From d0f8fbdc27300a101b8d614763ff046b79f4b07e Mon Sep 17 00:00:00 2001
From: erikjohnston <erikjohnston@users.noreply.github.com>
Date: Tue, 2 Apr 2024 17:46:21 +0000
Subject: deploy: ca27b516656223150d218bdd838df302fedf838c

---
 latest/usage/administration/useful_sql_for_admins.html | 6 ++++++
 latest/usage/configuration/config_documentation.html   | 6 ++++++
 2 files changed, 12 insertions(+)

(limited to 'latest/usage')

diff --git a/latest/usage/administration/useful_sql_for_admins.html b/latest/usage/administration/useful_sql_for_admins.html
index ce31570096..b501d28f23 100644
--- a/latest/usage/administration/useful_sql_for_admins.html
+++ b/latest/usage/administration/useful_sql_for_admins.html
@@ -328,6 +328,12 @@ WHERE room_stats_state.room_id = event_json.room_id&quot; | psql -d synapse -h l
 <pre><code class="language-sql">SELECT user_id, device_id, user_agent, TO_TIMESTAMP(last_seen / 1000) AS &quot;last_seen&quot;
   FROM devices
   WHERE last_seen &lt; DATE_PART('epoch', NOW() - INTERVAL '3 month') * 1000;
+</code></pre>
+<h2 id="clear-the-cache-of-a-remote-users-device-list"><a class="header" href="#clear-the-cache-of-a-remote-users-device-list">Clear the cache of a remote user's device list</a></h2>
+<p>Forces the resync of a remote user's device list - if you have somehow cached a bad state, and the remote server is
+will not send out a device list update.</p>
+<pre><code class="language-sql">INSERT INTO device_lists_remote_resync
+VALUES ('USER_ID', (EXTRACT(epoch FROM NOW()) * 1000)::BIGINT);
 </code></pre>
 
                     </main>
diff --git a/latest/usage/configuration/config_documentation.html b/latest/usage/configuration/config_documentation.html
index c8643d76bc..c3bde7a4de 100644
--- a/latest/usage/configuration/config_documentation.html
+++ b/latest/usage/configuration/config_documentation.html
@@ -2982,6 +2982,10 @@ not included in <code>scopes</code>. Set to <code>userinfo_endpoint</code> to al
 userinfo endpoint.</p>
 </li>
 <li>
+<p><code>additional_authorization_parameters</code>: String to string dictionary that will be passed as
+additional parameters to the authorization grant URL.</p>
+</li>
+<li>
 <p><code>allow_existing_users</code>: set to true to allow a user logging in via OIDC to
 match a pre-existing account instead of failing. This could be used if
 switching from password logins to OIDC. Defaults to false.</p>
@@ -3113,6 +3117,8 @@ claim MUST contain &quot;admin&quot;.</p>
     token_endpoint: &quot;https://accounts.example.com/oauth2/token&quot;
     userinfo_endpoint: &quot;https://accounts.example.com/userinfo&quot;
     jwks_uri: &quot;https://accounts.example.com/.well-known/jwks.json&quot;
+    additional_authorization_parameters:
+      acr_values: 2fa
     skip_verification: true
     enable_registration: true
     user_mapping_provider:
-- 
cgit 1.5.1