97cd5d86ba
docs: Remove requirement for arbitrary KIDs ( #4807 )
2025-07-23 12:38:47 +02:00
858b388eec
KIDs must be stable across restarts
2025-07-23 12:31:38 +02:00
da94650706
Fix wording
2025-07-23 09:43:43 +02:00
2ecc502b05
Adapt markdown formatting
2025-07-23 09:39:52 +02:00
5587dd37e3
docs: Remove requirement for arbitrary KIDs
2025-07-21 18:37:03 +02:00
cfa9a23d86
Merge branch 'main' into feat/allow_override_user
2025-07-21 17:03:35 +02:00
832244675d
Threaten to switch to using the modern API in a few releases.
2025-07-21 13:15:48 +02:00
98912f4ada
allow importing existing users when the localpart matches in upstream OAuth 2.0 logins
2025-07-21 09:52:24 +02:00
c649603830
Use the new dedicated Synapse API
2025-07-18 16:39:24 +02:00
b83c747f37
Allow skipping GDPR-erasure when deactivating a user through the admin API ( #4744 )
2025-07-17 09:15:25 +02:00
d807975137
Decouple (un)locking from (re/de)activation
...
Unify the admin API, CLI, and GraphQL API in not having the unlock
command also reactivate, or the deactivate command also lock.
Still let the unlock command of the CLI and GraphQL API to also
reactivate the target user, albeit as a non-default option.
2025-07-16 14:17:01 -04:00
6c1afee13d
Separate active state from lock state in admin API
...
- Allow the admin API to deactivate a user without locking it, and to
unlock a user without reactivating it.
- Make unlock-and-reactivate flows unset the "deactivated_at" timestamp.
- Revert adding an "unlock" parameter on `ReactivateUserJob`, as the
option is used only by the admin API which doesn't use a job.
2025-07-16 14:17:01 -04:00
13a21cc018
Update schema
2025-07-16 14:17:01 -04:00
a8b8c8e31c
Add admin API endpoint to reactivate user
2025-07-16 14:17:01 -04:00
49f2daeaa9
Negate erase option and make optional
...
This makes it more intuitive for an empty request body to be equivalent
to the option being set to false.
2025-07-14 01:02:51 -04:00
bad090adb5
Merge with 'main'
2025-07-11 09:50:38 -04:00
1101dd95e8
Force optional request body for JSON schema
2025-07-10 13:26:58 -04:00
5bdc270a54
Fix link title
...
Signed-off-by: Johannes Marbach <n0-0ne+github@mailbox.org >
2025-07-10 11:31:59 +02:00
2e101d9c4c
Docs: fix link to build GitHub Actions workflow
2025-07-08 12:43:19 +01:00
972c50d6a3
Require "erase" key in deactivation request body
...
If body is absent, treat "erase" as true.
If body is present, require "erase" to be present in the body.
2025-07-04 14:30:42 -04:00
3bc3db1527
Add documentation for backchannel logout
2025-07-04 16:27:10 +02:00
8d6621f00e
Log out oauth & compat sessions when receiving a backchannel logout request
2025-07-04 16:27:10 +02:00
e28ffccc3a
Backchannel logout behavior settings on upstream providers
2025-07-04 16:27:10 +02:00
aad422110c
Add "erase" option to REST deactivate request body
...
This allows using the endpoint to deactivate a user without deleting it.
TODO: make the request body optional.
2025-07-03 13:22:17 -04:00
6ba9823482
README, contribution and release documentation ( #4675 )
2025-06-12 09:17:22 +02:00
2c8f8f3623
Apply suggestions from code review
...
Co-authored-by: Will Lewis <1543626+wrjlewis@users.noreply.github.com >
2025-06-12 09:11:03 +02:00
af9765b0e2
Update the contributing guidelines
2025-06-11 15:57:12 +02:00
b0b940a20e
Release documentation
2025-06-11 15:16:41 +02:00
1546318084
Remove optional features from mas-iana & regenerate
...
Also ignores 'TEMPORARY' items in the IANA registry
2025-06-10 14:25:38 +02:00
8df03bf185
Support for experimental plan management tab in UI ( #4549 )
2025-06-10 14:14:24 +02:00
ed31b2f4f9
Admin API to un-revoke and edit registration tokens ( #4637 )
2025-06-06 12:56:43 +02:00
037d90bb1a
Update schemas
2025-06-06 10:45:23 +01:00
52942ee94e
Admin API to edit registration tokens
2025-06-05 18:22:16 +02:00
c8f2a2146c
Admin API to un-revoke a user registration token.
2025-06-05 16:56:42 +02:00
50b41a6613
Add secrets.encryption_file config option ( #4617 )
2025-06-05 15:14:55 +02:00
ae71b75ce1
config: Refactor parsing of secrets section ( #4602 )
2025-06-05 15:13:00 +02:00
187838802d
Update encryption secret warning in docs
2025-06-04 14:50:54 +02:00
3ac2e983bb
Skip encryption serialization if None
...
Signed-off-by: Kai A. Hiller <git@kaialexhiller.de >
2025-06-04 11:53:43 +02:00
fbee4bfe8c
Document secrets.encryption_file
...
Signed-off-by: Kai A. Hiller <git@kaialexhiller.de >
2025-06-04 11:42:51 +02:00
12e9d025d7
Add whether the registration is valid or not in the admin API
2025-06-03 17:42:55 +02:00
5d13691acd
CLI tool to issue user registration tokens
2025-06-03 17:42:55 +02:00
723302fd97
Admin API to revoke user registration tokens
2025-06-03 17:42:54 +02:00
aa7c6b35bc
Admin API to create a new user registration token
2025-06-03 17:42:54 +02:00
6000719b29
Admin API to get individual user registration tokens
2025-06-03 17:42:54 +02:00
322c8545bb
Admin API to list user registration tokens
2025-06-03 17:42:54 +02:00
685f4761cd
Add config flag to require registration tokens for password registrations
2025-06-03 17:42:53 +02:00
c8cbb7329e
Add secrets.encryption_file config option
...
Signed-off-by: Kai A. Hiller <git@kaialexhiller.de >
2025-06-02 18:39:19 +02:00
ec693edb72
Refactor key options in secret config
...
Signed-off-by: Kai A. Hiller <git@kaialexhiller.de >
2025-06-02 14:06:43 +02:00
e92d16c35c
Refactor password options in secret config
...
Signed-off-by: Kai A. Hiller <git@kaialexhiller.de >
2025-06-02 14:06:43 +02:00
b0fcf0bf78
Add KeyConfig doc comment
...
Signed-off-by: Kai A. Hiller <git@kaialexhiller.de >
2025-06-02 14:06:43 +02:00
Quentin Gliech