Hello
I was just looking into the matrix server and client applications and am wondering which one besides element and synapse support SSO or/and LDAP?
What I want is that users with a Yunohost account can use SSO to sign in to the server and web client and I want all users to be created automatically on the Matrix server.
Refrain from bumping the thread not even a day after your post.
As of today, Synapse is the sole app implementing YunoHost’s SSO. If I understand correctly the relationship between servers and clients, only the servers are responsible for providing an login endpoint with the proper credentials, so the SSO and LDAP integration depend only on them.
Do I understand correctly, the authentication of users is done from webclient to matrix server directly? Makes sense of course.
I had Synapse installed some time back, I thought that any Yunohost user will be able to login to Matrix with the same credentials as the Yunohost credentials? Wasn’t it like that?
So Conduit and Dendrite require users to be created manually, I think for Synapse the users were all created during installation or even afterwards and I assumed that this is LDAP then. My experience dates back several years, so it might be tainted.
I was trying to find this information, but Dendrite and Conduit pages seem not to be created yet.
Yes, the client asks the server for authentication. In the case of Synapse, it will hit a CAS (central authentication server) endpoint that runs a PHP script that checks the server variables set by YunoHost SSO. If needed, it prompts for user login.
That is correct for user creation, with the mechanism described above. User removal from YunoHost will not delete users from the Synapse server.
or registration to be opened to all or with a registration link. Coming “soon” to Dendrite.
The upstream apps documentation is always the ultimate source of truth. We have limited resources to write documentation pages for all our catalog.
