Keycloak/SSO together with a Matrix - mxisd or matrix-synapse-rest-auth REST authentication password provider module? about matrix-docker-ansible-deploy HOT 7 CLOSED

matrix-org/synapse#7256

Openid will added around matrix synapse 1.14 release

from matrix-docker-ansible-deploy.

I'm not familiar with Keyclock, but looking at its website, it supports OpenId Connect and SAML.

It doesn't sound like a good fit for the REST Auth plugin.

Maybe you can use Synapse's integrated SAML SSO support?
I'm not sure how well that works, but I've seen something about it in the Synapse config, so maybe it is supported.

The playbook does not support generating a Synapse config with SAML stuff in it (yet), but you can manually edit the /matrix/synapse/config/homeserver.yaml file and restart Synapse (systemctl restart matrix-synapse) and see if you can make it work.

If it's a good fit and it works, it should be easy to add SAML configuration support to this playbook.

from matrix-docker-ansible-deploy.

Thank you, we'll try moving that direction.

from matrix-docker-ansible-deploy.

Good afternoon. @spantaleev!

The access to the installation directory is restricted for the root. Which way is preferable to manually edit configs as you proposed earlier?

Didn't find the password for the matrix user, just UID and GID (991)
Sorry, I'm a newbie as for the Ansible Playbook

from matrix-docker-ansible-deploy.

You can edit configuration as root.

For such questions, it may be easier to just come to the support room: https://github.com/spantaleev/matrix-docker-ansible-deploy#support

from matrix-docker-ansible-deploy.

I guess we can close this now.

The solution was to use mxisd and a new project available here: https://github.com/perfsys/matrix-mxisd-aws-keycloak-endpoints

from matrix-docker-ansible-deploy.

Keycloak docs added
matrix-org/synapse@5c5516f

from matrix-docker-ansible-deploy.