LDAP Settings
This section includes the LDAP connection configurations required for users to enter the Apinizer API Manager and integrate into the identity management systems that are available in their institutions and can be accessed via LDAP connection.
By making these settings, the user can log in to the API Manager with username and password on the LDAP connection and access authorized projects through the LDAP group. To authorize the project, see the Members page.
Editing Settings
Click Administration → System Settings → LDAP Settings.
The picture below shows the settings for LDAP login:
The fields used for the settings of active LDAP login are shown in the table below.
Field | Description |
---|---|
Name | Name information is entered for LDAP Settings. |
Execution Order | The LDAP Setting execution order is determined. According to this order, the work order is prioritized. |
LDAP Connection | An LDAP Connection is selected or created for LDAP Settings. |
An object class is created to filter LDAP users. | |
Groups are created to filter LDAP classes. |
The class name(s) to be used for filtering are entered. These class names are used to define specific user objects and play an active role in filtering operations.
Below is the image containing input settings for filtering users:
The fields used for defining the LDAP user class definition input settings are displayed in the table below:
Field | Description |
---|---|
User Object Class Names | Enter the class name(s) to be used for filtering users. |
Enter the filter value that can be used in addition to the connection filter when retrieving users. | |
If there is value in this field, this Base DN is used when searching and loading users instead of the Base DN in the connection. If no value is provided, the Base DN on the connection prevails. | |
This field specifies at what level on the base dn the search will be performed. | |
Name of the attribute that contains full name of the user. | |
Name of the attribute that contains login name of the user. | |
Name of the attribute that contains first name of the user. | |
Name of the attribute that contains last name of the user. | |
Name of the attribute that contains e-mail address of the user. | |
Name of the attribute that contains group memberships of the user. |
Specify the class name to be used for filtering groups.
Below is the image containing input settings for filtering group classes:
The fields used for defining the LDAP group class definition input settings are displayed in the table below:
Field | Description |
---|---|
ObjectClass Name to filter groups. | |
This is the filter value that can be used in addition to the filter in the connection when fetching groups. | |
Group Base DN Attribute | If there is value in this field, this Base DN is used when searching and loading groups instead of the Base DN in the connection. If no value is provided, the Base DN on the connection prevails. |
This field specifies at what level on the base dn the search will be performed. | |
Group Name Attribute | Name of the attribute that contains the name of the group. |
Name of the attribute that contains the member of the group. | |
Select the strategy that will be used to find the members of the group. |
Visit API Manager LDAP Integration page to see an example scenario of using these settings in real life.