mas-cli start failed

[matrixbot]

This issue was originally created by @MomentQYC at https://github.com/matrix-org/matrix-authentication-service/issues/807.

Error: could not load configuration

Caused by:
    invalid length for key "default.clients.0.client_id" in config.yaml YAML file

config.yaml

http:
  listeners:
  - name: web
    resources:
    - name: discovery
    - name: human
    - name: oauth
    - name: compat
    - name: graphql
      playground: true
    - name: assets
      path: ./frontend/dist/
    - name: spa
      manifest: ./frontend/dist/manifest.json
    binds:
    - address: 0.0.0.0:8083
    proxy_protocol: false
  - name: internal
    resources:
    - name: health
    binds:
    - address: 0.0.0.0:8084
    proxy_protocol: false
  public_base: *
database:
  uri: postgresql://(user):(pwd)@127.0.0.1:5432/(db)?sslmode=disable
  max_connections: 10
  min_connections: 0
  connect_timeout: 30
  idle_timeout: 600
  max_lifetime: 1800
telemetry:
  tracing:
    exporter: none
    propagators: []
  metrics:
    exporter: none
templates:
  path: ./templates/
csrf:
  ttl: 3600
email:
  from: '"Authentication Service" <>'
  reply_to: '"Authentication Service" <>'
  hostname: smtp.*.*
  port: 587
  #credentials: 
  username: *
  password: *
  transport: smtp
  mode: starttls
secrets:
  encryption: *
  keys:
  - kid: *
    key:*
  - kid: *
    key: |
      *
  - kid: *
    key: |
      *  - kid: *
    key: |
    *
passwords:
  schemes:
  - version: 1
    algorithm: argon2id
matrix:
  homeserver: hashi.sbs
policy:
  wasm_module: ./policies/policy.wasm
  client_registration_entrypoint: client_registration/violation
  register_entrypoint: register/violation
  authorization_grant_entrypoint: authorization_grant/violation
#policy:
  data:
    admin_users:
      - (username)
    # Dynamic Client Registration
    client_registration:
      # don't require URIs to be on the same host. default: false
      allow_host_mismatch: true
      # allow non-SSL and localhost URIs. default: false
      allow_insecure_uris: false

    # Registration using passwords
    passwords: 
      # minimum length of a password. default: ?
      min_length: 8
      # require at least one lowercase character in a password. default: false
      require_lowercase: true
      # require at least one uppercase character in a password. default: false
      require_uppercase: true
      # require at least one number in a password. default: false
      require_number: true
clients:
  # Confidential client
  - client_id: "(num)"
    client_auth_method: clent_secret_post
    client_secret: "*"
    # List of authorized redirect URIs
    redirect_uris:
      - "(url)"

[matrixbot]

This comment was originally posted by @sandhose at https://github.com/matrix-org/matrix-authentication-service/issues/807#issuecomment-1399215132.

This is poorly documented, but client_ids must be valid ULIDs: https://matrix-org.github.io/matrix-authentication-service/usage/configuration.html#clients

Also note that this part of the config is not really used by the server, but only by the mas-cli manage import-clients subcommand, which adds the clients in the config to the database

[matrixbot]

This comment was originally posted by @MomentQYC at https://github.com/matrix-org/matrix-authentication-service/issues/807#issuecomment-1399296914.

This is poorly documented, but client_ids must be valid ULIDs: https://matrix-org.github.io/matrix-authentication-service/usage/configuration.html#clients

Also note that this part of the config is not really used by the server, but only by the mas-cli manage import-clients subcommand, which adds the clients in the config to the database

thx,I made it run successfully. But it still doesn't work properly with synapse, how should I write the user_mapping_provider configuration item to make it work?

[matrixbot]

This comment was originally posted by @sandhose at https://github.com/matrix-org/matrix-authentication-service/issues/807#issuecomment-1757901608.

This was most certainly due to the lack of documentation at that time. @MomentQYC if you want to retry setting things up following the improved documentation, please do and open issues if you get stuck on anything