diff options
| author | Richard van der Hoff <1389908+richvdh@users.noreply.github.com> | 2021-03-29 15:40:11 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-03-29 15:40:11 +0100 |
| commit | 4bbd53545041c9295fbae5dd0cefdd66d55d0b53 (patch) | |
| tree | b7c8705631445e676df6096d416629949e1f409e /docs | |
| parent | Fix CI by ignore type for None module import (#9709) (diff) | |
| download | synapse-4bbd53545041c9295fbae5dd0cefdd66d55d0b53.tar.xz | |
Update the OIDC sample config (#9695)
I've reiterated the advice about using `oidc` to migrate, since I've seen a few people caught by this. I've also removed a couple of the examples as they are duplicating the OIDC documentation, and I think they might be leading people astray.
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/sample_config.yaml | 34 |
1 files changed, 3 insertions, 31 deletions
diff --git a/docs/sample_config.yaml b/docs/sample_config.yaml index 07a928224d..17cda71adc 100644 --- a/docs/sample_config.yaml +++ b/docs/sample_config.yaml @@ -1758,6 +1758,9 @@ saml2_config: # Note that, if this is changed, users authenticating via that provider # will no longer be recognised as the same user! # +# (Use "oidc" here if you are migrating from an old "oidc_config" +# configuration.) +# # idp_name: A user-facing name for this identity provider, which is used to # offer the user a choice of login mechanisms. # @@ -1927,37 +1930,6 @@ oidc_providers: # - attribute: userGroup # value: "synapseUsers" - # For use with Keycloak - # - #- idp_id: keycloak - # idp_name: Keycloak - # issuer: "https://127.0.0.1:8443/auth/realms/my_realm_name" - # client_id: "synapse" - # client_secret: "copy secret generated in Keycloak UI" - # scopes: ["openid", "profile"] - # attribute_requirements: - # - attribute: groups - # value: "admin" - - # For use with Github - # - #- idp_id: github - # idp_name: Github - # idp_brand: github - # discover: false - # issuer: "https://github.com/" - # client_id: "your-client-id" # TO BE FILLED - # client_secret: "your-client-secret" # TO BE FILLED - # authorization_endpoint: "https://github.com/login/oauth/authorize" - # token_endpoint: "https://github.com/login/oauth/access_token" - # userinfo_endpoint: "https://api.github.com/user" - # scopes: ["read:user"] - # user_mapping_provider: - # config: - # subject_claim: "id" - # localpart_template: "{{ user.login }}" - # display_name_template: "{{ user.name }}" - # Enable Central Authentication Service (CAS) for registration and login. # |