Self-hosting Apidog
  1. Configuration
Self-hosting Apidog
  • Installation
    • Installation Overview
    • Obtaining Apidog On-premises License
    • Running Apidog on Docker
    • Running Apidog on Kubernetes
    • Running Apidog Multi-Container Deployment without Kubernetes
    • Admin Panel
    • Installing Apidog Client
    • Backing up Apidog
    • Renewing Apidog
    • Updating Apidog
    • Supported browsers
    • Privacy
  • Configuration
    • Environment Variables
    • Configuring the application database
    • Configuring the application storage service
    • Using LDAP for authentication
    • Using OKTA for authentication
    • Using OAuth2.0 for authentication
  • Apidog API (coming soon)
  • Troubleshooting
    • Troubleshooting
    • FAQ
  1. Configuration

Using LDAP for authentication

Environment VariableDescriptionDefault ValueOther
LDAP_ENABLEWhether to enable LDAP login serviceSet to true to enable
LDAP_URLThe address of the LDAP service in the format ldap://ip:port. For example, ldap://127.0.0.1:389Required when LDAP is enabled
LDAP_BIND_USERThe account used to connect to LDAP. For example, cn=admin,dc=example,dc=orgRequired when LDAP is enabled
LDAP_BIND_PASSWORDThe password used to connect to LDAP. When anonymous access is disabled in LDAP, the administrator account and password must be configuredRequired when LDAP is enabled
LDAP_BASE_DNLDAP Base DN, the Base Dn used for LDAP username retrieval. For example, dc=example,dc=orgRequired when LDAP is enabled
LDAP_USER_ID_ATTRDefault is dn, based on the standard openldap LDAP service, which has a unique dn field used as the unique id for ldap user attributes; if there is a username or email, you can also configure the username (name) or email (mail)dnRequired when LDAP is enabled, if there is an email field, it is recommended to use mail first
LDAP_LOGIN_TITLEDefault is LDAP Login, the form name on the login pageLDAP LoginOptional
LDAP_USERNAME_ATTRUsed for username login, search, and display. It is recommended to keep it unique. If it appears duplicated, a random number will be added after the username. By default, it will take the uid field of openldap's standard LDAP serviceuidOptional
LDAP_USER_EMAIL_ATTREmail field used for login and search. By default, it will take the mail attribute of openldap's standard LDAP service. Private users can choose not to configure mail, and using username login will not be affectedmailOptional
LDAP_EMPLOYEE_NUMBER_ATTRMapping field for employee number, can be used for searchOptional
LDAP_SEARCH_FILTERSearch filter for ldap serviceOptional

FAQs on LDAP Authentication#

1.
If you are using Active Directory/Microsoft AD Server Edition, it is recommended to try configuring LDAP_SEARCH_FILTER='(&(sAMAccountName={{username}}))'.
2.
If you are using Active Directory synchronization mode, it is recommended to switch domain controllers.
3.
If you want to restrict login to only members of a certain group in LDAP, you can try configuring LDAP_SEARCH_FILTER='(&(sAMAccountName={{username}})(memberOf=......))', for example:
Modified at 2024-04-03 05:54:17
Previous
Configuring the application storage service
Next
Using OKTA for authentication
Built with