From 5a8ce51c83c786821297aecb168b5cb4fcde9263 Mon Sep 17 00:00:00 2001
From: gilesb <giles.bradshaw@sigyl.com>
Date: Fri, 9 Jan 2026 17:43:49 +0000
Subject: [PATCH] Document L1 authorization requirement for token verification

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---
 README.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index b46bd6d..014829c 100644
--- a/README.md
+++ b/README.md
@@ -115,7 +115,9 @@ When a user attaches to an L1 server:
 3. L1 sets its own local cookie, logging the user in
 4. Their attachment is recorded in the `user_renderers` table
 
-**No shared secrets required**: L1 servers verify tokens by calling L2's public `/auth/verify` endpoint. This allows any L1 provider to federate with L2 without needing the JWT secret.
+**No shared secrets required**: L1 servers verify tokens by calling L2's `/auth/verify` endpoint. This allows any L1 provider to federate with L2 without needing the JWT secret.
+
+**Authorization**: L1 servers must identify themselves when calling `/auth/verify` by passing their URL. Only servers listed in `L1_SERVERS` are authorized to verify tokens.
 
 Users can manage attachments at `/renderers`.