This module allows users to verify their identity with a third party
service. The third party service does need to be matrix-aware in that it
will need to know to resolve matrix homeservers to exchange the user’s
token for identity information.
Gets an OpenID token object that the requester may supply to another
service to verify their identity in Matrix. The generated token is only
valid for exchanging for user information from the federation API for
OpenID.
The access token generated is only valid for the OpenID API. It cannot
be used to request another OpenID access token or call /sync, for
example.
Rate-limited:
Yes
Requires authentication:
Yes
Request
Request parameters
path parameters
Name
Type
Description
userId
string
Required: The user to request and OpenID token for. Should be the user who
is authenticated for the request.
Request body
Request body example
Specification error: Example invalid or not present
Responses
Status
Description
200
OpenID token information. This response is nearly compatible with the
response documented in the
OpenID Connect 1.0 Specification
with the only difference being the lack of an id_token. Instead,
the Matrix homeserver’s name is provided.
429
This request was rate-limited.
200 response
Name
Type
Description
access_token
string
Required: An access token the consumer may use to verify the identity of
the person who generated the token. This is given to the federation
API GET /openid/userinfo to verify the user’s identity.
expires_in
integer
Required: The number of seconds before this token expires and a new one must
be generated.
matrix_server_name
string
Required: The homeserver domain the consumer should use when attempting to
verify the user’s identity.