LDAP

You can configure LDAP as an authentication method. You need to change the following variables in the .env file:

LDAP_ENABLED=true                                             # Whether LDAP auth is enabled
LDAP_HOST=ldap                                                # LDAP auth host (set by default to the used microservice; you can set it to your actual host)
LDAP_PORT=10389                                               # LDAP bind port
LDAP_PROTOCOL=ldap                                            # LDAP protocol (alternative: ldaps)
LDAP_BIND_DN=cn=admin,dc=planetexpress,dc=com               # [OPTIONAL] Bind Domain with user that will be used for queries
LDAP_BIND_SECRET=GoodNewsEveryone                           # [OPTIONAL] Bind secret for user that will be used for queries
LDAP_SEARCH_BASE=ou=people,dc=planetexpress,dc=com          # Search base domain that will be used for authentication
LDAP_SEARCH_FILTER=(mail={{username}})                      # Which filter will be searched/queried (email by default)
LDAP_SEARCH_ATTRIBUTES=mail,uid                            # Search attributes
LDAP_GROUP_SEARCH_BASE=ou=people,dc=planetexpress,dc=com    # [OPTIONAL] The base DN from which to search for groups. If defined, also groupSearchFilter must be defined for the search to work.
LDAP_GROUP_SEARCH_FILTER=(member={{dn}})                    # [OPTIONAL] LDAP search filter for groups (alternative: (uniqueMember={{dn}})).
LDAP_GROUP_SEARCH_ATTRIBUTES=mail,uid                       # [OPTIONAL] default all. Array of attributes to fetch from LDAP server (alternative: cn).
LDAP_EMAIL_FIELDNAME=mail                                     # Fieldname for email
LDAP_ADMIN_GROUP=admin_staff                                  # Admin group (use "," separation for multiple groups)