Overview

Group Sync

Group Sync allows you to represent your organization's structure within Matrix and Element: creating a space for all its members, maintaining their membership in rooms and subspaces, managing power levels and more.

It is composed of two main parts:

• Bridges connect to an existing data source (LDAP, Azure AD or others) and extract the list of users and groups from it.

  Multiple Bridges exist in Group Sync, and more can be added by implementing the Bridge interface (see src/bridging).

  See Bridging for more details.

• Provisioner takes directory produced by a bridge, maps it to matrix spaces (see Space mapping) and enforces its presence on a Matrix server — enforces meaning that it will both create and modify it as needed, but also act as an Matrix Application Service that will automatically react to changes on the Matrix server and check them against the rules established prior.

  Provisioner is ignorant of its data source — it is not aware of the Bridge being used and is merely fed data from it.

  See Provisioning for more details.

In addition to that, Group Sync is also an Application Service. The Provisioner observers the events reported by the AS in case it needs to enforce its rules on entities that it didn't itself create: for example demote a room creator to their expected power level (see LDAP as a source of truth).