This section of the FPX User Guide outlines the key items required to enable a gateway relationship between the RSA and an LDAP instance. LDAP is often used by organizations as a central repository for user information and as an authentication service. It can also be used to store the role information for application users.
The RSA-LDAP profile is powered by the RSA-SDK/RSA-core and has been customized and mapped out to protect resources stored in an LDAP instance.
High Level Summary of steps required to configure an RSA-LDAP Adapter
- Configure the RSA as a client to an LDAP instance (serving as the real resource server) using static configuration and enable self-hosted authentication at the RSA. Refer to Configure Connection between RSA and LDAP Server
- Configure an OAuth Relationship with a Wallet (as a Provider to the Wallet) and select an ROT issuance and creation strategy. Refer to Configure OAuth Relationship with a Wallet
- Configure an Authorization Server (as a client to the Authorization Server). Note: The Wallet must be registered as an OAuth Client and Provider to the same Authorization Server to which the RSA-LDAP Adapter is being registered against. Refer to Configure an Authorization Server
- Configure Protected Resources using static and dynamic Database Configuration. Refer to Configure a Protected Resource