From 839dad17a14654ff31c6c7d4de0f00b90499dc23 Mon Sep 17 00:00:00 2001
From: GitLab Bot <gitlab-bot@gitlab.com>
Date: Fri, 4 Dec 2020 21:09:29 +0000
Subject: Add latest changes from gitlab-org/gitlab@master

---
 doc/api/oauth2.md | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

(limited to 'doc/api/oauth2.md')

diff --git a/doc/api/oauth2.md b/doc/api/oauth2.md
index b1c81ff20b6..50d063bdf71 100644
--- a/doc/api/oauth2.md
+++ b/doc/api/oauth2.md
@@ -59,7 +59,7 @@ authorization with each flow.
 
 ### Web application flow
 
-NOTE: **Note:**
+NOTE:
 Check the [RFC spec](https://tools.ietf.org/html/rfc6749#section-4.1) for a
 detailed flow description.
 
@@ -105,7 +105,7 @@ The web application flow is:
    }
    ```
 
-NOTE: **Note:**
+NOTE:
 The `redirect_uri` must match the `redirect_uri` used in the original
 authorization request.
 
@@ -113,11 +113,11 @@ You can now make requests to the API with the access token returned.
 
 ### Implicit grant flow
 
-NOTE: **Note:**
+NOTE:
 Check the [RFC spec](https://tools.ietf.org/html/rfc6749#section-4.2) for a
 detailed flow description.
 
-CAUTION: **Important:**
+WARNING:
 Avoid using this flow for applications that store data outside of the GitLab
 instance. If you do, make sure to verify `application id` associated with the
 access token before granting access to the data
@@ -149,11 +149,11 @@ https://example.com/oauth/redirect#access_token=ABCDExyz123&state=YOUR_UNIQUE_ST
 
 ### Resource owner password credentials flow
 
-NOTE: **Note:**
+NOTE:
 Check the [RFC spec](https://tools.ietf.org/html/rfc6749#section-4.3) for a
 detailed flow description.
 
-NOTE: **Note:**
+NOTE:
 The Resource Owner Password Credentials is disabled for users with [two-factor
 authentication](../user/profile/account/two_factor_authentication.md) turned on.
 These users can access the API using [personal access tokens](../user/profile/personal_access_tokens.md)
@@ -169,7 +169,7 @@ The credentials should only be used when:
   privileged application.
 - Other authorization grant types are not available (such as an authorization code).
 
-CAUTION: **Important:**
+WARNING:
 Never store the user's credentials and only use this grant type when your client
 is deployed to a trusted environment, in 99% of cases
 [personal access tokens](../user/profile/personal_access_tokens.md) are a better
-- 
cgit v1.2.3