summary refs log tree commit diff
path: root/docs/admin_api/user_admin_api.md
diff options
context:
space:
mode:
authorQuentin Gliech <quenting@element.io>2022-09-16 14:29:03 +0200
committerGitHub <noreply@github.com>2022-09-16 12:29:03 +0000
commit74f60cec92c5aff87d6e74d177e95ec5f1a69f2b (patch)
tree52e7531244978963397cc701d500f9d07c74a711 /docs/admin_api/user_admin_api.md
parentUpdate request log format documentation to mention the format used when the a... (diff)
downloadsynapse-74f60cec92c5aff87d6e74d177e95ec5f1a69f2b.tar.xz
Add an admin API endpoint to find a user based on its external ID in an auth provider. (#13810)
Diffstat (limited to 'docs/admin_api/user_admin_api.md')
-rw-r--r--docs/admin_api/user_admin_api.md38
1 files changed, 38 insertions, 0 deletions
diff --git a/docs/admin_api/user_admin_api.md b/docs/admin_api/user_admin_api.md
index 975f05c929..3625c7b6c5 100644
--- a/docs/admin_api/user_admin_api.md
+++ b/docs/admin_api/user_admin_api.md
@@ -1155,3 +1155,41 @@ GET /_synapse/admin/v1/username_available?username=$localpart
 
 The request and response format is the same as the
 [/_matrix/client/r0/register/available](https://matrix.org/docs/spec/client_server/r0.6.0#get-matrix-client-r0-register-available) API.
+
+### Find a user based on their ID in an auth provider
+
+The API is:
+
+```
+GET /_synapse/admin/v1/auth_providers/$provider/users/$external_id
+```
+
+When a user matched the given ID for the given provider, an HTTP code `200` with a response body like the following is returned:
+
+```json
+{
+    "user_id": "@hello:example.org"
+}
+```
+
+**Parameters**
+
+The following parameters should be set in the URL:
+
+- `provider` - The ID of the authentication provider, as advertised by the [`GET /_matrix/client/v3/login`](https://spec.matrix.org/latest/client-server-api/#post_matrixclientv3login) API in the `m.login.sso` authentication method.
+- `external_id` - The user ID from the authentication provider. Usually corresponds to the `sub` claim for OIDC providers, or to the `uid` attestation for SAML2 providers.
+
+The `external_id` may have characters that are not URL-safe (typically `/`, `:` or `@`), so it is advised to URL-encode those parameters.
+
+**Errors**
+
+Returns a `404` HTTP status code if no user was found, with a response body like this:
+
+```json
+{
+    "errcode":"M_NOT_FOUND",
+    "error":"User not found"
+}
+```
+
+_Added in Synapse 1.68.0._