X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/c198274863bb5d72ef34dfc311c62bf50d6bd4f4..99887d1312315a5efb4d888251f90880846c073c:/doc/api/tokens.html.textile.liquid

diff --git a/doc/api/tokens.html.textile.liquid b/doc/api/tokens.html.textile.liquid
index 2101542853..922df5ab9d 100644
--- a/doc/api/tokens.html.textile.liquid
+++ b/doc/api/tokens.html.textile.liquid
@@ -3,6 +3,11 @@ layout: default
 navsection: api
 title: API Authorization
 ...
+{% comment %}
+Copyright (C) The Arvados Authors. All rights reserved.
+
+SPDX-License-Identifier: CC-BY-SA-3.0
+{% endcomment %}
 
 All requests to the API server must have an API token.  API tokens can be issued by going though the login flow, or created via the API.  At this time, only browser based applications can perform login from email/password.  Command line applications and services must use an API token provided via the @ARVADOS_API_TOKEN@ environment variable or configuration file.
 
@@ -16,7 +21,9 @@ Browser based applications can perform log in via the following highlevel flow:
 # The browser is redirected to the login page URL provided in @return_to=XXX@ with the addition of @?api_token=xxxxapitokenxxxx@.
 # The web application gets the login request with the included authorization token.
 
-The "browser authentication process is documented in detail on the Aravdos wiki.":https://dev.arvados.org/projects/arvados/wiki/Workbench_authentication_process
+!{{site.baseurl}}/images/Session_Establishment.svg!
+
+The "browser authentication process is documented in detail on the Arvados wiki.":https://dev.arvados.org/projects/arvados/wiki/Workbench_authentication_process
 
 h2. Creating tokens via the API