You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If synapse is configured to interface with an external auth provider (such as LDAP), there is no mechanism for that external system to feed back to synapse if a user's credentials have been locked/revoked/etc. Synapse's access_tokens stay valid forever.
A related question: if a user's password is changed in the external system, should we require all matrix clients to log in again, as we would with a local password change? If so, how should this be implemented?
The text was updated successfully, but these errors were encountered:
This issue has been migrated from #4158.
If synapse is configured to interface with an external auth provider (such as LDAP), there is no mechanism for that external system to feed back to synapse if a user's credentials have been locked/revoked/etc. Synapse's
access_tokens
stay valid forever.A related question: if a user's password is changed in the external system, should we require all matrix clients to log in again, as we would with a local password change? If so, how should this be implemented?
The text was updated successfully, but these errors were encountered: