Open anoadragon453 opened 2 years ago
We should include some words about it on the yet-to-be-written Single Sign-On documentation page.
@anoadragon453 would it be worth starting such a page (with just some very basic content like "Synapse supports single sign-on through the SAML, Open ID Connect or CAS protocols") to make this task less daunting for contributors?
@richvdh Excellent suggestion. In fact I think we should do that for all of our current "draft pages". It's much easier for contributors to hit a :pencil2: button on the docs site to add content rather than figuring out where to put files and how to update SUMMARY.md.
I've opened a PR to get the ball rolling for Single Sign-On related pages here: https://github.com/matrix-org/synapse/pull/11298.
It's not currently obvious that the SSO redirection page (introduced as a security measure) can be bypassed by use of the
sso.client_whitelist
option. This option allows specifying a whitelist of client URIs, for which the redirection page won't appear if the client you are being redirected to during SSO login.We should include some words about it on the yet-to-be-written Single Sign-On documentation page.