donau - small API changes

1 files changed, 5 insertions, 0 deletions

diff --git a/core/api-donau.rst b/core/api-donau.rst
index 8c4b3474..be4f8db9 100644
--- a/core/api-donau.rst
+++ b/core/api-donau.rst
@@ -500,9 +500,12 @@ Charity administration and status information
 ---------------------------------------------
 
 The administration requests require an authorized bearer token to be set in the HTTP "Authorization" Header. This token can be set by a proxy validating authentication/authorization (using e.g. LDAP).
+The GET status requests require an authorized bearer token as well so that only the charities can make these requests.
 
 .. http:GET::  /charities
 
+GET all charities. Only allowed if the request comes with the administration bearer token.
+
   return all charities
 
   **Request:**
@@ -533,6 +536,8 @@ The administration requests require an authorized bearer token to be set in the
 
 .. http:get:: /charities/$CHARITY_ID
 
+GET a specific charity. Only allowed if the request comes with the charity or administration bearer token.
+
   Request information about a charity.
 
   **Request:**