Closed afontenot closed 12 months ago
Credentials control a device, and hence a user. Credentials do not control rooms. In other words you cannot have 2 different credentials C1 and C2 for the same given user U such that C1 has only access to room R1 and C2 has only access to R2. User U will always have access to both R1 and R2. This is the way Matrix
works.
But you can use 2 different credential files that only vary in the field room_id
thereby having 2 different default rooms. Both credential files have the same permissions, etc. but they have 2 different default rooms. Little is gained here because you can always specify the room via the command line options. Normally you have different 1 credentials file per user.
Documentation should read:
Since the credentials file holds an access token it should be protected and secured. One can use different credential files for different users or different default rooms.
@8go thanks, I appreciate the clarification.
@afontenot You are welcome
It's clear enough how one would use different credential files for different users, but how can I enforce the use of different credential files for different rooms?
To give a simple use case, I'd like to create a room, invite a matrix-commander device to it (using my account details), and then have the credentials only allow access to that one room, not the ability to control everything else on my account. Maybe this is something that is not currently possible with Matrix, but the README (to my reading) implies that it is possible. Otherwise the different credential files for different rooms amounts to "asking nicely", since the files would really be per-user.