Server admins should be able to request 3PIDs for users #5497

rxl881 · 2019-06-19T19:23:57Z

Currently 3PID mappings can only be requested (from Synapse or the identity server) by the related users (accounts). It would be very useful to open this up to server administrator accounts so that they can use the APIs to see registered user email addresses.

lampholder · 2019-06-20T13:18:31Z

I can't see any problem with this from a GDPR perspective, seeing as a server admin role is no different from a somebody with direct access to the database.

Obviously, anyone maintaining their own homeserver(s) or using a homeserver provided by a third party should employ information security best practice of 'least privilege' to ensure access to this API (and direct access to the db) is restricted to a minimal set of individuals.

dklimpel · 2020-02-03T17:05:59Z

see also: #6769

dklimpel · 2021-08-19T20:49:56Z

IMO this is solved and can be closed.

clokep · 2021-08-20T11:37:10Z

I agree, looks like this is already possible!

rxl881 added the z-feature (Deprecated Label) label Jun 19, 2019

rxl881 assigned neilisfragile Jun 19, 2019

rxl881 added the A-Admin-API label Nov 27, 2019

clokep closed this as completed Aug 20, 2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Server admins should be able to request 3PIDs for users #5497

Server admins should be able to request 3PIDs for users #5497

rxl881 commented Jun 19, 2019

lampholder commented Jun 20, 2019

dklimpel commented Feb 3, 2020

dklimpel commented Aug 19, 2021

clokep commented Aug 20, 2021

Server admins should be able to request 3PIDs for users #5497

Server admins should be able to request 3PIDs for users #5497

Comments

rxl881 commented Jun 19, 2019

lampholder commented Jun 20, 2019

dklimpel commented Feb 3, 2020

dklimpel commented Aug 19, 2021

clokep commented Aug 20, 2021