Skip to content
Snippets Groups Projects
Verified Commit a7cc74f4 authored by Jan Alexander Steffens (heftig)'s avatar Jan Alexander Steffens (heftig) Committed by Evangelos Foutras
Browse files

matrix: Enable backchannel logouts from keycloak to synapse

parent c6cfff77
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
roles/matrix/templates/homeserver.yaml.j2
+ 1
0
View file @ a7cc74f4
......@@ -148,6 +148,7 @@ oidc_providers:
client_secret: "{{ vault_matrix_openid_client_secret }}"
scopes: ["openid", "profile", "email", "roles"]
allow_existing_users: false
backchannel_logout_enabled: true
user_mapping_provider:
config:
localpart_template: "{{ '{{ user.preferred_username }}' }}"
......
tf-stage2/keycloak.tf
+ 3
0
View file @ a7cc74f4
......@@ -839,6 +839,9 @@ resource "keycloak_openid_client" "matrix_openid_client" {
valid_redirect_uris = [
"https://matrix.archlinux.org/_synapse/client/oidc/callback"
]
backchannel_logout_url = "https://matrix.archlinux.org/_synapse/client/oidc/backchannel_logout"
backchannel_logout_session_required = true
}
resource "keycloak_openid_user_realm_role_protocol_mapper" "matrix_user_realm_role_mapper" {
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment