diff --git a/changelog.d/19752.1.doc b/changelog.d/19752.1.doc new file mode 100644 index 00000000000..cfee70c67cf --- /dev/null +++ b/changelog.d/19752.1.doc @@ -0,0 +1 @@ +Document the paths that can be handled on workers with stabilised delegated authentication. diff --git a/changelog.d/19752.doc b/changelog.d/19752.doc new file mode 100644 index 00000000000..d4457ffc88b --- /dev/null +++ b/changelog.d/19752.doc @@ -0,0 +1 @@ +Improve documentation around endpoints that can be enabled with MSC3861. diff --git a/docs/workers.md b/docs/workers.md index 8d3aad19c66..a39454c5fea 100644 --- a/docs/workers.md +++ b/docs/workers.md @@ -290,6 +290,9 @@ information. # Unstable MSC4140 support ^/_matrix/client/unstable/org.matrix.msc4140/delayed_events(/.*/restart)?$ + # Stabilised Delegated Authentication support (`matrix_authentication_service.enabled: true`) + ^/_synapse/mas/ + Additionally, the following REST endpoints can be handled for GET requests: # Push rules requests @@ -314,7 +317,7 @@ for the room are in flight: Additionally, the following endpoints should be included if Synapse is configured to use SSO (you only need to include the ones for whichever SSO provider you're -using): +using) and delegated authentication isn't enabled: # for all SSO providers ^/_matrix/client/(api/v1|r0|v3|unstable)/login/sso/redirect @@ -343,7 +346,11 @@ set to `true`), the following endpoints can be handled by the worker: ^/_synapse/admin/v2/users/[^/]+$ ^/_synapse/admin/v1/username_available$ ^/_synapse/admin/v1/users/[^/]+/_allow_cross_signing_replacement_without_uia$ - ^/_synapse/admin/v1/users/[^/]+/devices$ + ^/_synapse/admin/v2/users/[^/]+/devices(/|$) + +Do note that these endpoints can't be handled by workers if the stabilised delegated +authentication support is enabled (`matrix_authentication_service.enabled` set to +`true`). Note that a [HTTP listener](usage/configuration/config_documentation.md#listeners) with `client` and `federation` `resources` must be configured in the