The FOSSA Developer Hub

Welcome to the FOSSA developer hub. You'll find comprehensive guides and documentation to help you start working with FOSSA as quickly as possible, as well as support if you get stuck. Let's jump right in!

Get Started    

If your company supports LDAP Authentication, FOSSA can be configured to use your Directory for user login and provisioning, as well as automatically adding users to Teams.

👍

Enterprise Feature

This feature is only available to customers on an Enterprise plan. Please contact Sales for more information.

To configure FOSSA for LDAP Authentication, there is some information you'll need to gather about how to connect to your corporate Directory, as well as information about how users and groups are defined.

Server Settings

Setting

Description

Server URL

The host name that your directory is reachable at. Examples:

  • ldap.example.com
  • ad.example.com

Server Port

The port on which your directory server is listening. Examples:

  • 389
  • 636 (commonly used for SSL)

Use SSL

Check this box if FOSSA should connect to your server using SSL.

Bind Credentials

These are credentials that FOSSA will use to connect to your LDAP Directory. FOSSA will create a read-only connection in order to verify that the authenticating user exists, and (optionally) to determine which groups the user is part of.

Setting

Description

Distinguished Name

The distinguished name of the user that FOSSA will use to connect to your directory server.

Secret

The password for the user specified above.

User Schema Settings

User Base Distinguished Name

The root distinguished name to use when running user search queries against your directory server. Examples:

  • dc=example,dc=com
  • o=fossa-users,dc=example,dc=com

User Search Filter

The filter to use when searching for users. This value must include {{username}}, which will be replaced with the username used to log in. Examples:

  • (uid={{username}})
  • (&(objectCategory=Person)(uid={{username}}))

User Email Attribute

The attribute field to use when loading the user's email. Example:

  • mail

User Name Attribute

The attribute field to use when loading the user's name. Examples:

  • cn
  • displayName

Group Schema Settings

Manage Teams on LDAP

When enabled, FOSSA will create a Team for each group returned by your directory server and add the user to that team. If a user is removed from a group on your directory server, they will be removed from the FOSSA Team during their next log in.

Group Base Distinguished Name

The root distinguished name to use when running group search queries against your directory server. Examples:

  • dc=example,dc=com
  • o=fossa-users,dc=example,dc=com

Group Name Attribute

The attribute field to use when loading the group's name. Example:

  • cn

Group DN Attribute

The attribute from your user object to use when searching for a user's inclusion in a group. Example:

  • dn

Group Search Filter

The filter to use when searching for a user's groups. This value may include {{username}}, which will be replaced with the username used to log in, or {{dn}}, which will be replaced with the attribute from the user object specified above. Examples:

  • (&(objectclass=group)(uniqueMember={{username}}))
  • (&(objectclass=groupOfUniqueNames)(uniqueMember={{dn}}))

Testing your LDAP Configuration

Once you have filled out all the necessary configuration options for your LDAP Directory, you can test FOSSA's connection and verify the information that is returned by clicking the "Test Connection" button. This test will simulate a user logging into FOSSA, and will show you the information that is returned from your server.

Updated 11 months ago


LDAP


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.