diff options
author | Richard van der Hoff <richard@matrix.org> | 2019-09-13 15:20:49 +0100 |
---|---|---|
committer | Richard van der Hoff <richard@matrix.org> | 2019-09-13 16:01:46 +0100 |
commit | a8ac40445c98b9e1fc2538d7d4ec49c80b0298ac (patch) | |
tree | e506896dcaa02f826ffe0e5e1c859acabb290626 /docs | |
parent | Make the sample saml config closer to our standards (diff) | |
download | synapse-a8ac40445c98b9e1fc2538d7d4ec49c80b0298ac.tar.xz |
Record mappings from saml users in an external table
We want to assign unique mxids to saml users based on an incrementing suffix. For that to work, we need to record the allocated mxid in a separate table.
Diffstat (limited to 'docs')
-rw-r--r-- | docs/sample_config.yaml | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/docs/sample_config.yaml b/docs/sample_config.yaml index 8cfc5c312a..9021fe2cb8 100644 --- a/docs/sample_config.yaml +++ b/docs/sample_config.yaml @@ -1099,6 +1099,32 @@ saml2_config: # #saml_session_lifetime: 5m + # The SAML attribute (after mapping via the attribute maps) to use to derive + # the Matrix ID from. 'uid' by default. + # + #mxid_source_attribute: displayName + + # The mapping system to use for mapping the saml attribute onto a matrix ID. + # Options include: + # * 'hexencode' (which maps unpermitted characters to '=xx') + # * 'dotreplace' (which replaces unpermitted characters with '.'). + # The default is 'hexencode'. + # + #mxid_mapping: dotreplace + + # In previous versions of synapse, the mapping from SAML attribute to MXID was + # always calculated dynamically rather than stored in a table. For backwards- + # compatibility, we will look for user_ids matching such a pattern before + # creating a new account. + # + # This setting controls the SAML attribute which will be used for this + # backwards-compatibility lookup. Typically it should be 'uid', but if the + # attribute maps are changed, it may be necessary to change it. + # + # The default is 'uid'. + # + #grandfathered_mxid_source_attribute: upn + # Enable CAS for registration and login. |