This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Is there a way to determine if user belongs to a specific LDAP group?

Posted on 07-15-2016 09:47 AM
Not applicable
Reply posted on --/--/---- --:-- AM

Hi experts,

Apigee provides LDAP policy, which can be used to determine if user is a valid LDAP user (authentication). Is there a way to use this LDAP policy to find our if user belongs to a specific LDAP role (authorization)? If not, any ideas how to implement such validation? Thank you in advance!

0 2 218
Topic Labels
0 Likes
2 REPLIES 2

Posted on --/--/---- --:-- AM
mohamedabdelma1
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

https://community.apigee.com/questions/60800/private-cloud-ldap-search-for-user-groups.html

0 Likes

Posted on --/--/---- --:-- AM
Not applicable
Reply posted on --/--/---- --:-- AM

Yes, you can add the attributes in the LDAP policy, that attribute will be available in flow. Add this to search tags.

<Ldapname="LdapPolicy">
<!-- using a custom LDAP provider -->
<LdapConnectorClass>com.custom.ldap.MyProvider</LdapConnectorClass>
<LdapResource>MyLdap</LdapResource>
<Search>
<BaseDN></BaseDN><!-- default is dc=apigee,dc=com -->
<SearchQuery>mail={request.header.mail}</SearchQuery>
<Attributes>
<Attribute>address</Attribute>
<Attribute>phone</Attribute>
<Attribute>title</Attribute>
</Attributes>
<Scope></Scope><!-- default is ‘subtree’ -->
</Search>
</Ldap>