summary refs log tree commit diff
path: root/docs
diff options
context:
space:
mode:
authorPatrick Cloke <clokep@users.noreply.github.com>2023-01-04 08:26:10 -0500
committerGitHub <noreply@github.com>2023-01-04 08:26:10 -0500
commit906dfaa2cf5a79ed9c18529b1a370ffd49c0204e (patch)
treebba6f2a48a26b1e8be9c3662f66912892a7cd461 /docs
parentUpdate all stream IDs after processing replication rows (#14723) (diff)
downloadsynapse-906dfaa2cf5a79ed9c18529b1a370ffd49c0204e.tar.xz
Support non-OpenID compliant user info endpoints (#14753)
OpenID specifies the format of the user info endpoint and some
OAuth 2.0 IdPs do not follow it, e.g. NextCloud and Twitter.

This adds subject_template and picture_template options to the
default mapping provider for more flexibility in matching those user
info responses.
Diffstat (limited to 'docs')
-rw-r--r--docs/usage/configuration/config_documentation.md18
1 files changed, 18 insertions, 0 deletions
diff --git a/docs/usage/configuration/config_documentation.md b/docs/usage/configuration/config_documentation.md

index 67e0acc910..23f9dcbea2 100644
--- a/docs/usage/configuration/config_documentation.md
+++ b/docs/usage/configuration/config_documentation.md
@@ -3098,10 +3098,26 @@ Options for each entry include:
 
         For the default provider, the following settings are available:
 
+       * `subject_template`: Jinja2 template for a unique identifier for the user.
+         Defaults to `{{ user.sub }}`, which OpenID Connect compliant providers should provide.
+
+         This replaces and overrides `subject_claim`.
+
        * `subject_claim`: name of the claim containing a unique identifier
          for the user. Defaults to 'sub', which OpenID Connect
          compliant providers should provide.
 
+         *Deprecated in Synapse v1.75.0.*
+
+       * `picture_template`: Jinja2 template for an url for the user's profile picture.
+         Defaults to `{{ user.picture }}`, which OpenID Connect compliant providers should
+         provide and has to refer to a direct image file such as PNG, JPEG, or GIF image file.
+
+         This replaces and overrides `picture_claim`.
+
+         Currently only supported in monolithic (single-process) server configurations
+         where the media repository runs within the Synapse process.
+
        * `picture_claim`: name of the claim containing an url for the user's profile picture.
          Defaults to 'picture', which OpenID Connect compliant providers should provide
          and has to refer to a direct image file such as PNG, JPEG, or GIF image file.
@@ -3109,6 +3125,8 @@ Options for each entry include:
          Currently only supported in monolithic (single-process) server configurations
          where the media repository runs within the Synapse process.
 
+         *Deprecated in Synapse v1.75.0.*
+
        * `localpart_template`: Jinja2 template for the localpart of the MXID.
           If this is not set, the user will be prompted to choose their
           own username (see the documentation for the `sso_auth_account_details.html`
generated by cgit-magenta 1.5.1 (git 2.48.1) at 2025-04-08 08:12:23 +0000