From 519ddba6f9c3fd60ebff48cdc5b26ca53e1b3abe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tristan=20Dani=C3=ABl=20Maat?= Date: Thu, 5 Dec 2024 08:49:56 +0100 Subject: [PATCH] doc: Update README --- README.md | 9 +++------ src/zitadel.rs | 1 - 2 files changed, 3 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 6dc4e785..e9b8616f 100644 --- a/README.md +++ b/README.md @@ -143,17 +143,14 @@ kubectl create configmap --from-file config.yaml famedly-sync --namespace ldap-s ## Quirks & Edge Cases +- When Setting up SSO, note that Zitadel's ldap filter must be + configured to resolve the "username" as the user's email address for + our IDP links to work. - Changing a user's LDAP id (the attribute from the `user_id` setting) is unsupported, as this is used to identify the user on the Zitadel end. - Disabling a user on the LDAP side (with `status`) results in the user being deleted from Zitadel. -- Providing multiple values for an LDAP attribute is not supported. -- Zitadel's API is not fully atomic; if a request fails, a user may - not be fully created and still not be functional even if the tool is - re-used. - - In particular, the matrix localpart, the preferred user name, and - whether the user has permissions to use Famedly may not be synced. - If a user's email or phone number changes, they will only be prompted to verify it if the tool is configured to make users verify them. diff --git a/src/zitadel.rs b/src/zitadel.rs index 7bd64e14..957d7434 100644 --- a/src/zitadel.rs +++ b/src/zitadel.rs @@ -168,7 +168,6 @@ impl Zitadel { .context("Failed to set IDP user ID")?, ) .with_idp_id(self.zitadel_config.idp_id.clone()) - // TODO: Figure out if this is the correct value; empty is not permitted .with_user_name(imported_user.email.clone())]); }