|Project Name||Stars||Downloads||Repos Using This||Packages Using This||Most Recent Commit||Total Releases||Latest Release||Open Issues||License||Language|
|Synapse||11,708||5||7||16 hours ago||362||December 05, 2023||1,521||apache-2.0||Python|
|Synapse: Matrix homeserver written in Python/Twisted.|
|Ejabberd||5,795||12||5 days ago||44||October 19, 2023||155||other||Erlang|
|Robust, Ubiquitous and Massively Scalable Messaging Platform (XMPP, MQTT, SIP Server)|
|Matrix Crdt||640||3||7 months ago||12||March 30, 2023||7||mpl-2.0||TypeScript|
|Use Matrix as a backend for local-first applications with the Matrix-CRDT Yjs provider.|
|Nio||522||23 days ago||101||mpl-2.0||Swift|
|💬 Nio is an upcoming matrix client for iOS.|
|Matrix Commander||426||2 months ago||54||October 16, 2023||16||gpl-3.0||Python|
|simple but convenient CLI-based Matrix client app for sending and receiving|
|Riotchat||119||15 days ago||35||agpl-3.0||PHP|
|Element for Nextcloud|
|Element Rpm||88||a year ago||14||apache-2.0||Shell|
|Providing the Element messaging desktop client packaged for the Fedora, Red Hat(IBM), and OpenSUSE families of linux desktop operating systems.|
|Matrix Commander Rs||51||2 months ago||33||October 14, 2023||1||gpl-3.0||Rust|
|simple but convenient CLI-based Matrix client app for sending and receiving (in Rust)|
|Beve||32||3 days ago||mit||MATLAB|
|High performance, tagged binary data specification|
|Matrix Keybase||30||3 years ago||mit||TypeScript|
|A matrix <-> keybase bridge|
Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. We began rapid development in 2014, reaching v1.0.0 in 2019. Development on Synapse and the Matrix protocol itself continues in earnest today.
Briefly, Matrix is an open standard for communications on the internet, supporting federation, encryption and VoIP. Matrix.org has more to say about the goals of the Matrix project, and the formal specification describes the technical details.
It is recommended to put a reverse proxy such as nginx, Apache, Caddy, HAProxy or relayd in front of Synapse. One advantage of doing so is that it means that you can expose the default https port (443) to Matrix clients without needing to run Synapse with root privileges. For information on configuring one, see the reverse proxy docs.
The instructions for upgrading Synapse are in the upgrade notes. Please check these instructions as upgrading may require extra steps for some versions of Synapse.
Synapse uses a number of platform dependencies such as Python and PostgreSQL, and aims to follow supported upstream versions. See the deprecation policy for more details.
Matrix serves raw, user-supplied data in some APIs -- specifically the content repository endpoints.
Whilst we make a reasonable effort to mitigate against XSS attacks (for instance, by using CSP), a Matrix homeserver should not be hosted on a domain hosting other web applications. This especially applies to sharing the domain with Matrix web clients and other sensitive applications like webmail. See https://developer.github.com/changes/2014-04-25-user-content-security for more information.
Ideally, the homeserver should not simply be on a different subdomain, but on a completely different registered domain (also known as top-level site or eTLD+1). This is because some attacks are still possible as long as the two applications share the same registered domain.
To illustrate this with an example, if your Element Web or other sensitive web
application is hosted on
A.example1.com, you should ideally host Synapse on
example2.com. Some amount of protection is offered by hosting on
B.example1.com instead, so this is also acceptable in some scenarios.
However, you should not host your Synapse on
Note that all of the above refers exclusively to the domain used in Synapse's
public_baseurl setting. In particular, it has no bearing on the domain
mentioned in MXIDs hosted on that server.
Following this advice ensures that even if an XSS is found in Synapse, the impact to other applications will be minimal.
The easiest way to try out your new Synapse installation is by connecting to it from a web client.
Unless you are running a test instance of Synapse on your local machine, in general, you will need to enable TLS support before you can successfully connect from a client: see TLS certificates.
An easy way to get started is to login or register via Element at
https://app.element.io/#/login or https://app.element.io/#/register respectively.
You will need to change the server you are logging into from
and instead specify a Homeserver URL of
https://<server_name> if you are using a reverse proxy).
If you prefer to use another client, refer to our
If all goes well you should at least be able to log in, create a room, and start sending messages.
By default, registration of new users via Matrix clients is disabled. To enable it:
We strongly recommend using a CAPTCHA, particularly if your homeserver is exposed to the public internet. Without it, anyone can freely register accounts on your homeserver. This can be exploited by attackers to create spambots targetting the rest of the Matrix federation.
Your new user name will be formed partly from the
server_name, and partly
from a localpart you specify when you create the account. Your name will take
the form of:
(pronounced "at localpart on my dot domain dot name").
As when logging in, you will need to specify a "Custom server". Specify your
localpart in the 'User name' box.
For additional support installing or managing Synapse, please ask in the community
#synapse:matrix.org (from a matrix.org account if necessary). We do not use GitHub
issues for support requests, only for bug reports and feature requests.
Identity servers have the job of mapping email addresses and other 3rd Party IDs (3PIDs) to Matrix user IDs, as well as verifying the ownership of 3PIDs before creating that mapping.
They are not where accounts or credentials are stored - these live on home servers. Identity Servers are just for mapping 3rd party IDs to matrix IDs.
This process is very security-sensitive, as there is obvious risk of spam if it is too easy to sign up for Matrix accounts or harvest 3PID data. In the longer term, we hope to create a decentralised system to manage it (matrix-doc #712), but in the meantime, the role of managing trusted identity in the Matrix ecosystem is farmed out to a cluster of known trusted ecosystem partners, who run 'Matrix Identity Servers' such as Sydent, whose role is purely to authenticate and track 3PID logins and publish end-user public keys.
You can host your own copy of Sydent, but this will prevent you reaching other
users in the Matrix ecosystem via their email address, and prevent them finding
you. We therefore recommend that you use one of the centralised identity servers
https://vector.im for now.
To reiterate: the Identity server will only be used if you choose to associate an email address with your account, or send an invite to another user via their email address.
information for Synapse developers as well as Synapse administrators. Developers might be particularly interested in:
Alongside all that, join our developer community on Matrix: #synapse-dev:matrix.org, featuring real humans!