- API >
- API Resources >
- LDAP Configuration >
- Get Current LDAP Configuration
Get Current LDAP Configuration¶
On this page
Gets the current LDAP over SSL configuration details for a Atlas group.
Note
Groups and projects are synonymous terms. Your {GROUP-ID} is the
same as your project id. For existing groups, your group/project id
remains the same. This page uses the more familiar term group. The
endpoints are as stated on the page.
Base URL: https://cloud.mongodb.com/api/atlas/v1.0
Syntax¶
Request Path Parameters¶
| Parameter | Required/Optional | Description |
|---|---|---|
GROUP-ID |
Required | Identifier for the Atlas group associated with the LDAP over SSL configuration. |
Request Query Parameters¶
This endpoint may use any of the HTTP request query parameters available to all Atlas API resources. These are all optional.
| Name | Type | Description | Default |
|---|---|---|---|
pageNum |
integer | Page number (1-based). | 1 |
itemsPerPage |
integer | Maximum number of items to return, up to a maximum of 100. | 100 |
pretty |
boolean | Display response in a prettyprint format. | false |
Request Body Parameters¶
This endpoint does not use HTTP request body parameters.
Response Elements¶
| Name | Type | Description |
|---|---|---|
ldap |
document | Specifies the LDAP over SSL configuration details for an Atlas group. |
ldap.authenticationEnabled |
boolean | Specifies whether user authentication with LDAP is enabled. |
ldap.authorizationEnabled |
boolean | Specifies whether user authorization with LDAP is enabled. You cannot enable user authorization with LDAP without first enabling user authentication with LDAP. |
ldap.hostname |
string | The hostname or IP address of the LDAP server. The server must be visible to the internet or connected to your Atlas cluster with VPC Peering. |
ldap.port |
integer | The port to which the LDAP server listens for client connections. |
ldap.bindUsername |
string | The user DN that Atlas uses to connect to the LDAP server.
Must be the full DN, such as CN=BindUser,CN=Users,DC=myldapserver,DC=mycompany,DC=com. |
ldap.userToDNMapping |
document array | The user to Distinguished Name (DN) mapping used to transform an LDAP username into an LDAP Distinguished Name. |
ldap.userToDNMapping[i].match |
string | The regular expression used to match against the provided LDAP
username. Each parenthesis-enclosed section represents a
regular expression capture group
used by the substitution or ldapQuery template. |
ldap.userToDNMapping[i].substitution |
string | The LDAP Distinguished Name (DN) formatting template that converts
the LDAP username matched by the match regular
expression into an LDAP Distinguished Name. |
ldap.userToDNMapping[i].ldapQuery |
string | The LDAP query formatting template that inserts the LDAP
username matched by the match regular expression into an LDAP
query URI as specified by RFC 4515
and RFC 4516. |
caCertificate |
object | CA certificate used to verify the identify of the LDAP server. Self-signed certificates are allowed. |
authzQueryTemplate |
string | The LDAP query template that Atlas executes to obtain the LDAP
groups to which the authenticated user belongs. Used only for user authorization.
Use the {USER} placeholder in the URL to substitute the authenticated
username. The query is relative to the host specified with hostname.
The formatting for the query must conform to RFC4515
and RFC 4516. If you
do not provide a query template, Atlas attempts to use the
default value: {USER}?memberOf?base. |
Example Request¶
The following example returns the current LDAP over SSL configuration for the specified Atlas group:
Example Response¶
The following example shows the JSON document returned: