Skip to content
Zendrite logoZendrite logoZendrite

MSC Support

MSCs (Matrix Spec Changes) are proposals to extend or modify the Matrix protocol. This page tracks the implementation status of notable MSCs in Zendrite.

Many MSCs listed here have since been merged into the Matrix specification proper. They are listed by their original MSC number and the first spec version which includes them.

Sync

Section titled “Sync”
MSC Title Spec Status
MSC4186 Simplified Sliding Sync N/A Implemented (native, no proxy needed)
MSC3575 Sliding Sync (v1) N/A Implemented (legacy, superseded by MSC4186)

Messaging

Section titled “Messaging”
MSC Title Spec Status
MSC2675 Serverside aggregations of message relationships 1.3 Implemented
MSC2676 Message editing 1.4 Implemented
MSC2677 Reactions 1.7 Implemented
MSC2836 Threading N/A Opt-in (msc2836)
MSC2285 Private read receipts 1.4 Implemented

Rooms & Spaces

Section titled “Rooms & Spaces”
MSC Title Spec Status
MSC1772 Spaces 1.2 Implemented
MSC2946 Spaces summary / room hierarchy 1.2 Implemented
MSC3083 Restricted rooms (space-based membership) 1.2 Implemented
MSC2403 Knocking 1.1 Implemented
MSC3266 Room summary API 1.15 Implemented
MSC3765 Rich text in room topics 1.15 Not implemented
MSC4267 Forget room on leave (m.forget_forced_upon_leave capability) 1.18 Implemented (opt-in via auto_forget_on_leave)

Encryption & Security

Section titled “Encryption & Security”
MSC Title Spec Status
MSC3916 Authenticated media 1.11 Implemented
MSC2732 OLM fallback keys 1.2 Implemented
MSC3814 Dehydrated devices v2 N/A Opt-in (msc3814)
MSC4115 Membership metadata on events 1.11 Opt-in (msc4115)

Federation

Section titled “Federation”
MSC Title Spec Status
MSC3706 Partial state in /send_join (faster joins) 1.6 Implemented
MSC2444 Peeking over federation N/A Opt-in (msc2444)
MSC2753 Peeking via /sync N/A Opt-in (msc2753)

Authentication

Section titled “Authentication”
MSC Title Spec Status
MSC2918 Refresh tokens 1.3 Implemented
MSC3861 Next-gen auth (OIDC) 1.15 Opt-in (msc3861)

VoIP

Section titled “VoIP”
MSC Title Spec Status
MSC4143 MatrixRTC transport discovery N/A Implemented

Opt-in MSCs

Section titled “Opt-in MSCs”

The following MSCs are not enabled by default and must be activated in the mscs section of the config file:

mscs:
  mscs:
    - msc2836
    - msc2444
    - msc2753
    - msc3814
    - msc3861
    - msc4115

MSC3814: Dehydrated Devices v2

Section titled “MSC3814: Dehydrated Devices v2”

MSC3814 allows clients to store a “dehydrated” device on the server so that encrypted to-device messages (e.g. key shares) can be delivered while the user is offline. When the user signs in again, the client rehydrates the device and retrieves messages it missed.

What changes when MSC3814 is enabled:

  • PUT /_matrix/client/unstable/org.matrix.msc3814.v1/dehydrated_device — store a dehydrated device with its keys.
  • GET /_matrix/client/unstable/org.matrix.msc3814.v1/dehydrated_device — retrieve the current dehydrated device metadata.
  • DELETE /_matrix/client/unstable/org.matrix.msc3814.v1/dehydrated_device — remove the dehydrated device.
  • POST /_matrix/client/unstable/org.matrix.msc3814.v1/dehydrated_device/{deviceID}/events — retrieve to-device events addressed to the dehydrated device.

Configuration:

mscs:
  mscs:
    - msc3814

No additional configuration is needed beyond enabling the MSC.

MSC3861: OIDC Delegated Authentication

Section titled “MSC3861: OIDC Delegated Authentication”

MSC3861 delegates authentication to an external OpenID Connect (OIDC) provider such as Matrix Authentication Service (MAS). When enabled, Zendrite validates access tokens via OAuth 2.0 token introspection instead of managing passwords directly.

What changes when MSC3861 is enabled:

  • Password-based registration and login are disabled.
  • GET /login returns only the m.login.sso flow.
  • POST /login, /register, /account/password, /account/deactivate, /logout, /logout/all, /delete_devices, and device modification endpoints return 403 M_FORBIDDEN.
  • /.well-known/matrix/client includes an m.authentication section with the OIDC issuer.
  • New users are auto-provisioned on first token introspection.

Configuration:

mscs:
  mscs:
    - msc3861
  msc3861:
    issuer: "https://auth.example.com/"
    client_id: "0000000000000000000ZENDRITE"
    client_secret: "secret"
    client_auth_method: "client_secret_basic"  # or "client_secret_post"
    admin_token: ""                            # optional: static token for admin API access
    account_management_url: ""                 # optional: URL for account management UI
    introspection_endpoint: ""                 # optional: defaults to {issuer}/oauth2/introspect
Field Required Description
issuer Yes The OIDC provider URL (e.g. your MAS instance).
client_id Yes OAuth 2.0 client ID registered with the OIDC provider for introspection.
client_secret Yes OAuth 2.0 client secret for introspection.
client_auth_method No Authentication method: client_secret_basic (default) or client_secret_post.
admin_token No A static bearer token that grants admin access, bypassing OIDC introspection. Useful for service-to-service calls.
account_management_url No URL where users can manage their account (shown in well-known response).
introspection_endpoint No Override the introspection endpoint URL. Defaults to {issuer}/oauth2/introspect.