Skip to content
Snippets Groups Projects
Unverified Commit e5da770c authored by Ben Banfield-Zanin's avatar Ben Banfield-Zanin Committed by GitHub
Browse files

Add additional SAML2 upgrade notes (#9550)

parent 8a4b3738
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
UPGRADE.rst
+ 7
0
View file @ e5da770c
...@@ -124,6 +124,13 @@ This version changes the URI used for callbacks from OAuth2 and SAML2 identity p ...@@ -124,6 +124,13 @@ This version changes the URI used for callbacks from OAuth2 and SAML2 identity p
need to add ``[synapse public baseurl]/_synapse/client/saml2/authn_response`` as a permitted need to add ``[synapse public baseurl]/_synapse/client/saml2/authn_response`` as a permitted
"ACS location" (also known as "allowed callback URLs") at the identity provider. "ACS location" (also known as "allowed callback URLs") at the identity provider.
The "Issuer" in the "AuthnRequest" to the SAML2 identity provider is also updated to
``[synapse public baseurl]/_synapse/client/saml2/metadata.xml``. If your SAML2 identity
provider uses this property to validate or otherwise identify Synapse, its configuration
will need to be updated to use the new URL. Alternatively you could create a new, separate
"EntityDescriptor" in your SAML2 identity provider with the new URLs and leave the URLs in
the existing "EntityDescriptor" as they were.
Changes to HTML templates Changes to HTML templates
------------------------- -------------------------
......
changelog.d/9550.doc 0 → 100644
+ 1
0
View file @ e5da770c
Improve the SAML2 upgrade notes for 1.27.0.
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment