Rename user

[hex-m]

One of my users would like to change their Matrix ID (staying on the same server). I would like to support them.

I know about https://modular.im/tools/matrix-migration, but as the SSO (SAML)-Account stays the same, the two accounts won't be usable at the same time. Also I would prefer to make the process as painless as possible for the user.

An ideal solution would be an admin API call which:

1. creates the new account
2. points the external_id to the new account
3. adds the new account to the same rooms (with the same permissions) than the old one
4. associates the key backup with the new account

At the next login the user would be asked for the recovery key and have access to all rooms and messages like before.

An alternative solution could be to have the new account work like an alias for the first one. This would would mark the two accounts as "belonging to the same person" and thus other servers could treat them like they would be the same account.

There are discussions about server independent accounts and moving accounts between servers but this request seems smaller to me.

keywords: migrate account, change mxid, localpart

[reivilibre]

This is quite tricky but might be fixed by nomadic/dissociated identities (or whatever the code name is nowadays) as you've noticed.

However it's probably just as difficult as moving an account between servers: all the keys and permissions and so on would need to be transferred so they are valid for a different MXID (and so that other users/servers understand they're the same user!). Whether or not the server name changes during this process doesn't actually make much difference, from what I can tell.

Unfortunately a user's MXID is currently quite permanent and, as you've noticed, quite a nuisance to 'change'. This is something that's known and is going to get dealt with (it's practically a necessity for the peer-to-peer work), but I couldn't tell you that anything is coming very soon.

[reivilibre]

Note: the first two steps are already possible. Adding the new account to the same rooms is often possible (depending on permissions); promoting them to the same permissions is sometimes possible (usually only if you're the room admin).
Associating key backup with the account is uncertain — the client might not know what to do about keys that aren't for the (new) MXID.

Solving this properly involves disocciated identities or else a bit of proper work (including client work) which could also support cross-server moves.

[bkil]

Related #8885

[knurd75zid]

Note: the first two steps are already possible.

I am desperate to do this.
I managed to create new account, added them to the relevant rooms etc. No Problem. All by API.

Where I fail is, to permanently and definitively remove the external_id from the old, unwanted, to be deactivated accounts.
That is:

• I can stop synapse (and element web, for good measure)
• delete the external_ids no problem. With the API, no less. I used the create/modify users admin-AP (/_synapse/admin/v2/users/) * I and can verify the changes in the table user_external_ids. That is, the line, associating the saml external_id with the user_id is gone. Deleted.
• start synapse and element again
• log in my testuser with sso
  Now the weird part.
  The user is the same old, bad, unwanted User again.
  Even weirder: The table user_external_ids has the old line again, associating the external ID with the old, bad account.

I expected a new account, with the correct name to be crated and betting associated with the external ID.

Could you kindly point out what I am doing wrong?
I use the 1.94 Synapse Version, updated 2 days ago.