Skip to content

Support MSC3861: OAuth 2.0 / OIDC with Matrix Authentication Service (MAS) #2016

New issue
New issue
Open
Open
Support MSC3861: OAuth 2.0 / OIDC with Matrix Authentication Service (MAS)#2016
Labels
enhancementNew feature or request
@devurandom

Description

@devurandom
devurandom
opened on Feb 27, 2026

The Problem

MSC3861: Next-generation auth for Matrix, based on OAuth 2.0/OIDC was accepted about a year ago. It works together with the Matrix Authentication Service (MAS) to replace the username/password and SSO legacy login methods used previously.

Nheko asks for username and password, which at first confused me, because I could not find the newer login method. After typing in the username, Nhemo shows a "SSO Login" button. But this appears to use the SSO login method of the Legacy API instead of the new OAuth 2.0 / OIDC API.

The Solution

It would be nice if Nheko would:

  • Support OAuth 2.0 / OIDC / MSC3861.
  • Become a OAuth 2.0 aware client.
  • Hide the "password" field on the login screen until it has determined that "SSO Login" is not available for the server.

Alternatives

No response

Additional context

No response

Happens in the latest version

  • Yes, this feature is still missing.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions