# HG changeset patch
# User Kim Alvefur <zash@zash.se>
# Date 1752613570 -7200
# Node ID 3eb0255b41b35140f69b9beb6ea0f4590958c6ae
# Parent  3f0970babd677baa2f10d5f92488d8436fd27406
mod_http_oauth2: Update README to mention XEP-0493

diff -r 3f0970babd67 -r 3eb0255b41b3 mod_http_oauth2/README.md
--- a/mod_http_oauth2/README.md	Tue Jul 15 21:56:56 2025 +0200
+++ b/mod_http_oauth2/README.md	Tue Jul 15 23:06:10 2025 +0200
@@ -275,9 +275,9 @@
 
 OAuth supports "scopes" as a way to grant clients limited access.
 
-There are currently no standard scopes defined for XMPP. This is
-something that we intend to change, e.g. by definitions provided in a
-future XEP. This means that clients you authorize currently have to
+[XEP-0493: OAuth Client Login] describes using OAuth 2.0 / OpenID Connect with XMPP.
+This module does not yet support [the scopes defined](https://xmpp.org/extensions/xep-0493.html#oauth-scopes).
+This means that clients you authorize currently have to
 choose between unrestricted access to your account (including the
 ability to change your password and lock you out!) and zero access. So,
 for now, while using OAuth clients can prevent leaking your password to