{"id":13557868,"url":"https://github.com/matrix-org/sydent","last_synced_at":"2025-05-16T13:07:46.178Z","repository":{"id":19594379,"uuid":"22844878","full_name":"matrix-org/sydent","owner":"matrix-org","description":"Sydent: Reference Matrix Identity Server","archived":false,"fork":false,"pushed_at":"2024-08-29T11:58:42.000Z","size":2132,"stargazers_count":315,"open_issues_count":55,"forks_count":85,"subscribers_count":34,"default_branch":"main","last_synced_at":"2025-05-12T07:08:12.354Z","etag":null,"topics":["hacktoberfest","matrix","python"],"latest_commit_sha":null,"homepage":"http://matrix.org","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/matrix-org.png","metadata":{"files":{"readme":"README.rst","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2014-08-11T15:52:07.000Z","updated_at":"2025-05-09T18:11:45.000Z","dependencies_parsed_at":"2024-11-04T08:31:33.737Z","dependency_job_id":"88acb791-8c31-49c1-a373-20e552744076","html_url":"https://github.com/matrix-org/sydent","commit_stats":{"total_commits":688,"total_committers":55,"mean_commits":12.50909090909091,"dds":0.8023255813953488,"last_synced_commit":"e9f34ca2386c8b3ec601e0f63edf8409cf1d688a"},"previous_names":[],"tags_count":94,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/matrix-org%2Fsydent","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/matrix-org%2Fsydent/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/matrix-org%2Fsydent/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/matrix-org%2Fsydent/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/matrix-org","download_url":"https://codeload.github.com/matrix-org/sydent/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254535829,"owners_count":22087399,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["hacktoberfest","matrix","python"],"created_at":"2024-08-01T12:04:35.596Z","updated_at":"2025-05-16T13:07:46.158Z","avatar_url":"https://github.com/matrix-org.png","language":"Python","funding_links":[],"categories":["Python","hacktoberfest"],"sub_categories":[],"readme":"What is Sydent?\n===============\n\nSydent is an `identity server \u003chttps://spec.matrix.org/v1.6/identity-service-api/\u003e`_ for the `Matrix communications protocol \u003cmatrix.org\u003e`_. It allows Matrix users to prove that they own an email address or phone number, and allows _other_ Matrix users to look them up using that email address or phone number.\n\nDo I need to run Sydent to run my own homeserver?\n-------------------------------------------------\n\nShort answer: **no**.\n\nMedium answer: **probably not**. Most homeservers and clients use the Sydent\ninstance run by `matrix.org`, or use no identity server whatsoever.\n\nLonger answer: if you want to allow user lookup via emails and phone numbers in\na private federation of multiple homeservers, Sydent _might_ be useful for you.\nIf you want your homeserver to be able to verify phone numbers via SMS and\nyou have an API token for the `OpenMarket HTTP SMS API\n\u003chttps://www.openmarket.com/docs/Content/apis/v4http/overview.htm\u003e`_, then\nSydent might be useful for you.\n\n\nInstallation\n============\n\nInstalling the system dependencies\n----------------------------------\n\nTo install Sydent's dependencies on a Debian-based system, run::\n\n    sudo apt-get install build-essential python3-dev libffi-dev \\\n                         sqlite3 libssl-dev python3-virtualenv libxslt1-dev\n\nFrom here, you can either install Sydent by using a PyPI release, or by recreating Sydent's locked runtime environment.\n\n\nInstalling the latest Sydent release from PyPI\n----------------------------------------------\n\nTo create the virtual environment in which Sydent will run::\n\n    virtualenv -p python3 ~/.sydent\n    source ~/.sydent/bin/activate\n    pip install --upgrade pip\n    pip install --upgrade setuptools\n\nSydent and its dependencies can be installed using ``pip`` by running::\n\n    pip install matrix-sydent\n    \nWith the virtualenv activated, you can run Sydent using::\n\n    python -m sydent.sydent\n\nInstalling from source\n~~~~~~~~~~~~~~~~~~~~~~\n\nAlternatively, Sydent can be installed using ``poetry`` from a local git checkout.\nFirst install `poetry`. See `poetry's documentation \u003chttps://python-poetry.org/docs/#installation\u003e`_ for details; we recommend installing via `pipx`. Once that's done::\n\n    git clone https://github.com/matrix-org/sydent.git\n    cd sydent\n    poetry install --no-dev\n    # For development, pull in extra tools with\n    # poetry install\n\nTo start Sydent::\n\n    poetry run sydent\n\nRunning Sydent\n==============\n\nWhen Sydent is first run, it will create a configuration file in ``sydent.conf`` with some defaults. \nIf a setting is defined in both the ``[DEFAULT]`` section and another section in the configuration file,\nthen the value in the other section is used.\n\nYou'll most likely want to change the server name (``server.name``) and specify an email server\n(look for the settings starting with ``email.``).\n\nBy default, Sydent will listen on ``0.0.0.0:8090``. This can be changed by changing the values for\nthe configuration settings ``clientapi.http.bind_address`` and ``clientapi.http.port``.\n\nSydent uses SQLite as its database backend. By default, it will create the database as ``sydent.db``\nin its working directory. The name can be overridden by modifying the ``db.file`` configuration option.\nSydent is known to be working with SQLite version 3.16.2 and later.\n\nListening for HTTPS connections\n-------------------------------\n\nMost homeservers and clients will expect identity servers to be reachable using HTTPS.\n\nSydent does not currently support listening for HTTPS connection by itself. Instead, it\nis recommended to use a reverse proxy to proxy requests from homeservers and clients to\nSydent. It is then possible to have this reverse proxy serve Sydent's API over HTTPS.\n\nWhen using a reverse proxy, it is recommended to limit the requests proxied to Sydent to\nones which paths start with ``/_matrix/identity`` for security reasons.\n\nAn exception to this is Sydent's internal replication API, see `\u003cdocs/replication.md\u003e`_.\n\nSMS originators\n---------------\n\nDefaults for SMS originators will not be added to the generated config file, these should\nbe added to the ``[sms]`` section of that config file in the form::\n\n    originators.\u003ccountry code\u003e = \u003clong|short|alpha\u003e:\u003coriginator\u003e\n\nWhere country code is the numeric country code, or ``default`` to specify the originator\nused for countries not listed. For example, to use a selection of long codes for the\nUS/Canada, a short code for the UK and an alphanumertic originator for everywhere else::\n\n    originators.1 = long:12125552368,long:12125552369\n    originators.44 = short:12345\n    originators.default = alpha:Matrix\n\nDocker\n======\n\nA Dockerfile is provided for sydent. To use it, run ``docker build -t sydent .`` in a sydent checkout.\nTo run it, use ``docker run --env=SYDENT_SERVER_NAME=my-sydent-server -p 8090:8090 sydent``.\n\nPersistent data\n---------------\n\nBy default, all data is stored in ``/data``. To persist this to disk, bind `/data` to a\nDocker volume.\n\n.. code-block:: shell\n\n   docker volume create sydent-data\n   docker run ... --mount type=volume,source=sydent-data,destination=/data sydent\n\nBut you can also bind a local directory to the container.\nHowever, you then have to pay attention to the file permissions.\n\n.. code-block:: shell\n\n   mkdir /path/to/sydent-data\n   chown 993:993 /path/to/sydent-data\n   docker run ... --mount type=bind,source=/path/to/sydent-data,destination=/data sydent\n\nEnvironment variables\n---------------------\n\n.. warning:: These variables are only taken into account at first start and are written to the configuration file.\n\n+--------------------+-----------------+-----------------------+\n| Variable Name      | Sydent default  | Dockerfile default    |\n+====================+=================+=======================+\n| SYDENT_SERVER_NAME | *empty*         | *empty*               |\n+--------------------+-----------------+-----------------------+\n| SYDENT_CONF        | ``sydent.conf`` | ``/data/sydent.conf`` |\n+--------------------+-----------------+-----------------------+\n| SYDENT_PID_FILE    | ``sydent.pid``  | ``/data/sydent.pid``  |\n+--------------------+-----------------+-----------------------+\n| SYDENT_DB_PATH     | ``sydent.db``   | ``/data/sydent.db``   |\n+--------------------+-----------------+-----------------------+\n\n\nInternal bind and unbind API\n============================\n\nIt is possible to enable an internal API which allows for binding and unbinding\nbetween identifiers and matrix IDs without any validation.\nThis is open to abuse, so is disabled by\ndefault, and when it is enabled, is available only on a separate socket which\nis bound to ``localhost`` by default.\n\nTo enable it, configure the port in the config file. For example::\n\n    [http]\n    internalapi.http.port = 8091\n\nTo change the address to which that API is bound, set the ``internalapi.http.bind_address`` configuration\nsetting in the ``[http]`` section, for example::\n\n    [http]\n    internalapi.http.port = 8091\n    internalapi.http.bind_address = 192.168.0.18\n\nAs already mentioned above, this is open to abuse, so make sure this address is not publicly accessible.\n\nTo use bind::\n\n    curl -XPOST 'http://localhost:8091/_matrix/identity/internal/bind' -H \"Content-Type: application/json\" -d '{\"address\": \"matthew@arasphere.net\", \"medium\": \"email\", \"mxid\": \"@matthew:matrix.org\"}'\n\nThe response has the same format as\n`/_matrix/identity/api/v1/3pid/bind \u003chttps://matrix.org/docs/spec/identity_service/r0.3.0#deprecated-post-matrix-identity-api-v1-3pid-bind\u003e`_.\n\nTo use unbind::\n\n    curl -XPOST 'http://localhost:8091/_matrix/identity/internal/unbind' -H \"Content-Type: application/json\" -d '{\"address\": \"matthew@arasphere.net\", \"medium\": \"email\", \"mxid\": \"@matthew:matrix.org\"}'\n\nThe response has the same format as\n`/_matrix/identity/api/v1/3pid/unbind \u003chttps://matrix.org/docs/spec/identity_service/r0.3.0#deprecated-post-matrix-identity-api-v1-3pid-unbind\u003e`_.\n\n\nReplication\n===========\n\nIt is possible to configure a mesh of Sydent instances which replicate identity bindings\nbetween each other. See `\u003cdocs/replication.md\u003e`_.\n\nDiscussion\n==========\n\nMatrix room: `#sydent:matrix.org \u003chttps://matrix.to/#/#sydent:matrix.org\u003e`_.\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmatrix-org%2Fsydent","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmatrix-org%2Fsydent","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmatrix-org%2Fsydent/lists"}