Support linking & unlinking to an existing account when using SSO

[uumas]

Currently the username picker says "<username> is not available, please choose another." if one tries to enter an existing username. It could instead offer to link the existing local account and ask for its password.

[richvdh]

yes. We also need the ability to unlink an SSO account, imho.

[poproar]

I would plus one this because I made my account back when it was RIOT and now I can no longer log in with user name and password. The riot app only allows SSO. But maybe I just need to ditch the ubuntu riot app?

[richvdh]

@poproar it sounds like you are using an old, buggy version of Riot.

[toastal]

Log in to matrix.org

Choose an identity provider to log in

  • [sVesTtrFDT] GitHub
  • [ZlnaaZNPxt] Google
  • [MCVOEmFgVi] GitLab
  • [nsyeLIgzxa] Facebook
  • [QQKNSOdLiM] Apple

An open network for secure, decentralized communication.
© 2021 The Matrix.org Foundation C.I.C.

^ SSO rendered from w3m

I can't OAuth for Weechat because of this. There is no SSO login option for username+password. There is no ability to link with the existing authenticated account in the browser. I thought I could use my GitLab account with the same email addresses to link, but that didn't work either. The SSO flow took me to choosing a username, but when entering my existing username, I unsurprisingly got the error User ID already taken. There's nothing in the UI of the web app or Android app about linking a GitLab or other social account with my existing username either.

[richvdh]

@toastal if you have an existing account, you should log in with those details rather than using OAuth. If you're not seeing an option for that, that is a bug with your client, not Synapse.

[toastal]

@richvdh So you mean using the username & password as credentials from inside the client? If that's the case, I'll double check the Weechat client's Matrix bridge. Maybe it's throwing up the OAuth link if it's misconfigured or I missed something else in the error log.

---

Ah, yes. By default it throws up SSO if (un|mis)configured. That's not the best UX.

[bluedasher13]

I have the impression that Todoist, Toggl Track, Chatwork, Tipi, and Twist will let me enter the existing account.

And Toggl Track provides enable/ disable connection options.

I asked about this problem in the Element.io repo and they suggest me to opening an issue here.
#21863

[davidpiano]

I'm using the Element app on Android. I signed in to it using my GitHub name and password. Now there's an "Encryption upgrade available" message covering up the top part of the app - but when I tap on that message to do something about it, another message comes up, "Re-authentication needed". But (probably because I signed in using an outside name & password), that message just sits there blocking the app until I cancel it.

So, my question: is there a workaround that would allow me to solve this? Is an official fix expected in the near-ish future? Or is this a tricky problem with no solution in sight, and I should just create a new account under a different name?

[richvdh]

@davidpiano I don't think that's relevant to this issue. Suggest you raise an issue on the element-android issue tracker.

[davidpiano]

Understood, and thanks.

[CoelacanthusHex]

yes. We also need the ability to unlink an SSO account, imho.

Users in Mozilla Instance need this feature. Or I will lose my matrix account when I change my Firefox Account primary email.

[clokep]

Or I will lose my matrix account when I change my Firefox Account primary email.

This is due to a misconfiguration of Mozilla's server where they use your email address as the canonical identifier for the account (instead of a UUID or some internal identifier).

[alexandru0-dev]

+1 as i would like to unlink my github account in my case