Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Verify AD or LDAP crendentials via REST API

Our requirement is simple. We have a web application that requires users to sign up for a new account in order to use the service. We would like to offer users to login using their AD or LDAP credentials, provided that an AD/LDAP connector was already installed on the client premises. Is there any service that does exactly that (providing connectors and a REST interface to programatically verify user credentials), and perform a one time API integration so that users will be presented with a login form on our web application www.mywebapp.com/login, they will then enter their AD/LDAP username and password, which we would verify against their user directory using OneLogin API

I went through the API documentation for OneLogin but i have not see any method for doing that, although i can see at https://www.onelogin.com/active-directory-integration that it is a feature of OneLogin

like image 632
user3162321 Avatar asked Mar 28 '16 07:03

user3162321


People also ask

Does Active Directory have a REST API?

As suggested by @mathias-r-jessen, there are no REST APIs provided by Microsoft for Microsoft Active Directory.

How do I authenticate in REST API?

Users of the REST API can authenticate by providing a user ID and password to the REST API login resource with the HTTP POST method. An LTPA token is generated that enables the user to authenticate future requests. This LTPA token has the prefix LtpaToken2 .


1 Answers

After users are synchronized to OneLogin (via the Active Directory Connector or the LDAP Connector, for instance), an authentication call over the REST API will tunnel the username/password down to the Directory being synched for validation -- this should satisfy your use case.

For example you can use a function like https://developers.onelogin.com/api-docs/1/users/create-session-login-token, or just make an LDAP query against the LDAP endpoint.

like image 118
David Meyer Avatar answered Oct 06 '22 19:10

David Meyer