Login
Contents x
Authorization Using LDAP
  • 07 Sep 2022
  • Dark
    Light
  • PDF
Contents

Authorization Using LDAP

  • Updated on 07 Sep 2022
  • Dark
    Light
  • PDF
Article Summary

Authorization

The following diagram illustrates the authorization and authentication flow between IAP and NSO using LDAP.

Figure 1: Authentication and Authorization
02-AuthenticationAuthorization

  1. User groups will be defined manually in IAP. Matching user groups will be added in the LDAP server in the AAA Platform. Customer must have user groups configured on the LDAP server.

  2. LDAP server will authenticate the user.

  3. LDAP server will authorize the user.

  4. Return the groups associated with the user.

  5. User receives the authentication token.

  6. IAP sends a request to NSO with user and token.

    Multi-Tenancy

    The following steps apply when using multi-tenancy:

  7. NSO sends a whoami API request to IAP.

  8. IAP returns the group to NSO.

  9. NSO checks the NACM rules for the user/group to determine what the user can access.

  10. NSO will either accept or reject access.

Note: Multi-tenancy is not required for most implementations.

What's Next
Privacy Policy
Cookie Policy
Terms of Use
EULA
Copyright © 2022 Itential for Developers
Change password!
Changing your password will log you out immediately. Use the new password to log back in.
Change profile
Success!
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.
Logout