From aa5c0592e72e7ef8c015208e9947b385e6a87e59 Mon Sep 17 00:00:00 2001 From: villepeh <100730729+villepeh@users.noreply.github.com> Date: Mon, 15 May 2023 12:17:24 +0300 Subject: Update Mastodon SSO instructions (#15587) --- docs/openid.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/openid.md b/docs/openid.md index 73f1e06121..9773a7de52 100644 --- a/docs/openid.md +++ b/docs/openid.md @@ -569,7 +569,7 @@ You should receive a response similar to the following. Make sure to save it. {"client_id":"someclientid_123","client_secret":"someclientsecret_123","id":"12345","name":"my_synapse_app","redirect_uri":"https://[synapse_public_baseurl]/_synapse/client/oidc/callback","website":null,"vapid_key":"somerandomvapidkey_123"} ``` -As the Synapse login mechanism needs an attribute to uniquely identify users, and Mastodon's endpoint does not return a `sub` property, an alternative `subject_claim` has to be set. Your Synapse configuration should include the following: +As the Synapse login mechanism needs an attribute to uniquely identify users, and Mastodon's endpoint does not return a `sub` property, an alternative `subject_template` has to be set. Your Synapse configuration should include the following: ```yaml oidc_providers: @@ -585,7 +585,9 @@ oidc_providers: scopes: ["read"] user_mapping_provider: config: - subject_claim: "id" + subject_template: "{{ user.id }}" + localpart_template: "{{ user.username }}" + display_name_template: "{{ user.display_name }}" ``` Note that the fields `client_id` and `client_secret` are taken from the CURL response above. -- cgit 1.4.1