Preparing our customers for a new era of secure communication
Start getting Element Server Suite ready for the new Element X app with ESS v23.09
For anyone new around here, we enable our customers to have true self-sovereignty over their communications through a combination of Element Server Suite (ESS) and our Element app.
ESS allows our customers to own their communication platform and deploy powerful administrative tooling through our paid subscriptions. Customers host their own server(s) and customise it to suit their business needs. The actual Element app is free to download and gives users an outstanding mobile-first experience - helping employees abandon the use of consumer apps in the workplace. All the end-user joy of instant messaging, video calling, creating rooms, providing polls, sharing locations, with the added benefits of corporate control and compliance!
Element X is the codename for our next gen Matrix app (more detail in the blog post). It is up to 6000x faster than any other Matrix client and will supersede our current Element mobile apps (Element iOS and Element Android). That performance magic is made possible by integrating a number of new features into the server offering, all of which are now available in ESS v23.09.
TL;DR - ESS v23.09 paves the way for bringing Element X into our enterprise offering.
The backend magic to power Element X
Sliding Sync: Instantaneous login, launch and sync
Sliding Sync is a powerful new Matrix API which enables the Element app to instantly login, launch and synchronise between sessions. It means the user experience is so fast you don’t have to wait for messages to arrive when you open the app. It completely redefines how a Matrix client (such as the Element app) syncs data from its homeserver. The app ‘directly drives’ Sliding Sync to fetch precisely the right data needed to render its UI as rapidly as possible. We designed Sliding Sync so that the UX will be the same whatever the account size; in other words we want performance to scale O(1) instead of O(N) with the total number of rooms. So, whether you’re a new user or a power user, you won’t be kept waiting.
In recent months we’ve been starting to use Sliding Sync in production (although the API is still evolving as we see how Element X performs in the wild), and it can now be added to your homeserver easily from the Admin Console - ensuring your ESS deployment can be used with Element X.
Authentication is growing up
Matrix is finally adopting OpenID Connect (OIDC) as its native authentication mechanism - replacing the legacy custom Matrix auth mechanisms in use until now. OIDC provides enormous benefits over legacy Matrix authentication - opening up a path to the full galaxy of modern authentication approaches to all Matrix users, including 2FA, MFA, Passkeys, smartcards, automatic integration with password managers, access token refresh, and ensuring that users only ever hand their server credentials to the server rather than unnecessarily sharing them with myriad Matrix clients. You can read the gory details at MSC3861 and areweoidcyet.com.
Element X will in future only support the new native OIDC authentication. As a result, Element Server Suite now includes Matrix Authentication Service (MAS): our new authentication backend. MAS will improve our security whilst making the user experience even smoother. Right now, Element X also includes support for legacy password-based authentication for testing purposes.
MAS acts as a simple Matrix-aware OAuth 2.0 and OIDC Identity Provider, letting users register, login and generally manage their accounts and logged-in sessions. MAS in turn can delegate your authentication through to richer identity providers such as Keycloak or Dex via OIDC. MAS is currently compatible with Synapse.
However, it is still a work in progress and migrating an existing homeserver to MAS is not yet supported, it cannot yet be used for non-SSO servers (i.e. normal username/password accounts), and doesn’t provide in-app support for all authentication features when using older apps (managing email bindings, kicking out old devices, account deactivation). So at this point, we recommend using MAS in staging environments in order to evaluate Element X and test integration with your existing SSO.
Element Call with LiveKit
Element Call is getting ready to blast off! For anyone who hasn’t already heard, we’ve built the flagship Matrix-based VoIP app - it’s completely and utterly game-changing! We believe online communication shouldn’t require foregoing privacy and security, something that many of the most commonly used VoIP vendors don’t seem to agree with. Element Call solves this from now on. It’s now possible for hundreds of people to join a video call whilst benefiting from the same end-to-end encryption that we use across the rest of Matrix. It’s by integrating LiveKit into the stack that we've made Element Call handle large group calls. The LiveKit team is doing incredible work, we’re really impressed!
Our mantra is that software should ‘just work’. So we’ve been vigorously testing Element Call internally as well as with external groups. The overwhelming theme of the feedback is ‘it just works’. It’s easy to get started. There’s no complicated setup process. The quality of the voice and video is great. The stability of the connection… it all just works. Give it a go yourself at https://call.element.io/.
If following the pandemic remote teams became the future of work, then Element Call is the next-gen VoIP platform for these future-fit teams. Element Call gives them all the functionality they’re already accustomed to with the added bonus of knowing their communications are as secure as they can be. Also, in case we haven’t mentioned Element X enough already in this blog post, we’re preparing to integrate Element Call into Element X. This might just be the biggest addition to the user experience so far: native Matrix-based video conferencing inside the Element app.
We’ve packaged Element Call with LiveKit in ESS v23.09 as well. Our first iteration will work on single node instances for environments that do not need a TURN server. As we continue to iterate, we will add support for TURN servers and for Kubernetes environments.
Other updates coming in ESS v23.09
User tab enhancements
We’ve rearranged the ‘User’ tab in the Admin Console. Previously administrators had 3 tabs for managing users: One for a list of all users, one for adding new users, and one for searching users.
We’ve listened to your feedback, and in an effort to streamline your productivity, we’ve combined the tabs into one view. So now if you’re thinking about users, adding, searching, changing, removing, just head to the new Users tab and do it all from there.
Two brand new tabs
Having streamlined the User tab in Admin Console from three to one, we thought it seemed like the right time to add not one but two entirely new tabs and features.
The ‘Reported Events’ tab introduces completely new functionality for administrators. In order to help with message moderation it allows them to see which events have been reported by users and why. Once you’ve clicked on the new tab use the table to scan through the event reports, then select an event to see details about it.
The ‘Federation’ tab enables administrators to check the status of their connection to any other servers to which they are linked. The ability to create and maintain connections between servers is a core aspect of our decentralised architecture. This new tab allows admins to understand the health of their server(s) network and connectivity. Check out this short video below to see how you can click through to a server’s details and view the rooms you share.
And just one more thing, we’ve also introduced a ‘retry’ button to re-establish your connection if you don’t want to wait for the next scheduled attempt to roll around.
Install ESS via Helm Charts
For Kubernetes administrators who wish to deploy all of their applications by Helm Chart, we now offer that as a deployment option. Typically this option would be used only by ‘power users’ i.e. those individuals or teams who possess advanced knowledge of using Element and/or Helm Charts.
With this advancement administrators can now choose between our graphical installer or Helm Chart-based deployments. This means customers have options to suit their preferred methods. We have added this capability because we believe flexibility is integral to our long term success - and because some administrators really like Helm Charts ;)
Experience being in your own element
Element is about empowering you – our customers and end users – to take control of your communication experience. We're excited to be at the forefront of decentralised communication, and we look forward to supporting you on this transformative path as Element continues to evolve. And what better way to achieve that than by getting Element Server Suite ready for the event of the year that is Element X. Don’t put off till tomorrow what you can do today.