0ab0f13c7c
Match suffixes and prefixes in string constraints
2025-02-17 16:40:10 +01:00
b603b32186
Update the policy documentation
2025-02-17 15:43:25 +01:00
ffb6e2e9be
Fix the HTTP status code for the user creation admin endpoint ( #4040 )
2025-02-14 15:01:58 +01:00
be1da26bd8
Fix the HTTP status code for the user creation admin endpoint
2025-02-14 14:54:22 +01:00
a8b03bbd86
Admin API to add user emails
2025-02-14 14:50:47 +01:00
344794bb0b
Admin API to delete user emails
2025-02-14 14:50:46 +01:00
f2ef058283
Experimental feature to automatically expire inactive sessions ( #4022 )
...
Fixes #1875
This adds an experimental feature which allows expiring sessions that
are inactive for a certain amount of time.
It runs as a scheduled task every 15 minutes, checking for the 'last
activity' on each session type.
It processes sessions by batches of 100 at a time, to avoid overloading
Synapse when syncing back the database.
It expires:
- all user (browser) sessions
- all compatibility sessions
- oauth sessions which are:
- for a user
- using a 'dynamic' client (so the sessions started from clients defined
in the config are excluded)
2025-02-13 10:33:00 +01:00
25d3dbd07c
Simplify the setup documentation introduction ( #3994 )
2025-02-13 09:08:26 +01:00
da944ccde7
Update README.md
...
Amended issuer.
2025-02-13 18:03:51 +11:00
7bfb1a155e
Add documentation for session timeout configuration
2025-02-12 17:34:23 +01:00
dab640aa51
Allow filtering sessions by client kind (dynamic or static)
2025-02-12 17:31:21 +01:00
935400d87b
Experimental feature to timeout inactive sessions
2025-02-12 17:31:21 +01:00
a7ae36e1ce
Allow filtering by subject in the upstream OAuth links admin API
2025-02-12 11:07:11 +01:00
c880a3dbac
Admin API to list and get upstream OAuth links
2025-02-12 10:51:31 +01:00
91d4d0ea39
Load Swagger UI earlier
2025-02-11 19:16:59 +01:00
3d36b234f3
Enable operation deep-linking in the admin API docs
2025-02-11 19:06:19 +01:00
9216d547ea
Fix the user session admin API docs
2025-02-11 17:09:33 +01:00
3792cd4f3b
Admin API to list and get user sessions ( #4004 )
...
Similar to #4002 , this adds an admin API to list and get user (browser
cookies) sessions
2025-02-11 16:38:21 +01:00
2a9fb26265
Admin API to list and get user sessions
2025-02-11 14:24:16 +01:00
c881fb24f5
Fix the definition of the set-password success response in the OpenAPI spec
2025-02-11 13:54:15 +01:00
42841cea3e
Admin API to list and get compatibility sessions
2025-02-11 12:01:54 +01:00
36e9d62db3
Admin API to list and get user emails ( #4001 )
...
This adds endpoints to get and list user emails.
I chose to not scope them to users, so listing the emails for a user
means listing emails with a user filter
2025-02-10 17:24:46 +01:00
7b63b8d191
Update links to policy files ( #3982 )
2025-02-10 17:23:45 +01:00
7ade439ac3
Admin API to list and get user emails
2025-02-10 17:13:55 +01:00
ee9eeea648
Update README.md
2025-02-09 13:07:31 +11:00
76cdbc0ef0
Add reference to worker page
2025-02-07 13:57:28 +00:00
20ee39af20
Add documentation to account for all cli mas options and standardise format
2025-02-07 13:38:36 +00:00
485e742ee4
Update links to policy files
2025-02-06 15:41:55 -07:00
fbbbf5b8fd
Merge pull request #3790 from Stogas/patch-1
...
Add 'introspection_endpoint' to homeserver config example
2025-01-28 10:10:27 +01:00
a8e7749a07
Clarify why one would override the introspection_endpoint
2025-01-28 10:02:06 +01:00
e5b6e1e8c2
Add pre-migration checks to syn2mas ( #3805 )
...
This matches or exceeds `advisor.mts` from the old tool.
Co-authored-by: Quentin Gliech <quenting@element.io >
2025-01-27 18:01:46 +00:00
ef077d0e51
Rate-limit email authentications
2025-01-23 12:09:26 +01:00
0513f198d8
Rip out the email verification codes
...
This considers all user_emails as confirmed, and removes the verification code.
It will be replaced by a new email authentication code flow
2025-01-14 15:46:45 +01:00
713bdeca75
Add 'introspection_endpoint' to homeserver config example
...
This value was previously undocumented, but helpful in our case to access MAS within the same K8s cluster
Signed-off-by: Ovidijus Balkauskas <570945@gmail.com >
2025-01-13 14:10:34 +02:00
6ba8554bc7
Document the response_mode parameter
2025-01-06 11:59:53 +01:00
cd078cb567
Document the new usptream OAuth 2.0 configuration options
2025-01-06 11:59:53 +01:00
1434429b6c
Include example SSO config for Rauthy. ( #3725 )
...
Co-authored-by: Quentin Gliech <quenting@element.io >
2024-12-19 15:26:02 +00:00
a97d2daa3d
Make the issue optional on upstream OAuth 2.0 providers
2024-12-17 13:40:34 +01:00
80903ed629
Add id_token_signed_response_alg and userinfo_signed_response_alg ( #3664 )
2024-12-17 11:54:16 +01:00
93ddaeefc3
Add documentation against using database transaction poolers ( #3617 )
2024-12-05 11:28:22 +00:00
2e3b8bdd86
Allow setting an explicit upstream account name ( #3600 )
2024-11-29 12:30:18 +01:00
56edcb4e52
Add fetch_userinfo to upstream SSO provider ( #3363 )
2024-11-26 15:01:03 +00:00
a0c2ce67ba
Update configuration.md to include a missing parameter
2024-11-26 13:17:52 +01:00
93bbfabf8e
Document how to set up Sign-in with Apple
2024-11-22 08:48:00 +01:00
6efe8bf45a
Allow setting the response_mode on upstream OAuth 2.0 providers
2024-11-22 08:48:00 +01:00
ab4f438464
Support Sign in with Apple
2024-11-22 08:48:00 +01:00
ba6d69b4a4
fix sso exemple config for authelia
2024-11-18 08:47:38 +01:00
1a7f34b0ff
Add note about password schemes to migration docs
2024-11-18 08:46:51 +01:00
c13c8860c5
Add SSO sample configuration for Authelia
...
Signed-off-by: Thilo-Alexander Ginkel <tg@tgbyte.de >
2024-10-25 09:00:45 +02:00
093809cad8
Fix link to setup docs for the mdbook
...
https://rust-lang.github.io/mdBook/format/markdown.html?highlight=readm#links
"Links to README.md will be converted to index.html. This is done since some services like GitHub render README files automatically, but web servers typically expect the root file to be called index.html."
2024-10-01 14:39:52 +02:00
Quentin Gliech