I put together a basic proof of concept for using existing installations as SSO for , using . Here's what the authentication and authorization flow for that looks like!

While Mastodon doesn't support Connect, OIDC is just OpenlD on top of OAuth2.0. If your app allows configuring all URLS for your ldP you can use nearly any OAuth2.0 provider.

Avatars currently aren't supported via this (| added one) but can be! Working on a patch for Synapse!


Blimps: this is currently available to play with but I don't know if the database will exist long term. This is currently just a proof of concept using the testing database for Synapse, as current Synapse requires newer versions of the database server Mastodon uses. I'll be porting the existing database over to the new host today as I do migration work.

Β· Web Β· 2 Β· 0 Β· 0

Sorry; had to re-post these because I forgot hashtags on the opening post. Apologies if this spammed a bit.

Show thread

@ceralor Quick warning: make sure to save the RSA key that identifies your Synapse install. Once it gets seen by other instances, they won't take your messages if you lose it.

If I had a dollar for everyone who set up Synapse/Dendrite/Conduit to check it out, tore it down, then went "Wait why won't it federate now?"...

You likely already know but I hear "Proof of concept running on my main domain" and have to warn.

@trysdyn Oh I'm well aware! I've made sure to back that up in my Restic backups!

@trysdyn also I had not heard of Conduit; do you know if it supports OIDC auth too? Dendrite has it on the roadmap at some point I guess.

@ceralor No idea, sorry. Been out of the Matrix game for about a year now and even when I was poking it Conduit was pretty new and feature-slim.

Sign in to participate in the conversation

Devoted to furries who love big things, puffy things, and puffy things getting bigger! Federated, open, welcome! For a fatter side, take a peek at https://wobbl.xyz by Tarrien! Please provide a reason when applying for an account.