diff options
| author | Richard van der Hoff <1389908+richvdh@users.noreply.github.com> | 2021-01-27 21:28:59 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-01-27 21:28:59 +0000 |
| commit | 869667760f571c9edebab660061e17035d57f182 (patch) | |
| tree | 0ea90b7f0a234fb47fcafe130f21fadd780124e4 /synapse/config/oidc_config.py | |
| parent | Merge tag 'v1.26.0' into social_login (diff) | |
| download | synapse-869667760f571c9edebab660061e17035d57f182.tar.xz | |
Support for scraping email addresses from OIDC providers (#9245)
Diffstat (limited to 'synapse/config/oidc_config.py')
| -rw-r--r-- | synapse/config/oidc_config.py | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/synapse/config/oidc_config.py b/synapse/config/oidc_config.py index bfeceeed18..8237b2e797 100644 --- a/synapse/config/oidc_config.py +++ b/synapse/config/oidc_config.py @@ -143,9 +143,9 @@ class OIDCConfig(Config): # # For the default provider, the following settings are available: # - # sub: name of the claim containing a unique identifier for the - # user. Defaults to 'sub', which OpenID Connect compliant - # providers should provide. + # subject_claim: name of the claim containing a unique identifier + # for the user. Defaults to 'sub', which OpenID Connect + # compliant providers should provide. # # localpart_template: Jinja2 template for the localpart of the MXID. # If this is not set, the user will be prompted to choose their @@ -154,6 +154,9 @@ class OIDCConfig(Config): # display_name_template: Jinja2 template for the display name to set # on first login. If unset, no displayname will be set. # + # email_template: Jinja2 template for the email address of the user. + # If unset, no email address will be added to the account. + # # extra_attributes: a map of Jinja2 templates for extra attributes # to send back to the client during login. # Note that these are non-standard and clients will ignore them @@ -189,6 +192,12 @@ class OIDCConfig(Config): # userinfo_endpoint: "https://accounts.example.com/userinfo" # jwks_uri: "https://accounts.example.com/.well-known/jwks.json" # skip_verification: true + # user_mapping_provider: + # config: + # subject_claim: "id" + # localpart_template: "{{ user.login }}" + # display_name_template: "{{ user.name }}" + # email_template: "{{ user.email }}" # For use with Keycloak # |