use new style oidc config
This commit is contained in:
parent
937959bdb9
commit
deddb2659e
GPG Key ID:
BB32CF3CA052C2F0
46
README.md
46
README.md
@ -1,4 +1,4 @@
|
|||||||
[Synapse](https://github.com/matrix-org/synapse) homeserver for the [matrix](http://matrix.org/) network.
|
[Synapse](https://github.com/matrix-org/synapse) homeserver for the [matrix](http://matrix.org/) network with keycloak auth.
|
||||||
|
|
||||||
# Volumes
|
# Volumes
|
||||||
- `/var/lib/matrix-synapse/media_store/`
|
- `/var/lib/matrix-synapse/media_store/`
|
||||||
@ -67,62 +67,26 @@ Whether to generate new thumbnails on the fly to precisely match the resolution
|
|||||||
|
|
||||||
Semi colon seperated list of registration files to load.
|
Semi colon seperated list of registration files to load.
|
||||||
|
|
||||||
## OIDC_ENABLED
|
## OIDC_NAME
|
||||||
- default: false
|
Name of the oidc provider as shown to users.
|
||||||
|
|
||||||
Whether to enable authorization against an OpenID Connect server.
|
|
||||||
|
|
||||||
## OIDC_DISCOVER
|
|
||||||
- default: true
|
|
||||||
|
|
||||||
Whether to use the OIDC discovery mechanism to discover endpoints.
|
|
||||||
|
|
||||||
## OIDC_ISSUER
|
## OIDC_ISSUER
|
||||||
The OIDC issuer. Used to validate tokens and (if discovery is enabled) to discover the provider's endpoints.
|
The OIDC issuer. Used to validate tokens and (if discovery is enabled) to discover the provider's endpoints.
|
||||||
|
|
||||||
|
For example `https://auth.example.com/auth/realms/master"`.
|
||||||
|
|
||||||
## OIDC_CLIENT_ID
|
## OIDC_CLIENT_ID
|
||||||
oauth2 client id.
|
oauth2 client id.
|
||||||
|
|
||||||
## OIDC_CLIENT_SECRET
|
## OIDC_CLIENT_SECRET
|
||||||
oauth2 client secret.
|
oauth2 client secret.
|
||||||
|
|
||||||
## OIDC_SCOPES
|
|
||||||
- default: "\"openid\""
|
|
||||||
|
|
||||||
Comma separated list of scopes to request.
|
|
||||||
|
|
||||||
## OIDC_AUTH_ENDPOINT
|
|
||||||
oauth2 authorization endpoint. Required if provider discovery is disabled.
|
|
||||||
|
|
||||||
## OIDC_TOKEN_ENDPOINT
|
|
||||||
oauth2 token endpoint. Required if provider discovery is disabled.
|
|
||||||
|
|
||||||
## OIDC_USERINFO_ENDPOINT
|
|
||||||
OIDC userinfo endpoint. Required if discovery is disabled and the "openid" scope
|
|
||||||
is not requested.
|
|
||||||
|
|
||||||
## OIDC_JWKS_URI
|
|
||||||
URI where to fetch the JWKS. Required if discovery is disabled and the "openid"
|
|
||||||
scope is used.
|
|
||||||
|
|
||||||
## OIDC_MAPPING_PROVIDER
|
|
||||||
- default: synapse.handlers.oidc_handler.JinjaOidcMappingProvider
|
|
||||||
|
|
||||||
Python module for mapping attributes returned from a OIDC provider onto a matrix
|
|
||||||
user.
|
|
||||||
|
|
||||||
## OIDC_ALLOW_EXISTING_USER
|
## OIDC_ALLOW_EXISTING_USER
|
||||||
- default: false
|
- default: false
|
||||||
|
|
||||||
Whether to allow a user logging in via OIDC to match a pre-existing account
|
Whether to allow a user logging in via OIDC to match a pre-existing account
|
||||||
instead of failing.
|
instead of failing.
|
||||||
|
|
||||||
## OIDC_LOCALPART_TEMPLATE
|
|
||||||
Jinja2 template for the localpart of the MXID.
|
|
||||||
|
|
||||||
## OIDC_DISPLAY_NAME_TEMPLATE
|
|
||||||
Jinja2 template for the display name to set on first login.
|
|
||||||
|
|
||||||
## SSO_CLIENT_WHITELIST
|
## SSO_CLIENT_WHITELIST
|
||||||
- default: []
|
- default: []
|
||||||
|
|
||||||
|
|||||||
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue
Block a user