Skip to main content

Resource Server Adapter for LDAP

This section of the FPX User Guide outlines the key items required to enable a gateway relationship between the RSA and an LDAP instance. LDAP is often used by organizations as a central repository for user information and as an authentication service. It can also be used to store the role information for application users.

The RSA-LDAP profile is powered by the RSA-SDK/RSA-core and has been customized and mapped out to protect resources stored in an LDAP instance.

High Level Summary of steps required to configure an RSA-LDAP Adapter

  1. Configure the RSA as a client to an LDAP instance (serving as the real resource server) using static configuration and enable self-hosted authentication at the RSA. Refer to Configure Connection between RSA and LDAP Server
  2. Configure an OAuth Relationship with a Wallet (as a Provider to the Wallet) and select a ROT issuance and creation strategy. Refer to Configure OAuth Relationship with a Wallet
  3. Configure an Authorization Server (as a client to the Authorization Server). Note: The Wallet must be registered as an OAuth Client and Provider to the same Authorization Server to which the RSA-LDAP Adapter is being registered against. Refer to Configure an Authorization Server
  4. Configure Protected Resources using static and dynamic Database Configuration. Refer to Configure a Protected Resource