6eac7ed2d7
Automatically derive the kid from the key fingerprint if missing ( #4876 )
2025-09-02 17:04:35 +02:00
0a5f05ffe9
Merge branch 'main' into quenting/stable-docs
2025-09-02 14:11:40 +02:00
a65c9afb29
Switch to JWK Thumbprints
2025-08-20 18:22:21 +02:00
d23e5da105
Minor grammatical fixes to access-token.md ( #4917 )
2025-08-19 17:00:04 +01:00
64ed65c89b
Minor grammatical fixes to access-token.md
2025-08-19 12:18:27 +01:00
25260c7d74
Link directly to Localazy branching page in release docs
...
To make it quicker to get to the right page.
2025-08-19 12:14:22 +01:00
850bdd76b0
Docs: Run local tests via cargo-nextest ( #4873 )
2025-08-18 15:51:21 +02:00
13b6994bff
Apply suggestion from @sandhose
2025-08-18 15:44:23 +02:00
6a2d341657
Apply suggestions from code review
...
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com >
2025-08-18 13:44:10 +02:00
ef50efe9e6
Document Synapse integration with the stable feature
2025-08-18 13:38:35 +02:00
a3d1148055
Fix a few more clippy lints
2025-08-18 10:45:20 +02:00
cf997048e4
Add missing branding config to docs ( #4577 )
2025-08-15 12:22:07 +02:00
5ff85b730d
Include simple script to generate an access token
2025-08-12 16:58:00 +02:00
1b7b43b559
Auto-generate kid if not given
2025-08-08 11:38:45 +02:00
2174e2d5ce
Docs: Run local tests via cargo-nextest
...
Mention this specifically in contributing.md since CI also uses this test runner. My attempt to use `cargo test` failed due to PG connection pooling. In any case, unless there are reasons not to, we should keep close to mirroring what we do in CI.
2025-08-07 13:33:59 +03:00
9969898031
Merge branch 'main' into secret_file
2025-08-05 15:37:32 +02:00
f302711a37
Make MAS use the modern Synapse API by default
2025-08-05 15:03:32 +02:00
884c66891a
Merge branch 'main' into secret_file
2025-08-05 11:17:39 +02:00
c6ae5c7557
Add clients.[].client_secret_file config option ( #4857 )
2025-08-05 11:17:00 +02:00
a7e7c3caa1
Add clients.[].client_secret_file config option
2025-08-04 19:32:39 +02:00
7e018a06aa
Merge remote-tracking branch 'origin/main' into quenting/stable-api
2025-08-04 16:38:49 +02:00
d4a318a8ae
Add matrix.secret_file config option
2025-07-29 19:46:07 +02:00
97cd5d86ba
docs: Remove requirement for arbitrary KIDs ( #4807 )
2025-07-23 12:38:47 +02:00
858b388eec
KIDs must be stable across restarts
2025-07-23 12:31:38 +02:00
da94650706
Fix wording
2025-07-23 09:43:43 +02:00
2ecc502b05
Adapt markdown formatting
2025-07-23 09:39:52 +02:00
5587dd37e3
docs: Remove requirement for arbitrary KIDs
2025-07-21 18:37:03 +02:00
cfa9a23d86
Merge branch 'main' into feat/allow_override_user
2025-07-21 17:03:35 +02:00
832244675d
Threaten to switch to using the modern API in a few releases.
2025-07-21 13:15:48 +02:00
98912f4ada
allow importing existing users when the localpart matches in upstream OAuth 2.0 logins
2025-07-21 09:52:24 +02:00
c649603830
Use the new dedicated Synapse API
2025-07-18 16:39:24 +02:00
b83c747f37
Allow skipping GDPR-erasure when deactivating a user through the admin API ( #4744 )
2025-07-17 09:15:25 +02:00
d807975137
Decouple (un)locking from (re/de)activation
...
Unify the admin API, CLI, and GraphQL API in not having the unlock
command also reactivate, or the deactivate command also lock.
Still let the unlock command of the CLI and GraphQL API to also
reactivate the target user, albeit as a non-default option.
2025-07-16 14:17:01 -04:00
6c1afee13d
Separate active state from lock state in admin API
...
- Allow the admin API to deactivate a user without locking it, and to
unlock a user without reactivating it.
- Make unlock-and-reactivate flows unset the "deactivated_at" timestamp.
- Revert adding an "unlock" parameter on `ReactivateUserJob`, as the
option is used only by the admin API which doesn't use a job.
2025-07-16 14:17:01 -04:00
13a21cc018
Update schema
2025-07-16 14:17:01 -04:00
a8b8c8e31c
Add admin API endpoint to reactivate user
2025-07-16 14:17:01 -04:00
49f2daeaa9
Negate erase option and make optional
...
This makes it more intuitive for an empty request body to be equivalent
to the option being set to false.
2025-07-14 01:02:51 -04:00
bad090adb5
Merge with 'main'
2025-07-11 09:50:38 -04:00
1101dd95e8
Force optional request body for JSON schema
2025-07-10 13:26:58 -04:00
5bdc270a54
Fix link title
...
Signed-off-by: Johannes Marbach <n0-0ne+github@mailbox.org >
2025-07-10 11:31:59 +02:00
2e101d9c4c
Docs: fix link to build GitHub Actions workflow
2025-07-08 12:43:19 +01:00
972c50d6a3
Require "erase" key in deactivation request body
...
If body is absent, treat "erase" as true.
If body is present, require "erase" to be present in the body.
2025-07-04 14:30:42 -04:00
3bc3db1527
Add documentation for backchannel logout
2025-07-04 16:27:10 +02:00
8d6621f00e
Log out oauth & compat sessions when receiving a backchannel logout request
2025-07-04 16:27:10 +02:00
e28ffccc3a
Backchannel logout behavior settings on upstream providers
2025-07-04 16:27:10 +02:00
aad422110c
Add "erase" option to REST deactivate request body
...
This allows using the endpoint to deactivate a user without deleting it.
TODO: make the request body optional.
2025-07-03 13:22:17 -04:00
15408d32d8
Update the admin API doc to use stable scope in the example
2025-06-13 15:57:53 +02:00
d27f7e3cd9
Mention the stable scopes in the doc, remove the guest scope
2025-06-13 15:56:13 +02:00
6ba9823482
README, contribution and release documentation ( #4675 )
2025-06-12 09:17:22 +02:00
2c8f8f3623
Apply suggestions from code review
...
Co-authored-by: Will Lewis <1543626+wrjlewis@users.noreply.github.com >
2025-06-12 09:11:03 +02:00
Quentin Gliech