About LDAP

This topic explains what Lightweight Directory Access Protocol (LDAP) is and how it's used in TheHive.

What's LDAP

Lightweight Directory Access Protocol (LDAP) is a standard protocol used to access and manage directory information services over a network. It's commonly used for centralized authentication and user management.

Active Directory (AD) is Microsoft’s implementation of directory services. It uses LDAP as one of its core protocols, providing a comprehensive solution for identity and access management in Windows environments.

Benefits of using an LDAP server

Using an LDAP server:

• Enables centralized and scalable user authentication and authorization
• Simplifies user management by syncing accounts and permissions from a single source
• Supports integration with existing directory services like Microsoft Active Directory (AD)

LDAP server usage in TheHive

Configure an LDAP server in TheHive to enable:

• Automatic user account creation, deletion, and updates synchronized from LDAP
• Assignment of user accounts to organizations and permission profiles

Configure an LDAP authentication provider or an AD authentication provider to enable user authentication based on their LDAP credentials.

Permissions

Required permissions

Only users with an admin-type profile that has the managePlatform permission can configure an LDAP server in TheHive.

Next steps

• Configure an LDAP server
• Configure an LDAP authentication provider
• Configure an AD authentication provider