v1.4.0
Notes
This new release focuses in new areas:
- Administration commands/interfaces
- Ability to expire and clean-up pending 3PID invites
- Official support for semi-open server setups (best effort until now)
- Provide control over the remaining Client API endpoints where 3PIDs are involved
Semi-open servers are defined as servers that:
- Allow registration but only with some approval process
- Only allows a specific set of people to create 3PID invites, which can be used to register a new account
- Needs the ability to list and manage pending 3PID invites
IMPORTANT: This release changes the format of the data since previous releases. While this is an automatic upgrade, it also means it is not possible to downgrade to any previous version.
BE SURE TO BACKUP YOUR MXISD INSTALLATION! See the Operations document for details.
Special thanks to @miriamino for the extensive contributions/feedback in design, testing and troubleshooting of the new features in this release.
Features
The following new features were added:
Administration
It is now possible to administer your mxisd instance directly within your Matrix client, thanks to the Application Service feature of mxisd.
See the Documentation to get started.
3PID invite expiration
One of the main limitation in terms of 3PIDs in the Matrix protocol is the inability to cancel or otherwise in any way control pending 3PID invites. If those are not accepted/resolved, they remain in a room forever.
mxisd can now be leveraged to cancel any 3PID invites made through it, either automatically after a configurable period of time, or manually via the admin interface.
See the Documentation to get started.
3PID invite policies
It is now possible to restrict the creation of 3PID invites to a certain set of users on your servers (e.g. Admins or VIPs) using roles returned by the Profile feature of Identity Stores. This would typically be used together with the new Registration feature.
See the Documentation to get started.
Registration
mxisd now offer the possibility to partially control registrations to ensure that provided 3PIDs, if made mandatory at the Homeserver level, are allowed given specific patterns or if matching pending 3PID invite.
See the Documentation to get started.
Identity Service r0.1.0 compliance
mxisd now implements all flows and features of the r0.1.0 spec. Ephemeral keys and ephemeral signing was the last remaining element not supported until now. mxisd is therefore the first 3rd party Identity server to be compliant with the current Matrix specification.
Version check
mxisd now provides two ways to check for its version:
- At command line, with
--version
- With the API, at
/version
(not under the public/_matrix
to keep the info private)
Others
The following items were also added:
- Documentation for Hardening steps of the mxisd installation (8035207)
- Documentation for Day-to-day operations (8035207)
- TLS/SSL mode (port 465) can now be set for the Email SMTP connector (#125) - Docs
- Some 3PID notification template placeholder can now be set to a static value, like the Registration URL in an 3PID invite notification (#133) - Docs
- Well-known discovery for federation is now supported and used when posting 3PID invite resolutions to the Homeserver (#127)
Changes
- The Application Services feature configuration was changed to support the new features of this release. If you used it prior to v1.4.0, adapt your
mxisd.yaml
as needed. Application Services integration itself is still considered experimental. - The
mxisd.yaml
sample file now talks aboutserver.name
(37ddd0e) - Block a non-public but still under
v1
namespace custom endpoint from New Vector (95ee328) - Various doc improvements (93bd735, c5cea93, 838d79a, 9abdcc1)
- Debian package now has
status
andpriority
- Thanks @joshuaboniface (1587103)
Fixes
- Document the correct configuration key for the msisdn Twilio connector (9d4680f)
- Properly handle 3PID session token submition (#167 - v1.3.x regression)
- Better documentation for the SQL Identity store (#107)
- Properly encode headers in Email notifications using the SMTP connector (#137)
- Fix dead link to default attributes into the LDAP documentation (#136)
Packages
Platform | Type | Command/Link |
---|---|---|
All | Jar | Download |
Debian | Package | Download |
Docker | Image | docker pull kamax/mxisd:1.4.0 (Repo) |
Checksums
Platform | Type | SHA-256 |
---|---|---|
All | Jar | 391490b7c77044817248af426bfc956ba2d22c5ba78f7a9321e604d86d3fccab |
Debian | Package | e7326375f509f0d617489a0925a1dee7d17e8a1b70bf1df00394c39a3ce0c6c2 |