Add changelog for openid resource addition

Signed-off-by: Jason Robinson <jasonr@matrix.org>
author: Jason Robinson <jasonr@matrix.org> 2019-01-21 01:59:18 +0200
committer: Jason Robinson <jasonr@matrix.org> 2019-01-23 10:32:41 +0200
commit: 1d2c69fee897cf052cfa03f0cc6f9f419c898bb1 (patch)
tree: 5d6e7335ff9d9400c9a08d20f60f921651c42d25 /changelog.d
parent: Split federation OpenID userinfo endpoint out of the federation resource (diff)
download: synapse-1d2c69fee897cf052cfa03f0cc6f9f419c898bb1.tar.xz
1 files changed, 13 insertions, 0 deletions
diff --git a/changelog.d/4420.feature b/changelog.d/4420.feature
new file mode 100644
index 0000000000..5e684d01e0
--- /dev/null
+++ b/changelog.d/4420.feature
@@ -0,0 +1,13 @@
+New listener resource for the federation API "openid/userinfo" endpoint
+
+Integration managers use the OpenID userinfo endpoint in the federation API to verify that user
+OpenID access tokens are valid. If the federation resource is disabled, integration managers will not be able
+to verify the access token, causing a broken experience for users. The OpenID userinfo endpoint has now been split
+to a separate `openid` resource, which is enabled by default in newly generated configuration. It is also enabled
+automatically if the federation resource is enabled.
+
+If your homeserver runs federation enabled, this change does not require any actions.
+
+If you run a homeserver with federation disabled, we recommend adding the `openid` resource to your homeserver
+configuration in the `type: http` listener `resources` list to allow your users access to
+integration manager features.
author	Jason Robinson <jasonr@matrix.org>	2019-01-21 01:59:18 +0200
committer	Jason Robinson <jasonr@matrix.org>	2019-01-23 10:32:41 +0200
commit	1d2c69fee897cf052cfa03f0cc6f9f419c898bb1 (patch)
tree	5d6e7335ff9d9400c9a08d20f60f921651c42d25 /changelog.d
parent	Split federation OpenID userinfo endpoint out of the federation resource (diff)
download	synapse-1d2c69fee897cf052cfa03f0cc6f9f419c898bb1.tar.xz