diff options
author | Jason Robinson <jasonr@matrix.org> | 2019-01-21 01:59:18 +0200 |
---|---|---|
committer | Jason Robinson <jasonr@matrix.org> | 2019-01-23 10:32:41 +0200 |
commit | 1d2c69fee897cf052cfa03f0cc6f9f419c898bb1 (patch) | |
tree | 5d6e7335ff9d9400c9a08d20f60f921651c42d25 /changelog.d/4420.feature | |
parent | Split federation OpenID userinfo endpoint out of the federation resource (diff) | |
download | synapse-1d2c69fee897cf052cfa03f0cc6f9f419c898bb1.tar.xz |
Add changelog for openid resource addition
Signed-off-by: Jason Robinson <jasonr@matrix.org>
Diffstat (limited to 'changelog.d/4420.feature')
-rw-r--r-- | changelog.d/4420.feature | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/changelog.d/4420.feature b/changelog.d/4420.feature new file mode 100644 index 0000000000..5e684d01e0 --- /dev/null +++ b/changelog.d/4420.feature @@ -0,0 +1,13 @@ +New listener resource for the federation API "openid/userinfo" endpoint + +Integration managers use the OpenID userinfo endpoint in the federation API to verify that user +OpenID access tokens are valid. If the federation resource is disabled, integration managers will not be able +to verify the access token, causing a broken experience for users. The OpenID userinfo endpoint has now been split +to a separate `openid` resource, which is enabled by default in newly generated configuration. It is also enabled +automatically if the federation resource is enabled. + +If your homeserver runs federation enabled, this change does not require any actions. + +If you run a homeserver with federation disabled, we recommend adding the `openid` resource to your homeserver +configuration in the `type: http` listener `resources` list to allow your users access to +integration manager features. |