From cb637050c1042e6de98af9d8d0c7757eed3fb5b5 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 3 Jan 2025 16:53:53 +0200 Subject: [PATCH] Update docs/configuring-playbook-user-verification-service.md --- docs/configuring-playbook-user-verification-service.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-user-verification-service.md b/docs/configuring-playbook-user-verification-service.md index c4674b242..9ff4fa60f 100644 --- a/docs/configuring-playbook-user-verification-service.md +++ b/docs/configuring-playbook-user-verification-service.md @@ -13,7 +13,7 @@ UVS can be used to verify two claims: * (A) Whether a given OpenID token is valid for a given server and * (B) whether a user is member of a given room and the corresponding PowerLevel -Verifying an OpenID token ID done by finding the corresponding Homeserver via `.well-known/matrix/server` for the given domain. The configured `matrix_user_verification_service_uvs_homeserver_url` does **not** factor into this. By default, this playbook only checks against `matrix_server_fqn_matrix`. Therefore, the request will be made against the public openid API for `matrix_server_fqn_matrix`. +Verifying an OpenID token ID done by finding the corresponding Homeserver via `/.well-known/matrix/server` for the given domain. The configured `matrix_user_verification_service_uvs_homeserver_url` does **not** factor into this. By default, this playbook only checks against `matrix_server_fqn_matrix`. Therefore, the request will be made against the public `openid` API for `matrix_server_fqn_matrix`. Verifying RoomMembership and PowerLevel is done against `matrix_user_verification_service_uvs_homeserver_url` which is by default done via the docker network. UVS will verify the validity of the token beforehand though.