sources_ldap_create

POST 
/api/v3//sources/ldap/

LDAP Source Viewset

Request

application/json

Bodyrequired

namestringrequired
Source's display Name.
Possible values: non-empty
slugstringrequired
Internal source name, used in URLs.
Possible values: non-empty and <= 50 characters, Value must match regular expression ^[-a-zA-Z0-9_]+$
enabledboolean
authentication_flowuuidnullable
Flow to use when authenticating existing users.
enrollment_flowuuidnullable
Flow to use when enrolling new users.
user_property_mappingsuuid[]
group_property_mappingsuuid[]
policy_engine_modePolicyEngineMode (string)
Possible values: [all, any]
user_matching_modeUserMatchingModeEnum (string)
How the source determines if an existing user should be authenticated or a new user enrolled.
Possible values: [identifier, email_link, email_deny, username_link, username_deny]
user_path_templatestring
Possible values: non-empty
server_uriurirequired
Possible values: non-empty
peer_certificateuuidnullable
Optionally verify the LDAP Server's Certificate against the CA Chain in this keypair.
client_certificateuuidnullable
Client certificate to authenticate against the LDAP Server's Certificate.
bind_cnstring
bind_passwordstring
start_tlsEnable Start TLS (boolean)
sniUse Server URI for SNI verification (boolean)
base_dnstringrequired
Possible values: non-empty
additional_user_dnAddition User DN (string)
Prepended to Base DN for User-queries.
additional_group_dnAddition Group DN (string)
Prepended to Base DN for Group-queries.
user_object_filterstring
Consider Objects matching this filter to be Users.
Possible values: non-empty
group_object_filterstring
Consider Objects matching this filter to be Groups.
Possible values: non-empty
group_membership_fieldstring
Field which contains members of a group.
Possible values: non-empty
object_uniqueness_fieldstring
Field which contains a unique Identifier.
Possible values: non-empty
password_login_update_internal_passwordboolean
Update internal authentik password when login succeeds with LDAP
sync_usersboolean
sync_users_passwordboolean
When a user changes their password, sync it back to LDAP. This can only be enabled on a single LDAP source.
sync_groupsboolean
sync_parent_groupuuidnullable

Responses

201

application/json

Schema

Schema

pkuuidrequired
namestringrequired
Source's display Name.
slugstringrequired
Internal source name, used in URLs.
Possible values: <= 50 characters, Value must match regular expression ^[-a-zA-Z0-9_]+$
enabledboolean
authentication_flowuuidnullable
Flow to use when authenticating existing users.
enrollment_flowuuidnullable
Flow to use when enrolling new users.
user_property_mappingsuuid[]
group_property_mappingsuuid[]
componentstringrequired
Get object component so that we know how to edit the object
verbose_namestringrequired
Return object's verbose_name
verbose_name_pluralstringrequired
Return object's plural verbose_name
meta_model_namestringrequired
Return internal model name
policy_engine_modePolicyEngineMode (string)
Possible values: [all, any]
user_matching_modeUserMatchingModeEnum (string)
How the source determines if an existing user should be authenticated or a new user enrolled.
Possible values: [identifier, email_link, email_deny, username_link, username_deny]
managedManaged by authentik (string)nullablerequired
Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.
user_path_templatestring
iconstringrequired
server_uriurirequired
peer_certificateuuidnullable
Optionally verify the LDAP Server's Certificate against the CA Chain in this keypair.
client_certificateuuidnullable
Client certificate to authenticate against the LDAP Server's Certificate.
bind_cnstring
start_tlsEnable Start TLS (boolean)
sniUse Server URI for SNI verification (boolean)
base_dnstringrequired
additional_user_dnAddition User DN (string)
Prepended to Base DN for User-queries.
additional_group_dnAddition Group DN (string)
Prepended to Base DN for Group-queries.
user_object_filterstring
Consider Objects matching this filter to be Users.
group_object_filterstring
Consider Objects matching this filter to be Groups.
group_membership_fieldstring
Field which contains members of a group.
object_uniqueness_fieldstring
Field which contains a unique Identifier.
password_login_update_internal_passwordboolean
Update internal authentik password when login succeeds with LDAP
sync_usersboolean
sync_users_passwordboolean
When a user changes their password, sync it back to LDAP. This can only be enabled on a single LDAP source.
sync_groupsboolean
sync_parent_groupuuidnullable
connectivity objectnullablerequired
Get cached source connectivity
property name* object
property name*string

Example (auto)

{
  "pk": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
  "name": "string",
  "slug": "string",
  "enabled": true,
  "authentication_flow": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
  "enrollment_flow": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
  "user_property_mappings": [
    "3fa85f64-5717-4562-b3fc-2c963f66afa6"
  ],
  "group_property_mappings": [
    "3fa85f64-5717-4562-b3fc-2c963f66afa6"
  ],
  "component": "string",
  "verbose_name": "string",
  "verbose_name_plural": "string",
  "meta_model_name": "string",
  "policy_engine_mode": "all",
  "user_matching_mode": "identifier",
  "managed": "string",
  "user_path_template": "string",
  "icon": "string",
  "server_uri": "string",
  "peer_certificate": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
  "client_certificate": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
  "bind_cn": "string",
  "start_tls": true,
  "sni": true,
  "base_dn": "string",
  "additional_user_dn": "string",
  "additional_group_dn": "string",
  "user_object_filter": "string",
  "group_object_filter": "string",
  "group_membership_field": "string",
  "object_uniqueness_field": "string",
  "password_login_update_internal_password": true,
  "sync_users": true,
  "sync_users_password": true,
  "sync_groups": true,
  "sync_parent_group": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
  "connectivity": {}
}

400

application/json

Schema

Schema

non_field_errorsstring[]

codestring

property name*any

Validation Error

Example (auto)

{
  "non_field_errors": [
    "string"
  ],
  "code": "string"
}

403

application/json

Schema

Schema

detailstringrequired
codestring

Example (auto)

{
  "detail": "string",
  "code": "string"
}

Authorization: http

name: authentiktype: httpscheme: bearer

• csharp
• curl
• dart
• go
• http
• java
• javascript
• kotlin
• c
• nodejs
• objective-c
• ocaml
• php
• powershell
• python
• r
• ruby
• rust
• shell
• swift

• HTTPCLIENT
• RESTSHARP

var client = new HttpClient();
var request = new HttpRequestMessage(HttpMethod.Post, "/api/v3/sources/ldap/");
request.Headers.Add("Accept", "application/json");
request.Headers.Add("Authorization", "Bearer <token>");
var content = new StringContent("{\n  \"name\": \"string\",\n  \"slug\": \"string\",\n  \"enabled\": true,\n  \"authentication_flow\": \"3fa85f64-5717-4562-b3fc-2c963f66afa6\",\n  \"enrollment_flow\": \"3fa85f64-5717-4562-b3fc-2c963f66afa6\",\n  \"user_property_mappings\": [\n    \"3fa85f64-5717-4562-b3fc-2c963f66afa6\"\n  ],\n  \"group_property_mappings\": [\n    \"3fa85f64-5717-4562-b3fc-2c963f66afa6\"\n  ],\n  \"policy_engine_mode\": \"all\",\n  \"user_matching_mode\": \"identifier\",\n  \"user_path_template\": \"string\",\n  \"server_uri\": \"string\",\n  \"peer_certificate\": \"3fa85f64-5717-4562-b3fc-2c963f66afa6\",\n  \"client_certificate\": \"3fa85f64-5717-4562-b3fc-2c963f66afa6\",\n  \"bind_cn\": \"string\",\n  \"bind_password\": \"string\",\n  \"start_tls\": true,\n  \"sni\": true,\n  \"base_dn\": \"string\",\n  \"additional_user_dn\": \"string\",\n  \"additional_group_dn\": \"string\",\n  \"user_object_filter\": \"string\",\n  \"group_object_filter\": \"string\",\n  \"group_membership_field\": \"string\",\n  \"object_uniqueness_field\": \"string\",\n  \"password_login_update_internal_password\": true,\n  \"sync_users\": true,\n  \"sync_users_password\": true,\n  \"sync_groups\": true,\n  \"sync_parent_group\": \"3fa85f64-5717-4562-b3fc-2c963f66afa6\"\n}", null, "application/json");
request.Content = content;
var response = await client.SendAsync(request);
response.EnsureSuccessStatusCode();
Console.WriteLine(await response.Content.ReadAsStringAsync());

Request Collapse all

Base URL

/api/v3

Auth

Bearer Token

Body required

{
  "name": "string",
  "slug": "string",
  "enabled": true,
  "authentication_flow": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
  "enrollment_flow": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
  "user_property_mappings": [
    "3fa85f64-5717-4562-b3fc-2c963f66afa6"
  ],
  "group_property_mappings": [
    "3fa85f64-5717-4562-b3fc-2c963f66afa6"
  ],
  "policy_engine_mode": "all",
  "user_matching_mode": "identifier",
  "user_path_template": "string",
  "server_uri": "string",
  "peer_certificate": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
  "client_certificate": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
  "bind_cn": "string",
  "bind_password": "string",
  "start_tls": true,
  "sni": true,
  "base_dn": "string",
  "additional_user_dn": "string",
  "additional_group_dn": "string",
  "user_object_filter": "string",
  "group_object_filter": "string",
  "group_membership_field": "string",
  "object_uniqueness_field": "string",
  "password_login_update_internal_password": true,
  "sync_users": true,
  "sync_users_password": true,
  "sync_groups": true,
  "sync_parent_group": "3fa85f64-5717-4562-b3fc-2c963f66afa6"
}