From 9ace2ccb08841bfaea819b6a5f8b181ca5581fbf Mon Sep 17 00:00:00 2001
From: Jeff Mitchell <jeffrey.mitchell@gmail.com>
Date: Mon, 14 Mar 2016 16:56:43 -0400
Subject: [PATCH] changelog++

---
 CHANGELOG.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index cc5f3fadf..7da1a1b1a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -41,6 +41,9 @@ IMPROVEMENTS:
  * command/token-renew: Allow no token to be passed in; use `renew-self` in
    this case. Change the behavior for any token being passed in to use `renew`.
    [GH-1150]
+ * credential/app-id: Allow `app-id` parameter to be given in the login path;
+   this causes the `app-id` to be part of the token path, making it easier to
+   use with `revoke-prefix` [GH-424]
  * credential/cert: Non-CA certificates can be used for authentication. They
    must be matched exactly (issuer and serial number) for authentication, and
    the certificate must carry the client authentication or 'any' extended usage