Skip to main content

Add LDAP Integration Settings

POST 
/api/v32.04/settings/ldap
x-prisma-cloud-target-env: {"permission":"authConfiguration","saas":false,"self-hosted":true}
x-public: true

Configures the LDAP integration.

For more information, see Active Directory and OpenLDAP

cURL Request

Refer to the following example cURL command that enables the LDAP integration and specifies the parameters required to integrate with an Active Directory service.

$ curl -k \
  -u <USER> \
  -H 'Content-Type: application/json' \
  -X POST \
  -d \
'{
   "enabled": true,
   "url": "ldap://ldapserver.example.com:3268",
   "searchBase": "dc=example,dc=com",
   "accountUpn": "example_service@example.com",
   "accountPassword": {
     "plain": "pass!-W0RD"
   },
   "type": "activedirectory",
   "userSearchIdentifier": "userprincipalname"   
}' \
  "https://<CONSOLE>/api/v<VERSION>/settings/ldap"

Request

Body

    accountPassword object

    Secret Stores the plain and encrypted version of a value. The plain version is not stored in a database

    encrypted string

    Specifies an encrypted value of the secret.

    plain string

    Specifies the plain text value of the secret.

    accountUpn string

    AccountUpn is the user principle name used to connect to the active directory server.

    caCert string

    CaCert is cert in PEM format (optional, if not specified, skip_verify flag will be used).

    enabled boolean

    Enabled indicates whether LDAP is enabled.

    groupSearchBase string

    GroupSearchBase is the LDAP search pattern for groups.

    searchBase string

    SearchBase is the LDAP search pattern.

    type string

    Type specifies the LDAP server type (AD or OpenLDAP).

    url string

    URL is the ldap server url.

    userSearchBase string

    UserSearchBase is the LDAP search pattern for users.

    userSearchIdentifier string

    UserSearchIdentifier is the user identifier to use for querying open ldap (e.g., cn -> cn=user).

Responses

OK

Loading...