You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
A potential problem might be that some routes require "interactive authentication" on the Synapse side.. and you probably can't do that, because the password that you use (the one in Corporal's policy.json file) is different than the one that Synapse sees.. And Synapse thinks that your password is wrong.
During normal /login, Corporal intercepts the request, does password checking on its on, and then calls Synapse's /login with a password that Shared Secret Auth understands and allows to go through.
For these other routes requiring "interactive auth", I wonder what a good solution would be.. Maybe we should intercept such requests as well on the Corporal side, check the password, rewrite it in a way that Shared Secret Auth would understand, and then hope that Synapse uses password providers for this "interactive auth" part as well (and not just its own database; it probably does..).
The text was updated successfully, but these errors were encountered:
When using Corporal to manage user passwords, using the interactive auth APIs does not work.
To quote @spantaleev ,
The text was updated successfully, but these errors were encountered: