Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

multiple default homeservers #1580

Open
hex-m opened this issue May 3, 2021 · 6 comments
Open

multiple default homeservers #1580

hex-m opened this issue May 3, 2021 · 6 comments
Labels
T-Enhancement

Comments

@hex-m
Copy link

hex-m commented May 3, 2021

Is your suggestion related to a problem? Please describe.

Our organization has a setup with multiple Synapse instances, because we have/want users with different domain parts in their Matrix-ID.

To make the login-flow as easy as possible we have a separate Element-Web instance for every Synapse instance. This has drawbacks:

  • Users are confused that we have multiple chat services.
  • Sending the URL of a room to someone can lead to login errors because they'd have to use a different Element-Web instance.

Describe the solution you'd like.

The possibility to specify multiple servers in default_server_configs and give users an easy way to choose from them.

Describe alternatives you've considered.

An alternative solution would be support for multiple user-domains in Synapse. matrix-org/synapse#8885
@t3chguy
Copy link
Member

t3chguy commented May 3, 2021

A single synapse for auth can be used to act as a frontend for multiple Matrix servers, during /login the server sends back the server_name to which to connect to post-auth.
Equally, you could just enter the user's MXID into the login screen and the server would be automatically resolved from that.

@hex-m
Copy link
Author

hex-m commented May 3, 2021

you could just enter the user's MXID into the login screen

That is true that the correct homeserver would be discovered when you enter an MXID, but our users don't know what an MXID is when they first login. Also: we use SSO (SAML) which means (as I understand it) that the homeserver has to be fixed already when you forward the users to the IDP.

A single synapse for auth [..]

Not sure if I grasp this. Is there documentation for how to set this up?

@t3chguy
Copy link
Member

t3chguy commented May 3, 2021

I don't know if there's documentation for that but there are definitely some deployments doing that.
Does your SSO vary depending on which server or is it all the same and depending on the user going through the SSO the target matrix server should be different?

@hex-m
Copy link
Author

hex-m commented May 3, 2021

The IDP is always the same. The authorization decision is currently based on attribute_requirements. So yes, the target homeserver should be chosen depending on some attribute of the user.

@t3chguy
Copy link
Member

t3chguy commented May 3, 2021

Pretty sure there is a deployment functioning exactly like that and the /login request returns back the right matrix base_url to use for that user. Probably best reaching out to the synapse support room to see if they know more about it.

@hex-m hex-m mentioned this issue Jul 1, 2021
Open
@hex-m hex-m mentioned this issue May 11, 2023
Open
@t3chguy t3chguy transferred this issue from element-hq/element-web May 11, 2023
@hex-m
Copy link
Author

hex-m commented Sep 7, 2023

Just noticed that this was transferred. I don't think this is relevant for locally installed clients because you usually don't distribute them preconfigured.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
T-Enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@t3chguy @hex-m