Using LDAP

From DreamFactory
Jump to: navigation, search
(Tutorial)
Line 6: Line 6:
 
button on the services tab to create a new service. Select 'LDAP Integration' from the 'Service Type'
 
button on the services tab to create a new service. Select 'LDAP Integration' from the 'Service Type'
 
drop down menu. For the name field use a short, meaningful, one word name for your service. This will be used as your
 
drop down menu. For the name field use a short, meaningful, one word name for your service. This will be used as your
LDAP service identifier. Fill out rest of the information on this form and then go to 'Config' tab.
+
LDAP service identifier. Fill out rest of the information on this form and then go to the 'Config' tab.
  
 
[[File:Tutorial using ldap 1.png|800px]]
 
[[File:Tutorial using ldap 1.png|800px]]
  
On the config form you will need to provide all the details of your LDAP server and select a default role for your
+
On the config form, you will need to provide all the details of your LDAP server and select a default role for your
 
LDAP service. This role will be assigned (for all applications in the system) to all users signing in using this LDAP service.
 
LDAP service. This role will be assigned (for all applications in the system) to all users signing in using this LDAP service.
  

Revision as of 15:50, 15 July 2016

Tutorial

To use LDAP authentication in a DreamFactory Instance, you must have the PHP LDAP extension enabled. In APT the package is `php5-ldap`, in Yum it's `php-ldap`, and in Windows Bitnami instances it's provided as `php_ldap.dll`.

You can then provision an LDAP service from the 'Services' tab in Admin Console. Click on the 'Create' button on the services tab to create a new service. Select 'LDAP Integration' from the 'Service Type' drop down menu. For the name field use a short, meaningful, one word name for your service. This will be used as your LDAP service identifier. Fill out rest of the information on this form and then go to the 'Config' tab.

Tutorial using ldap 1.png

On the config form, you will need to provide all the details of your LDAP server and select a default role for your LDAP service. This role will be assigned (for all applications in the system) to all users signing in using this LDAP service.

Tutorial using ad 2.png

API Endpoint

POST https://your-url/api/v2/user/session?service={ldap_service_name}
{
    "username" : "user_name",
    "password" : "password"
}

-- OR --

POST https://your-url/api/v2/user/session
{
    "username" : "user_name",
    "password" : "password",
    "service"  : "ldap_service_name"
}

Example - Sign-in using LDAP Authentication

  • Service name: demo
  • Request URL:
    POST https://your-url/api/v2/user/session?service=demo
{
   "username" : "user_name",
   "password" : "password"
}
  • Response:
{
    "session_token": “abc.123abc.efg,
    "session_id": “abc.123abc.efg,
    "id": 1,
    "name": "John",
    "first_name": "John",
    "last_name": "Doe",
    "email": "[email protected]",
    "is_sys_admin": false,
    "last_login_date": "2015-06-30 16:46:59",
    "host": "your-url"
}