusted" token is forbidden performing any other operations on API client authorizations, such as listing other authorizations or creating new authorizations.
 
-Authorization tokens which are not issued via the browser login flow (created directly via the API) will not have an associated api client.  This means authorization tokens created via the API are always "untrusted".
+Authorization tokens which are not issued via the browser login flow (created directly via the API) inherit the api client of the token used to create them.  They will always be "trusted" because untrusted API clients cannot create tokens.
 
 h2(#scopes). Scopes