LDAP
Auth - LDAP supports LDAP key-value pairs, and beginning in Auth version 4.7.14 additional attributes can be added to the base configuration.
auth_default_group
string If specified, Auth will always assign an authenticated user this string value as a session group upon login.
generateToken
boolean If true
, Auth module will generate a unique JWT token corresponding to the authenticating user. This will also require that a signing certificate be imported into Auth. Default is false
.
keyAlias
string If generating a token, this value is the provided 'name' when the certificate is created prior to importing into Auth. Only required if generateToken
is true
.
claimsMap
string If generating a token, specify a comma-delimited list of LDAP attributes to be added as claims inside the JWT token. Only required if generateToken
is true
.
Optional: LDAP Connections Array
Beginning in Auth - LDAP version 4.7.14, LDAP supports listing multiple LDAP domain/connection point objects, using the same key-values listed above, within an auth_ldap_connections
array. This will give several authentication options in case one service is unavailable. The authentication module will attempt each service until it successfully logs a user in with the provided credentials.
Auth LDAP Example (including optional auth_ldap_connections
):
Last updated