Limiting user registration like MSC3231

[2910000]

I am setting up a Synapse homeserver for my friends.
I want invited users (potentially casual, mobile-only users) to register on my homeserver. This requires a registration flow that is simple for users (and preferably for me too!) but also prevents unauthorised registration.

MSC3231 (Token Authenticated Registration) seemed to be the best mechanism for this, but I understand that this is not implemented in MAS.
I assume I would be encouraging mobile-only users to use Element X (and in any case, token-authenticated registration is not implemented in Element).
As MAS is required for registration through Element X, this means I cannot use token-authenticated registration with mobile-only users.

Looking at the docs, one workaround I identified would be to ask a new user their preferred username before registration, add it to the allowed_usernames.literals field of the policy settings in MAS, and presumably restart MAS to reload the config. This would allow restricted registration that is relatively simple from the user perspective, but it is not a very elegant workaround.

So my questions:

• is there a better way of doing this right now?
• if not, is a better way in development?

[sandhose]

We've implemented registration tokens a few months ago, it's the account.registration_token_required option, and they can be easily managed through Element Admin