Using matrix-corporal without password-login

[shukon]

Hi, I've been going back and forth through synapse docs and issues and corporal. I want to use matrix-corporal but disable password-login auth flow. I'm using only Keycloak as an auth-provider and have non-technical users, so I'd like them not to have the option of typing in a username-password, because they have to log in via SSO-button.

However, to deactivate the username-password-flow I have to deactivate password-login in synapse altogether. This makes it impossible for matrix-corporal to get the access-tokens and manage the users.

Is there any way to solve this? I wondered if I could:

• leave on the username-password-flow but automatically pass them on to keycloak in the background (is that possible?)
• get the access token with matrix-corporal in some other way

[starcraft66]

I voiced some additional concerns regarding OIDC authentication here: https://github.com/devture/matrix-corporal/issues/7#issuecomment-1341978316

Looks like this project isn't ready to support OIDC login for the time being.