It appears that the v3 docs for DELETE /authentication/session here are incorrect/out-of-date?

The docs claim session_id should be passed in the request body, but I get a 405 Not Allowed by doing that.
Instead, it appears the API expects a session_id query param (this is best practice, anyway!).
With the session_id sent as a query param, I get 200 Success and the session does get deleted.