I figured it out, here's what was happening: The client was trying to access the SSO redirect URL with HTTP, but my server was configured to use HTTPS: Requested URI http://matrix.due.ren/_matrix/client/r0/login/sso/redirect/oidc-cloudron?redirectUrl=element://connect?transaction_id=m2111693422.2 is not canonical: redirecting to https://matrix.due.ren/_matrix/client/r0/login/sso/redirect/oidc-cloudron?redirectUrl=element://connect?transaction_id=m2111693422.2 This redirection kept happening repeatedly (as shown by the multiple identical log entries with different request IDs), creating a loop. Synapse didn't properly handle the protocol conversion between HTTP and HTTPS. Here's how I fixed the issue: Added the x_forwarded: true setting to my configuration's listeners section: listeners: - port: 8008 type: http bind_addresses: ['0.0.0.0'] x_forwarded: true # Added this line resources: - names: [client, federation, metrics] compress: false

Negative. Please, disregard what have been said earlier: OpenID from Cloudron could be used as is. Happy to share my findings on setting up the service with @vladimir.d or whoever will be doing this configuration for everyone on Cloudron.

I believe I assembled a first version, but got stuck with OpenID auth on Cloudron side: https://forum.cloudron.io/topic/13648/openid-uri-configuration-issue-for-synapse-s-mas I would appreciate any help here - it would be beneficial for the work to be done by @vladimir.d or whoever would be solving the same task.

I've deleted everything due to me making an error - use the base domain for checking, not matrix.basedoman.com.

Sorry, this is a native Ubuntu install. I suppose this is the wrong venue. Thanks for the heads up.

@jdaviescoates I should have been clearer... I meant the sliding sync webapp got obsoleted and the repo was archived. TBH, I don't really know if the protocol / implementation was merged in a compatible way.

You can see it here - https://git.cloudron.io/apps/synapse-app/-/merge_requests/10 . The tests are failing, we have to investigate. The update won't work with Element X though, I am pretty sure

@nebulon Correct, but I just realised that in copying and pasting I appear to have missed something. That's embarassing. In any case it has now worked and this is resolved. Thanks for the quick reply.

@girish all sounds very promising indeed. I just went to see if I can now connect to my Cloudron Matrix using Element X... the QR Code login thing at least doesn't seem to have been implemented on Cloudron yet: [image: 1730726405515-b6462474-d41a-457f-97d6-545ddad657f8-image-resized.png] And trying to login in manually doesn't seem to work yet either: [image: 1730726733558-screenshot_20241104-132148_element-x.png] Hopefully in the coming months such things will begin to work? Do we know what we're waiting for? I guess maybe for 2.0 to actually release and packaged?

Hello, it seems there is a loop with SSO Login. It´s jumped back to ..#Login after Authentifcation.

thanks @joseph, for any mods, feel free to remote this thread.

@andreasdueren yes exactly, that's the bug. They are yet to add OIDC support in the Element X apps . the one you linked is the iOS app, the one I linked earlier was for the android app.

@nebulon Thanks! Got it working finally

I'm not sure how to do any of that but I'll worry about this later as I received a reply from Hetzner support about my VPS (SMTP issue) and you won't believe what they said.

Just uploaded and extracted latest version but it's just loading, don't see any login screen

@gargamel8 ok, there are some suggested solutions at https://docs.cloudron.io/troubleshooting/#hairpin-nat . Maybe something works for you.

This is very interesting @jdaviescoates thank you for this. I'll examinate this more deeply !