Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to search the people from keycloak OIDC #17126

Open
nmanthena18 opened this issue Apr 26, 2024 · 1 comment
Open

Unable to search the people from keycloak OIDC #17126

nmanthena18 opened this issue Apr 26, 2024 · 1 comment
Labels
A-SSO O-Uncommon S-Tolerable T-Enhancement

Comments

@nmanthena18
Copy link

Description

We are running synapse local and we configure keycloak OIDC & we have 1000 users, but we are unable to see them until they login in atleast once in syanpse.

Steps to reproduce

  • Run synapse server and client
  • configure OIDC.
  • login in element search for the people

Homeserver

chat-server.intellaire.com

Synapse Version

{"server":{"name":"Synapse","version":"1.86.0rc2"}}

Installation Method

Docker (matrixdotorg/synapse)

Database

PostgreSQL

Workers

Single process

Platform

VM Ubuntu

Configuration

No response

Relevant log output

2024-04-26 10:08:36,785 - synapse.rest.client.sync - 231 - INFO - GET-2099 - Client has disconnected; not serializing response.
2024-04-26 10:08:36,785 - synapse.http.server - 782 - WARNING - GET-2099 - Not sending response to request <XForwardedForRequest at 0x7fd51951bf50 method='GET' uri='/_matrix/client/r0/sync?filter=0&timeout=30000&since=s35_285_0_21_50_1_7_30_0_1' clientproto='HTTP/1.0' site='8008'>, already disconnected.
2024-04-26 10:08:36,786 - synapse.access.http.8008 - 473 - INFO - GET-2099 - 10.80.16.118 - 8008 - {@naresh.m:chat-server.intellaire.com} Processed request: 30.003sec/-10.704sec (0.000sec, 0.000sec) (0.000sec/0.001sec/2) 0B 200! "GET /_matrix/client/r0/sync?filter=0&timeout=30000&since=s35_285_0_21_50_1_7_30_0_1 HTTP/1.0" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" [0 dbevts]

Anything else that would be useful to know?

No response
@reivilibre
Copy link
Contributor

This is not really a bug, more like a known limitation. The users don't exist in Synapse until they log in; after all, Synapse doesn't have usually a way to search for users in an external identity provider, it only finds out about them when they log in.

I am happy to keep this open as a suggestion but someone interested will need to implement this; I don't expect us to get to it anytime soon.

There may be a possible workaround by manually scripting the creation of users and updating their SSO identifiers using external_ids in https://element-hq.github.io/synapse/latest/admin_api/user_admin_api.html#create-or-modify-account.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
A-SSO O-Uncommon S-Tolerable T-Enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@nmanthena18 @reivilibre