Skip to main content

Sync-in 2.0 - OpenID Connect

Β· 3 min read

Sync-in reaches a major milestone with the release of version 2.0, introducing OpenID Connect (OIDC) support, a key standard for federated authentication, widely adopted in modern and sovereign identity infrastructures.

This evolution is one of the most requested features by the community. It is currently the most upvoted item on our GitHub Discussions page, and we are very excited to deliver it in Sync-in 2.0.

OpenID Connect has established itself as the industry standard for authentication in cloud environments, enterprise IT environments, and sovereign digital ecosystems.
With this integration, Sync-in fully aligns with modern identity architectures, simplifies user onboarding, and improves the overall authentication experience.

Sync-in Auth OIDC

The OIDC integration marks a major evolution of Sync-in’s authentication model.

This release also introduces a complete overhaul of Desktop and CLI authentication to ensure compatibility with this new authentication architecture.

⚠️ Due to this evolution, the authentication mechanisms used by version 1.x applications are no longer compatible, representing one of the major changes introduced in Sync-in 2.0.

➑️ See the V2 migration guide

✨ Features​

  • OpenID Connect (OIDC) authentication support
    Sync-in can now rely on OIDC-compatible identity providers, enabling native integration with enterprise SSO environments and modern identity platforms.

  • Desktop and CLI authentication overhaul
    Desktop and CLI applications now support OIDC authentication flows, providing a consistent experience across all platforms.

  • OTP recovery codes and application passwords
    Desktop and CLI clients can now use OTP recovery codes as well as application passwords during device enrollment and authentication flows.

  • LDAP improvements

    • Optional service account support
    • Automatic permission assignment (autoCreatePermissions)
    • "Break-glass" administrator access support
    • DN/CN support for the adminGroup configuration
    • Support for groupOfNames in addition to memberOf for group resolution

  • Logging system improvements
    Added a jsonOutput option to output logs in JSON format, making integration with observability tools and centralized logging platforms easier.

  • Improved configuration error messages
    More explicit error messages to simplify troubleshooting and deployment.

  • User experience improvements

    • Redesign of the recent items page
    • File renaming is now automatically applied when clicking outside the editing area

  • Reverse proxy configuration simplification
    Removal of the WebDAV hook related to the X-Forwarded-Proto directive in the Nginx configuration.

🐞 Fixes​

  • Fixed decoding of file paths in WebDAV LOCK headers
  • Fixed the HTTP status line to ensure compliance with WebDAV specifications (RFC 4918)
  • Fixed an issue where the configured IP address was not correctly represented in logs when 0.0.0.0 was used
  • Improved error handling when adding sync paths and strengthened validation checks
  • Fixed an issue preventing file renaming when file names contained spaces, while preserving correct display

πŸ“˜ Documentation​

πŸ“₯ Upgrade to Sync-in 2.0 now and benefit from OpenID Connect support, along with numerous fixes and improvements!

➑️ View the release on GitHub