sources_ldap_create
POST/sources/ldap/
LDAP Source Viewset
Request
- application/json
Body
required
Source's display Name.
Possible values: non-empty
Internal source name, used in URLs.
Possible values: non-empty
and <= 50 characters
, Value must match regular expression ^[-a-zA-Z0-9_]+$
Flow to use when authenticating existing users.
Flow to use when enrolling new users.
Possible values: [all
, any
]
How the source determines if an existing user should be authenticated or a new user enrolled.
Possible values: [identifier
, email_link
, email_deny
, username_link
, username_deny
]
Possible values: non-empty
Possible values: non-empty
Optionally verify the LDAP Server's Certificate against the CA Chain in this keypair.
Client certificate to authenticate against the LDAP Server's Certificate.
Possible values: non-empty
Prepended to Base DN for User-queries.
Prepended to Base DN for Group-queries.
Consider Objects matching this filter to be Users.
Possible values: non-empty
Consider Objects matching this filter to be Groups.
Possible values: non-empty
Field which contains members of a group.
Possible values: non-empty
Field which contains a unique Identifier.
Possible values: non-empty
Update internal authentik password when login succeeds with LDAP
When a user changes their password, sync it back to LDAP. This can only be enabled on a single LDAP source.
Responses
- 201
- 400
- 403
- application/json
- Schema
- Example (from schema)
Schema
Source's display Name.
Internal source name, used in URLs.
Possible values: <= 50 characters
, Value must match regular expression ^[-a-zA-Z0-9_]+$
Flow to use when authenticating existing users.
Flow to use when enrolling new users.
Get object component so that we know how to edit the object
Return object's verbose_name
Return object's plural verbose_name
Return internal model name
Possible values: [all
, any
]
How the source determines if an existing user should be authenticated or a new user enrolled.
Possible values: [identifier
, email_link
, email_deny
, username_link
, username_deny
]
Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.
Optionally verify the LDAP Server's Certificate against the CA Chain in this keypair.
Client certificate to authenticate against the LDAP Server's Certificate.
Prepended to Base DN for User-queries.
Prepended to Base DN for Group-queries.
Consider Objects matching this filter to be Users.
Consider Objects matching this filter to be Groups.
Field which contains members of a group.
Field which contains a unique Identifier.
Update internal authentik password when login succeeds with LDAP
When a user changes their password, sync it back to LDAP. This can only be enabled on a single LDAP source.
connectivity
object
nullable
required
Get cached source connectivity
property name*
object
nullable
{
"pk": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
"name": "string",
"slug": "string",
"enabled": true,
"authentication_flow": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
"enrollment_flow": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
"user_property_mappings": [
"3fa85f64-5717-4562-b3fc-2c963f66afa6"
],
"group_property_mappings": [
"3fa85f64-5717-4562-b3fc-2c963f66afa6"
],
"component": "string",
"verbose_name": "string",
"verbose_name_plural": "string",
"meta_model_name": "string",
"policy_engine_mode": "all",
"managed": "string",
"user_path_template": "string",
"icon": "string",
"server_uri": "string",
"peer_certificate": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
"client_certificate": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
"bind_cn": "string",
"start_tls": true,
"sni": true,
"base_dn": "string",
"additional_user_dn": "string",
"additional_group_dn": "string",
"user_object_filter": "string",
"group_object_filter": "string",
"group_membership_field": "string",
"object_uniqueness_field": "string",
"password_login_update_internal_password": true,
"sync_users": true,
"sync_users_password": true,
"sync_groups": true,
"sync_parent_group": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
"connectivity": {}
}
- application/json
- Schema
- Example (from schema)
Schema
Validation Error
{
"non_field_errors": [
"string"
],
"code": "string"
}
- application/json
- Schema
- Example (from schema)
Schema
{
"detail": "string",
"code": "string"
}