diff options
author | Quentin Gliech <quenting@element.io> | 2022-09-16 14:29:03 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-09-16 12:29:03 +0000 |
commit | 74f60cec92c5aff87d6e74d177e95ec5f1a69f2b (patch) | |
tree | 52e7531244978963397cc701d500f9d07c74a711 /docs/admin_api/user_admin_api.md | |
parent | Update request log format documentation to mention the format used when the a... (diff) | |
download | synapse-74f60cec92c5aff87d6e74d177e95ec5f1a69f2b.tar.xz |
Add an admin API endpoint to find a user based on its external ID in an auth provider. (#13810)
Diffstat (limited to 'docs/admin_api/user_admin_api.md')
-rw-r--r-- | docs/admin_api/user_admin_api.md | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/docs/admin_api/user_admin_api.md b/docs/admin_api/user_admin_api.md index 975f05c929..3625c7b6c5 100644 --- a/docs/admin_api/user_admin_api.md +++ b/docs/admin_api/user_admin_api.md @@ -1155,3 +1155,41 @@ GET /_synapse/admin/v1/username_available?username=$localpart The request and response format is the same as the [/_matrix/client/r0/register/available](https://matrix.org/docs/spec/client_server/r0.6.0#get-matrix-client-r0-register-available) API. + +### Find a user based on their ID in an auth provider + +The API is: + +``` +GET /_synapse/admin/v1/auth_providers/$provider/users/$external_id +``` + +When a user matched the given ID for the given provider, an HTTP code `200` with a response body like the following is returned: + +```json +{ + "user_id": "@hello:example.org" +} +``` + +**Parameters** + +The following parameters should be set in the URL: + +- `provider` - The ID of the authentication provider, as advertised by the [`GET /_matrix/client/v3/login`](https://spec.matrix.org/latest/client-server-api/#post_matrixclientv3login) API in the `m.login.sso` authentication method. +- `external_id` - The user ID from the authentication provider. Usually corresponds to the `sub` claim for OIDC providers, or to the `uid` attestation for SAML2 providers. + +The `external_id` may have characters that are not URL-safe (typically `/`, `:` or `@`), so it is advised to URL-encode those parameters. + +**Errors** + +Returns a `404` HTTP status code if no user was found, with a response body like this: + +```json +{ + "errcode":"M_NOT_FOUND", + "error":"User not found" +} +``` + +_Added in Synapse 1.68.0._ |