Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Keycloak/SSO together with a Matrix - mxisd or matrix-synapse-rest-auth REST authentication password provider module? #96

Closed
vilyaua opened this issue Feb 8, 2019 · 7 comments
Labels
question This issue is a question related to installation

Comments

@vilyaua
Copy link

vilyaua commented Feb 8, 2019

@spantaleev What would you suggest as a final solution to use Keycloak/SSO together with a Matrix ?

We see several auth options on the link
https://github.com/spantaleev/matrix-docker-ansible-deploy

  • (optional, default) an mxisd Matrix Identity server
  • (optional, advanced) the matrix-synapse-rest-auth REST authentication password provider module

Another words do we to deploy mxisd or we need matrix-synapse-rest-auth ?

Originally posted by @eorlovsky in #93 (comment)

@spantaleev
Copy link
Owner

I'm not familiar with Keyclock, but looking at its website, it supports OpenId Connect and SAML.

It doesn't sound like a good fit for the REST Auth plugin.

Maybe you can use Synapse's integrated SAML SSO support?
I'm not sure how well that works, but I've seen something about it in the Synapse config, so maybe it is supported.

The playbook does not support generating a Synapse config with SAML stuff in it (yet), but you can manually edit the /matrix/synapse/config/homeserver.yaml file and restart Synapse (systemctl restart matrix-synapse) and see if you can make it work.

If it's a good fit and it works, it should be easy to add SAML configuration support to this playbook.

@vilyaua
Copy link
Author

vilyaua commented Feb 9, 2019

Thank you, we'll try moving that direction.

@vilyaua
Copy link
Author

vilyaua commented Feb 12, 2019

Good afternoon. @spantaleev!

The access to the installation directory is restricted for the root. Which way is preferable to manually edit configs as you proposed earlier?

Didn't find the password for the matrix user, just UID and GID (991)
Sorry, I'm a newbie as for the Ansible Playbook

@spantaleev
Copy link
Owner

You can edit configuration as root.

For such questions, it may be easier to just come to the support room: https://github.com/spantaleev/matrix-docker-ansible-deploy#support

@spantaleev
Copy link
Owner

I guess we can close this now.

The solution was to use mxisd and a new project available here: https://github.com/perfsys/matrix-mxisd-aws-keycloak-endpoints

@hungrymonkey
Copy link
Contributor

matrix-org/synapse#7256

Openid will added around matrix synapse 1.14 release

@hungrymonkey
Copy link
Contributor

Keycloak docs added
matrix-org/synapse@5c5516f

@luixxiul luixxiul added the question This issue is a question related to installation label Nov 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
question This issue is a question related to installation
Projects
None yet
Development

No branches or pull requests

4 participants