From ca666fe376c590b08035526391db2f7e02fbab37 Mon Sep 17 00:00:00 2001
From: Stefan Pratter <stefan@20c.com>
Date: Tue, 12 Mar 2024 19:33:20 +0000
Subject: [PATCH] docs

---
 docs/dev/oauth.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/dev/oauth.md b/docs/dev/oauth.md
index 5a5b57d5..4b1b3ec2 100644
--- a/docs/dev/oauth.md
+++ b/docs/dev/oauth.md
@@ -48,7 +48,7 @@ PeeringDB currently is not collecting device attestation, thus has no way to ide
 - `pwd` - Password
 - `mfa` - Multi-factor authentication
 - `otp` - One-time password
-- `swk` - security key  (not in the RFC spec, but since we're not able to collect device attestation, we're using this as a proxy for security key usage - e.g., YubiKey, device pin, fingerprint scanner etc.)
+- `swk` - Proof-of-Possession (PoP) of a software-secured key - usage of webauthn security key will append this
 
 ```python
 "amr": ["pwd", "mfa", "otp"] # password entered + OTP