Merge pull request #1124 from N07070/patch-1
Update configuring-playbook-synapse.md
This commit is contained in:
commit
1e46785a0d
|
@ -55,3 +55,22 @@ Certain Synapse administration tasks (managing users and rooms, etc.) can be per
|
||||||
## Synapse + OpenID Connect for Single-Sign-On
|
## Synapse + OpenID Connect for Single-Sign-On
|
||||||
|
|
||||||
If you'd like to use OpenID Connect authentication with Synapse, you'll need some additional reverse-proxy configuration (see [our nginx reverse-proxy doc page](configuring-playbook-nginx.md#synapse-openid-connect-for-single-sign-on)).
|
If you'd like to use OpenID Connect authentication with Synapse, you'll need some additional reverse-proxy configuration (see [our nginx reverse-proxy doc page](configuring-playbook-nginx.md#synapse-openid-connect-for-single-sign-on)).
|
||||||
|
|
||||||
|
In case you encounter errors regarding the parsing of the variables, you can try to add `{%raw}` and `{% endraw %}` blocks around them. For example ;
|
||||||
|
|
||||||
|
```
|
||||||
|
- idp_id: keycloak
|
||||||
|
idp_name: "Keycloak"
|
||||||
|
issuer: "https://url.ix/auth/realms/x"
|
||||||
|
client_id: "matrix"
|
||||||
|
client_secret: "{{ vault_synapse_keycloak }}"
|
||||||
|
scopes: ["openid", "profile"]
|
||||||
|
authorization_endpoint: "https://url.ix/auth/realms/x/protocol/openid-connect/auth"
|
||||||
|
token_endpoint: "https://url.ix/auth/realms/x/protocol/openid-connect/token"
|
||||||
|
userinfo_endpoint: "https://url.ix/auth/realms/x/protocol/openid-connect/userinfo"
|
||||||
|
user_mapping_provider:
|
||||||
|
config:
|
||||||
|
display_name_template: "{%raw}{{ user.given_name }}{% endraw %} {%raw}{{ user.family_name }}{% endraw %}"
|
||||||
|
email_template: "{%raw}{{ user.email }}{% endraw %}"
|
||||||
|
```
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue