This repository was archived by the owner on Apr 26, 2024. It is now read-only.
This repository was archived by the owner on Apr 26, 2024. It is now read-only.
Support multiple SSO identity providers during login/UIA flow #8927
Closed
Description
We would like to give synapse support for multiple OIDC identity providers. As a first step:
- the user would be prompted to choose one from the
/_matrix/client/r0/login/sso/redirectpage- give synapse the concept of an "identity provider", and refactor existing CAS, SAML and OIDC impls to match it
- redirect to an IdP picker when more than one IdP exists
- serve an IdP picker based on a template
- support multiple OIDC providers, each as a separate IdP (Land support for multiple OIDC providers #9110)
- write some tests
- for UIA, the user would be taken to whichever OIDC provider they had registered with. (UI Auth via SSO: redirect the user to an appropriate SSO. #9081)
login fallback needs to support picking a provider tooactually, this is better done once synapse supports MSC2858; moved to Support picking an SSO provider during login fallback #9013