If you find any errors, typos or have general feedback, select the text and click CTRL+ALT+ENTER.

Introduction

Appery.io security policy allows connecting LDAP security providers.

LDAP stands for Lightweight Directory Access Protocol. It is an application software protocol for enabling anyone to locate organizations, individuals, and other resources such as files and devices in a network, whether on the public Internet or on a corporate intranet.

The primary purpose of a directory service is to provide a systematic set of user records, usually in a hierarchical structure. The common usage of LDAP is to provide a single sign on where one password for a user is shared between many services, such as applying a company login code to web pages (so that staff log in only once to company computers, and then are automatically logged into the company intranet).

Besides, as the access can be controlled on the server side, it’s much more secure than security methods that work by securing data through client software.

Configuring LDAP

Go to: Resources > Security and click “Add new security provider”:

Enter the Provider name and use your credentials for Server settings and User schema.

After you have filled the required credentials in, click “Test”, then – “Save”.

If the test fails, you can check the LDAP errors page.

If needed, users have the opportunity to create and configure external (third-party) LDAP security providers for testing.

Using LDAP for API Express

LDAP can be used in API Express for managing users identity. Go to the API Express tab and open your project, then switch to Settings:

LDAPS

Appery.io also supports LDAP over SSL (or LDAPS) protocol.

LDAPS URLs use SSL connections instead of plain (i.e., unprotected) connections. They have a syntax similar to LDAP URLs except the schemes are different and the default port for LDAPS URLs is 636 instead of 389.