Document importance of public_baseurl for delegation and OIDC (#19270)
Some checks failed
Build docker images / Build and push image for ${{ matrix.platform }} (linux/amd64, ubuntu-24.04, linux-amd64) (push) Has been cancelled
Build docker images / Build and push image for ${{ matrix.platform }} (linux/arm64, ubuntu-24.04-arm, linux-arm64) (push) Has been cancelled
Deploy the documentation / Calculate variables for GitHub Pages deployment (push) Has been cancelled
Build release artifacts / Calculate list of debian distros (push) Has been cancelled
Build release artifacts / Build wheels on ${{ matrix.os }} (${{ startsWith(github.ref, 'refs/pull/') }}, ubuntu-24.04) (push) Has been cancelled
Build release artifacts / Build wheels on ${{ matrix.os }} (${{ startsWith(github.ref, 'refs/pull/') }}, ubuntu-24.04-arm) (push) Has been cancelled
Build release artifacts / Build sdist (push) Has been cancelled
Schema / Ensure Synapse config schema is valid (push) Has been cancelled
Schema / Ensure generated documentation is up-to-date (push) Has been cancelled
Tests / changes (push) Has been cancelled
Tests / check-lockfile (push) Has been cancelled
Tests / lint-crlf (push) Has been cancelled
Tests / lint-newsfile (push) Has been cancelled
Build docker images / Push merged images to ${{ matrix.repository }} (docker.io/matrixdotorg/synapse) (push) Has been cancelled
Build docker images / Push merged images to ${{ matrix.repository }} (ghcr.io/element-hq/synapse) (push) Has been cancelled
Deploy the documentation / GitHub Pages (push) Has been cancelled
Build release artifacts / Build .deb packages (push) Has been cancelled
Build release artifacts / Attach assets to release (push) Has been cancelled
Tests / check-sampleconfig (push) Has been cancelled
Tests / check-schema-delta (push) Has been cancelled
Tests / lint (push) Has been cancelled
Tests / Typechecking (push) Has been cancelled
Tests / lint-clippy (push) Has been cancelled
Tests / lint-clippy-nightly (push) Has been cancelled
Tests / lint-rust (push) Has been cancelled
Tests / lint-rustfmt (push) Has been cancelled
Tests / lint-readme (push) Has been cancelled
Tests / linting-done (push) Has been cancelled
Tests / calculate-test-jobs (push) Has been cancelled
Tests / trial (push) Has been cancelled
Tests / trial-olddeps (push) Has been cancelled
Tests / trial-pypy (all, pypy-3.10) (push) Has been cancelled
Tests / sytest (push) Has been cancelled
Tests / export-data (push) Has been cancelled
Tests / portdb (14, 3.10) (push) Has been cancelled
Tests / portdb (17, 3.14) (push) Has been cancelled
Tests / complement (monolith, Postgres) (push) Has been cancelled
Tests / complement (monolith, SQLite) (push) Has been cancelled
Tests / complement (workers, Postgres) (push) Has been cancelled
Tests / cargo-test (push) Has been cancelled
Tests / cargo-bench (push) Has been cancelled
Tests / tests-done (push) Has been cancelled
Some checks failed
Build docker images / Build and push image for ${{ matrix.platform }} (linux/amd64, ubuntu-24.04, linux-amd64) (push) Has been cancelled
Build docker images / Build and push image for ${{ matrix.platform }} (linux/arm64, ubuntu-24.04-arm, linux-arm64) (push) Has been cancelled
Deploy the documentation / Calculate variables for GitHub Pages deployment (push) Has been cancelled
Build release artifacts / Calculate list of debian distros (push) Has been cancelled
Build release artifacts / Build wheels on ${{ matrix.os }} (${{ startsWith(github.ref, 'refs/pull/') }}, ubuntu-24.04) (push) Has been cancelled
Build release artifacts / Build wheels on ${{ matrix.os }} (${{ startsWith(github.ref, 'refs/pull/') }}, ubuntu-24.04-arm) (push) Has been cancelled
Build release artifacts / Build sdist (push) Has been cancelled
Schema / Ensure Synapse config schema is valid (push) Has been cancelled
Schema / Ensure generated documentation is up-to-date (push) Has been cancelled
Tests / changes (push) Has been cancelled
Tests / check-lockfile (push) Has been cancelled
Tests / lint-crlf (push) Has been cancelled
Tests / lint-newsfile (push) Has been cancelled
Build docker images / Push merged images to ${{ matrix.repository }} (docker.io/matrixdotorg/synapse) (push) Has been cancelled
Build docker images / Push merged images to ${{ matrix.repository }} (ghcr.io/element-hq/synapse) (push) Has been cancelled
Deploy the documentation / GitHub Pages (push) Has been cancelled
Build release artifacts / Build .deb packages (push) Has been cancelled
Build release artifacts / Attach assets to release (push) Has been cancelled
Tests / check-sampleconfig (push) Has been cancelled
Tests / check-schema-delta (push) Has been cancelled
Tests / lint (push) Has been cancelled
Tests / Typechecking (push) Has been cancelled
Tests / lint-clippy (push) Has been cancelled
Tests / lint-clippy-nightly (push) Has been cancelled
Tests / lint-rust (push) Has been cancelled
Tests / lint-rustfmt (push) Has been cancelled
Tests / lint-readme (push) Has been cancelled
Tests / linting-done (push) Has been cancelled
Tests / calculate-test-jobs (push) Has been cancelled
Tests / trial (push) Has been cancelled
Tests / trial-olddeps (push) Has been cancelled
Tests / trial-pypy (all, pypy-3.10) (push) Has been cancelled
Tests / sytest (push) Has been cancelled
Tests / export-data (push) Has been cancelled
Tests / portdb (14, 3.10) (push) Has been cancelled
Tests / portdb (17, 3.14) (push) Has been cancelled
Tests / complement (monolith, Postgres) (push) Has been cancelled
Tests / complement (monolith, SQLite) (push) Has been cancelled
Tests / complement (workers, Postgres) (push) Has been cancelled
Tests / cargo-test (push) Has been cancelled
Tests / cargo-bench (push) Has been cancelled
Tests / tests-done (push) Has been cancelled
I just stumbled across the fact that my config used delegation as recommended by the docs, and hosted Synapse on a subdomain. However my config never had `public_baseurl` set and worked without issues, until I just now tried to setup OIDC. OIDC is initialized by the client instructing to open a URL on the homeserver, and initially the correct URL is called, but Synapse does not recognize it without `public_baseurl` being set correctly. After changing this it immediately started working. So in order to prevent anybody from making the same mistake, this adds a small clarifying block in the OIDC docs.
This commit is contained in:
Andre Klärner
GitHub
parent
df24e0f302
commit
466994743a
1
changelog.d/19270.doc
Normal file
1
changelog.d/19270.doc
Normal file
@ -0,0 +1 @@
|
||||
Document the importance of `public_baseurl` when configuring OpenID Connect authentication.
|
||||
@ -50,6 +50,11 @@ setting in your configuration file.
|
||||
See the [configuration manual](usage/configuration/config_documentation.md#oidc_providers) for some sample settings, as well as
|
||||
the text below for example configurations for specific providers.
|
||||
|
||||
For setups using [`.well-known` delegation](delegate.md), make sure
|
||||
[`public_baseurl`](usage/configuration/config_documentation.md#public_baseurl) is set
|
||||
appropriately. If unset, Synapse defaults to `https://<server_name>/` which is used in
|
||||
the OIDC callback URL.
|
||||
|
||||
## OIDC Back-Channel Logout
|
||||
|
||||
Synapse supports receiving [OpenID Connect Back-Channel Logout](https://openid.net/specs/openid-connect-backchannel-1_0.html) notifications.
|
||||
|
||||
Loading…
Reference in New Issue
Block a user