LDAP MFA

Integration process

The integration process consists in the creation of key pools using the LDAP protocol in which you have to add some configuration such as the server URL and the certificate in case you want to enable secure TLS.

There is also the option to modify any previously added field, but whenever you want to add or modify groups of keys using the LDAP protocol, it will make sure that it works correctly by asking for a user and password as an example. In addition, once created, you have the possibility to test with different users in the key group options.

Authentication

Since we have a group of keys via LDAP, we are going to configure it in a login to start the authentication process. Note that the concept of user name on a service is not the same as the one used to authenticate with the LDAP server, in fact, the user’s own email is used to authenticate with the LDAP server.

The authentication process in a service starts like any other service by accessing with the user name previously configured.

In case a key group via LDAP is required in the login, the following warning will appear for you to add the relevant email password.

And finally, if you have configured access with another type of key group as your device, don’t forget to check your Ironchip application to finalise the process and be able to log in to the service.