Create New LDAP Server - POST /LDAPServers

Owned by David P (Deactivated)
Last updated: Aug 02, 2020 by Ori Bendet
2 min read



Create a new LDAP Server.

The ‘Manage Authentication Providers’ permission is required to execute this API.

Usage:

  1. POST /LDAPServers and create a new LDAP Server
  2. POST /LDAPServers/TestConnection and test LDAP Server connection

URL

/cxrestapi/auth/LDAPServers

Method:

POST

Media Type (header):

Authorization: Bearer <access token value>
Content-Type: application/json;v=1.0

Parameters

createLdapServerModel=[body]: Specifies the LDAP Server details
password=[string] - Password of the binding user
active=[boolean] - Whether this LDAP Server setting is active (true/false)
name=[string] - Ldap Server display name in Checkmarx (Open LDAP)
host=[string] - LDAP Server host
port=[integer] - LDAP Server Port
username=[string] - Username of the binding user (cn=admin,dc=example,dc=com)
useSsl=[boolean] - Whether to use SSL when connecting to this LDAP Server (false/true)
verifySslCertificate=[boolean] - Whether to verify SSL certificate (false/true)
baseDn=[string] - LDAP Server base DN (ou=testing,dc=example,dc=com)
additionalUserDn=[string] - Additional user DN (ou=people). This will limits users search to specified DN.
userObjectFilter=[string] - User object filter (objectclass=inetorgperson)
userObjectClass=[string] - User object class (inetorgperson)
usernameAttribute=[string] - User name attribute (uid)
firstNameAttribute=[string - First name attribute (givenName)
lastNameAttribute=[string] - Last name attribute (sn)
emailAttribute=[string] - Email attribute (mail)
ldapDirectoryType=[string] - Directory type. Possible values are CustomLDAPServer, ActiveDirectory, OpenLDAP.
ssoEnabled=[boolean] - Whether SSO is enabled for this LDAP Server (true/false)
synchronizationEnabled=[boolean] - Whether synchronization is enabled for this LDAP Server (false/true)

defaultTeamEnabled=[boolean] – Whether to enable default team(false/true)

defaultRoleEnabled=[boolean] – Whether to enable default role(false/true)
defaultTeamId=[integer] - Default team Id
defaultRoleId=[integer] - Default role Id
updateTeamAndRoleUponLoginEnabled=[boolean] - Whether to update user’s role and team upon login (true/false)
periodicalSynchronizationEnabled=[boolean] - Whether to enable periodical synchronization (true/false)
advancedTeamAndRoleMappingEnabled=[boolean] - Whether to enable advanced team and role mapping (false/true)
additionalGroupDn=[string] - Additional group DN (ou=groups). This will limit groups search to specified DN.
groupObjectClass=[string] - Group object class (groupOfUniqueNames)
groupObjectFilter=[string] - Group object filter (objectClass=groupOfUniqueNames)
groupNameAttribute=[string] - Group name attribute (cn)
groupMembersAttribute=[string] - Group members attribute (uniqueMember)
userMembershipAttribute=[string] - User membership attribute (memberOf)

Success Response:

Code: 201 Success

Error Response:

Code: 400 Bad Request
Code: 401 Unauthorized
Code: 403 Forbidden

Sample Response:

no content

Notes:

Returns the location of the created LDAP Server in the response header. Once the request is successful, it does not return any additional content. If the request fails, it returns an error response.


In this section

Test LDAP Server

Get User Entries by Search Criteria

Get Group Entries by Search Criteria

Get All LDAP Servers

Get LDAP Server by Id

Update LDAP Server

Delete LDAP Server


Related content

Using the Access Control (REST) API


Send Documentation Feedback - If you have comments about this documentation, you can contact the documentation team by sending your feedback to usWe appreciate your feedback!