diff options
| author | clokep <clokep@users.noreply.github.com> | 2023-02-23 17:55:01 +0000 |
|---|---|---|
| committer | clokep <clokep@users.noreply.github.com> | 2023-02-23 17:55:01 +0000 |
| commit | f87c32260658a357a1792360e4d276ebb28fffd9 (patch) | |
| tree | dd9b6d3cbb6df672c37b019d98133fc318be54da /develop/print.html | |
| parent | deploy: 4ed08ff72ef8f1abf85ab22de1e51b570f67b27e (diff) | |
| download | synapse-f87c32260658a357a1792360e4d276ebb28fffd9.tar.xz | |
deploy: 452b009eb085387cec0b967a114e722624d276fb
Diffstat (limited to 'develop/print.html')
| -rw-r--r-- | develop/print.html | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/develop/print.html b/develop/print.html index dfbc1010ff..1df6f6b1e8 100644 --- a/develop/print.html +++ b/develop/print.html @@ -8070,6 +8070,42 @@ This can be optionally enabled by setting <code>backchannel_logout_enabled</code subject_claim: "id" </code></pre> <p>Note that the fields <code>client_id</code> and <code>client_secret</code> are taken from the CURL response above.</p> +<h3 id="shibboleth-with-oidc-plugin"><a class="header" href="#shibboleth-with-oidc-plugin">Shibboleth with OIDC Plugin</a></h3> +<p><a href="https://www.shibboleth.net/">Shibboleth</a> is an open Standard IdP solution widely used by Universities.</p> +<ol> +<li>Shibboleth needs the <a href="https://shibboleth.atlassian.net/wiki/spaces/IDPPLUGINS/pages/1376878976/OIDC+OP">OIDC Plugin</a> installed and working correctly.</li> +<li>Create a new config on the IdP Side, ensure that the <code>client_id</code> and <code>client_secret</code> +are randomly generated data.</li> +</ol> +<pre><code class="language-json">{ + "client_id": "SOME-CLIENT-ID", + "client_secret": "SOME-SUPER-SECRET-SECRET", + "response_types": ["code"], + "grant_types": ["authorization_code"], + "scope": "openid profile email", + "redirect_uris": ["https://[synapse public baseurl]/_synapse/client/oidc/callback"] +} +</code></pre> +<p>Synapse config:</p> +<pre><code class="language-yaml">oidc_providers: + # Shibboleth IDP + # + - idp_id: shibboleth + idp_name: "Shibboleth Login" + discover: true + issuer: "https://YOUR-IDP-URL.TLD" + client_id: "YOUR_CLIENT_ID" + client_secret: "YOUR-CLIENT-SECRECT-FROM-YOUR-IDP" + scopes: ["openid", "profile", "email"] + allow_existing_users: true + user_profile_method: "userinfo_endpoint" + user_mapping_provider: + config: + subject_claim: "sub" + localpart_template: "{{ user.sub.split('@')[0] }}" + display_name_template: "{{ user.name }}" + email_template: "{{ user.email }}" +</code></pre> <h3 id="twitch"><a class="header" href="#twitch">Twitch</a></h3> <ol> <li>Setup a developer account on <a href="https://dev.twitch.tv/">Twitch</a></li> |