Updated Api (markdown)

Api.md

@@ -645,4 +645,60 @@ Deletes the scope with the {id} in the URL. Any clients that are currently regis
 
 Returns HTTP 200 with an empty page on success.
 
-## User Site Approvals
+## User Site Approvals
+
+Approved sites represent a decision by an end user (or "authorization grant") that has been stored. Future authorization requests that match the parameters of this approval will be granted automatically. This API allows for reading and deleting existing approvals. New approvals are created during the normal course of the OAuth protocol.
+
+Endpoint: **`/api/approved`**
+
+### GET /api/approved
+
+_Requires **ROLE_USER** access._
+
+Gets a list of the approved sites for the current user in `application/json` format.
+
+```
+[
+    {
+        "id": 1,
+        "userId": "jricher",
+        "clientId": "client",
+        "creationDate": "2013-04-26T14:57:21-0400",
+        "accessDate": "2013-04-26T14:57:21-0400",
+        "timeoutDate": null,
+        "allowedScopes": [
+            "email",
+            "phone",
+            "openid"
+        ],
+        "whitelistedSite": null
+    }
+]
+```
+
+### GET /api/approved/{id}
+
+Gets the approved site with the {id} indicated in the url, in `application/json` format. Users may only get approved sites that belong to them.
+
+```
+{
+    "id": 1,
+    "userId": "jricher",
+    "clientId": "client",
+    "creationDate": "2013-04-26T14:57:21-0400",
+    "accessDate": "2013-04-26T14:57:21-0400",
+    "timeoutDate": null,
+    "allowedScopes": [
+        "email",
+        "phone",
+        "openid"
+    ],
+    "whitelistedSite": null
+}
+```
+
+### DELETE /api/approved/{id}
+
+Deletes the approved site with the given {id} in the URL. Users may delete only their own approved sites. Any tokens associated with the approved site remain active. _Note: This behavior will likely change in a future version of the software._
+
+The sever responds with an HTTP 200 code and a blank page on success.