From a2cb8ae72c83b1d3be4e1d50148e1db4574639f5 Mon Sep 17 00:00:00 2001
From: Philip Durbin <philip_durbin@harvard.edu>
Date: Fri, 20 Dec 2024 14:30:48 -0500
Subject: [PATCH] make release note more accurate, only one endpoint affected
 #10340

---
 doc/release-notes/10340-forbidden.md | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/doc/release-notes/10340-forbidden.md b/doc/release-notes/10340-forbidden.md
index 0910646c7bd..5997f717d64 100644
--- a/doc/release-notes/10340-forbidden.md
+++ b/doc/release-notes/10340-forbidden.md
@@ -1,7 +1,3 @@
-### API Now Returns 403 Forbidden for Permission Checks
-
-Dataverse was returning 401 Unauthorized when a permission check failed. This has been corrected to return 403 Forbidden in these cases. That is, the API token is known to be good (401 otherwise) but the user lacks permission (403 is now sent). See also #10340 and #11116.
-
 ### Backward Incompatible Changes
 
-See "API Now Returns 403 Forbidden for Permission Checks" above.
+The [Show Role](https://dataverse-guide--11116.org.readthedocs.build/en/11116/api/native-api.html#show-role) API endpoint was returning 401 Unauthorized when a permission check failed. This has been corrected to return 403 Forbidden instead. That is, the API token is known to be good (401 otherwise) but the user lacks permission (403 is now sent). See also the [API Changelog](https://dataverse-guide--11116.org.readthedocs.build/en/11116/api/changelog.html), #10340, and #11116.