Cynn1989 Csalguero1989@gmail.com

[Cynn1989]

Description:

oidc_providers:

• idp_id: microsoft idp_name: Microsoft issuer: "https://login.microsoftonline.com//v2.0" client_id: "" client_secret: "" scopes: ["openid", "profile"] authorization_endpoint: "https://login.microsoftonline.com//oauth2/v2.0/authorize" token_endpoint: "https://login.microsoftonline.com//oauth2/v2.0/token" userinfo_endpoint: "https://graph.microsoft.com/oidc/userinfo"

  user_mapping_provider: config: localpart_template: "{{ user.preferred_username.split('@')[0] }}" display_name_template: "{{ user.name }}"

• idp_id: apple idp_name: Apple issuer: "https://appleid.apple.com" client_id: "your-client-id" # Set to the "identifier" for your "ServicesID" client_auth_method: "client_secret_post" client_secret_jwt_key: key_file: "/path/to/AuthKey_KEYIDCODE.p8" # point to your key file jwt_header: alg: ES256 kid: "KEYIDCODE" # Set to the 10-char Key ID jwt_payload: iss: TEAMIDCODE # Set to the 10-char Team ID scopes: ["name", "email", "openid"] authorization_endpoint: https://appleid.apple.com/auth/authorize?response_mode=form_post user_mapping_provider: config: email_template: "{{ user.email }}" oidc_providers:
• idp_id: auth0 idp_name: Auth0 issuer: "https://your-tier.eu.auth0.com/" # TO BE FILLED client_id: "your-client-id" # TO BE FILLED client_secret: "your-client-secret" # TO BE FILLED scopes: ["openid", "profile"] user_mapping_provider: config: localpart_template: "{{ user.preferred_username }}" display_name_template: "{{ user.name }}" oidc_providers:
• idp_id: authentik idp_name: authentik discover: true issuer: "https://your.authentik.example.org/application/o/your-app-slug/" # TO BE FILLED: domain and slug client_id: "your client id" # TO BE FILLED client_secret: "your client secret" # TO BE FILLED scopes:
  • "openid"
  • "profile"
  • "email" user_mapping_provider: config: localpart_template: "{{ user.preferred_username }}" display_name_template: "{{ user.preferred_username|capitalize }}" # TO BE FILLED: If your users have names in Authentik and you want those in Synapse, this should be replaced with user.name|capitalize. staticClients:
    • id: synapse secret: secret redirectURIs:
• '[synapse public baseurl]/_synapse/client/oidc/callback' name: 'Synapse'oidc_providers:
• idp_id: django_example idp_name: "Django Example" issuer: "https://example.com/o/" client_id: "your-client-id" # CHANGE ME client_secret: "your-client-secret" # CHANGE ME scopes: ["openid"] user_profile_method: "userinfo_endpoint" # needed because oauth-toolkit does not include user information in the authorization response user_mapping_provider: config: localpart_template: "{{ user.email.split('@')[0] }}" display_name_template: "{{ user.first_name }} {{ user.last_name }}" email_template: "{{ user.email }}"
• idp_id: facebook idp_name: Facebook idp_brand: "facebook" # optional: styling hint for clients discover: false issuer: "https://www.facebook.com" client_id: "your-client-id" # TO BE FILLED client_secret: "your-client-secret" # TO BE FILLED scopes: ["openid", "email"] authorization_endpoint: "https://facebook.com/dialog/oauth" token_endpoint: "https://graph.facebook.com/v9.0/oauth/access_token" jwks_uri: "https://www.facebook.com/.well-known/oauth/openid/jwks/" user_mapping_provider: config: display_name_template: "{{ user.name }}" email_template: "{{ user.email }}"oidc_providers:
• idp_id: gitlab idp_name: Gitlab idp_brand: "gitlab" # optional: styling hint for clients issuer: "https://gitlab.com/" client_id: "your-client-id" # TO BE FILLED client_secret: "your-client-secret" # TO BE FILLED client_auth_method: "client_secret_post" scopes: ["openid", "read_user"] user_profile_method: "userinfo_endpoint" user_mapping_provider: config: localpart_template: '{{ user.nickname }}' display_name_template: '{{ user.name }}' oidc_providers:
• idp_id: google idp_name: Google idp_brand: "google" # optional: styling hint for clients issuer: "https://accounts.google.com/" client_id: "your-client-id" # TO BE FILLED client_secret: "your-client-secret" # TO BE FILLED scopes: ["openid", "profile", "email"] # email is optional, read below user_mapping_provider: config: localpart_template: "{{ user.given_name|lower }}" display_name_template: "{{ user.name }}" email_template: "{{ user.email }}" # needs "email" in scopes above oidc_providers:
• idp_id: keycloak idp_name: "My KeyCloak server" issuer: "https://127.0.0.1:8443/realms/{realm_name}" client_id: "synapse" client_secret: "copy secret generated from above" scopes: ["openid", "profile"] user_mapping_provider: config: localpart_template: "{{ user.preferred_username }}" display_name_template: "{{ user.name }}" backchannel_logout_enabled: true # Optional oidc_providers:
• idp_id: lemonldap idp_name: lemonldap discover: true issuer: "https://auth.example.org/" # TO BE FILLED: replace with your domain client_id: "your client id" # TO BE FILLED client_secret: "your client secret" # TO BE FILLED scopes:
  • "openid"
  • "profile"
  • "email" user_mapping_provider: config: localpart_template: "{{ user.preferred_username }}}"

    TO BE FILLED: If your users have names in LemonLDAP::NG and you want those in Synapse, this should be replaced with user.name|capitalize or any valid filter.

    display_name_template: "{{ user.preferred_username|capitalize }}" curl -d "client_name=my_synapse_app&redirect_uris=https://[synapse_public_baseurl]/_synapse/client/oidc/callback" -X POST https://your.mastodon.instance.url/api/v1/apps {"client_id":"someclientid_123","client_secret":"someclientsecret_123","id":"12345","name":"my_synapse_app","redirect_uri":"https://[synapse_public_baseurl]/_synapse/client/oidc/callback","website":null,"vapid_key":"somerandomvapidkey_123"} { "client_id": "SOME-CLIENT-ID", "client_secret": "SOME-SUPER-SECRET-SECRET", "response_types": ["code"], "grant_types": ["authorization_code"], "scope": "openid profile email", "redirect_uris": ["https://[synapse public baseurl]/_synapse/client/oidc/callback"] } oidc_providers:

    Shibboleth IDP

    #

• idp_id: shibboleth idp_name: "Shibboleth Login" discover: true issuer: "https://YOUR-IDP-URL.TLD" client_id: "YOUR_CLIENT_ID" client_secret: "YOUR-CLIENT-SECRECT-FROM-YOUR-IDP" scopes: ["openid", "profile", "email"] allow_existing_users: true user_profile_method: "userinfo_endpoint" user_mapping_provider: config: subject_claim: "sub" localpart_template: "{{ user.sub.split('@')[0] }}" display_name_template: "{{ user.name }}" email_template: "{{ user.email }}" oidc_providers:
• idp_id: twitter idp_name: Twitter idp_brand: "twitter" # optional: styling hint for clients discover: false # Twitter is not OpenID compliant. issuer: "https://twitter.com/" client_id: "your-client-id" # TO BE FILLED client_secret: "your-client-secret" # TO BE FILLED pkce_method: "always"

  offline.access providers refresh tokens, tweet.read and users.read needed for userinfo request.

  scopes: ["offline.access", "tweet.read", "users.read"] authorization_endpoint: https://twitter.com/i/oauth2/authorize token_endpoint: https://api.twitter.com/2/oauth2/token userinfo_endpoint: https://api.twitter.com/2/users/me?user.fields=profile_image_url user_mapping_provider: config: subject_template: "{{ user.data.id }}" localpart_template: "{{ user.data.username }}" display_name_template: "{{ user.data.name }}" picture_template: "{{ user.data.profile_image_url }}" oidc_providers:

• idp_id: xwiki idp_name: "XWiki" issuer: "https://myxwikihost/xwiki/oidc/" client_id: "your-client-id" # TO BE FILLED client_auth_method: none scopes: ["openid", "profile"] user_profile_method: "userinfo_endpoint" user_mapping_provider: config: localpart_template: "{{ user.preferred_username }}" display_name_template: "{{ user.name }}" ef5d32d5c89a04dda85d4510a0643165bc9f6e20https://techcrunch.com/2024/10/22/openai-hires-its-first-chief-economist/?utm_source=dlvr.it&utm_medium=threadshttps://github.com/microsoft/vscode/wiki/https://spikenow.com/collab/?id=a8W4PQlZX9sK07r47UHfbxSKzuEJZOsixLJz6ECwMa7https://smee.io/n89s8c9EkMofd3whttp://gdevnieto1989.wordpress.comhttps://www.instagram.com/reel/C-t_Xz3MTkw/?igsh=YndxNWJ0NmkyZGxu