LogoLogo
User DocsAPI Docsatfinity.swiss
  • 🚀Atfinity: No-Code Process Automation
  • Guides
    • Getting Started
      • Introduction
      • 1. Create Ontologies and Roles
      • 2. Create Information
      • 3. Create and Configure a Document
      • 4. Create a Rule
      • 5. Create a Process
      • 6. Put Live
      • Summary and Next Steps
    • Advanced Topics
      • Extending a Workflow
      • Customizing Names of Cases and Instances
      • Automatically Calculating Information Values
      • Using Built in Integrations
    • Troubleshooting
      • Why is a question not asked?
      • Why is a question asked?
      • The value of my calculated field has a strange format
      • Why is my Proof never asked for?
      • Why is my Rule not executed?
      • Why are some options missing in a dropdown?
      • Case Errors
    • Glossary
      • Case
      • Process
      • Workflow
      • Ontology
      • Instance
      • Role
      • Information
      • Document
      • Document Section
      • Document Template
      • Rules
      • Scheduled Rules
      • Information Types
      • Tab
      • Category
      • Taxonomy
      • Proof
      • RuLa Functions
      • Constants
  • Rule Language (RuLA)
    • ℹ️What is RuLa?
    • Declarations
      • is
      • is with where
      • is all
      • is all with min max
      • Role Choices
    • Expressions
    • Operators
      • Boolean Operators
        • =
        • !=
        • >
        • >=
        • <
        • <=
        • and
        • and then
        • not
        • or
        • or else
        • matches (~=)
      • Date Operators
        • NOW
        • IS_DATE
        • TODAY
        • FORMAT_DATE
        • DAYS
        • WEEKDAYS
        • ADD_DAYS
        • ADD_WEEKDAYS
        • ADD_MONTH
        • ADD_YEARS
        • SUBTRACT_YEARS
        • AFTER
        • DATE_EQUAL
        • DATETIME_EQUAL
        • AFTER_EQUAL
        • BEFORE
        • BEFORE_EQUAL
        • DAYS_AGO
        • MONTHS_AGO
        • YEARS_AGO
      • Known Operators
        • unknown
        • known
        • SNEAKY
        • AVG_OF_ANY
        • LIST_OF_ANY
        • MAX_OF_ANY
        • MIN_OF_ANY
        • SUM_OF_ANY
        • CONCAT_OF_ANY
        • UNION_OF_ANY
        • JOIN_OF_ANY
      • List Operators
        • [ , ] (create)
        • [] (access)
        • in
        • not in
        • contains
        • contains any
        • contains only
        • COUNT
        • SORT
        • CUSTOM_MAX
        • REVERSE
        • FIRST_ELEMENT
        • ALL
        • SOME
        • UNION (or |)
        • SET_DIFFERENCE
        • INTERSECTION
        • MAP
        • FILTER
        • FILTER_FALSE
        • FILTER_UNKNOWN
        • SET
      • Dictionary Operators
        • {} (create)
        • [] (access)
        • in
        • keys()
        • FLATTEN
      • Mathematical Operators
        • + - / *
        • %
        • **
        • //
        • AVG
        • CEIL
        • FLOOR
        • MAX
        • MIN
        • ROUND
        • SUM
        • SUM_PRODUCT
        • SQRT
      • String Operators
        • LEN
        • LOWER
        • UPPER
        • TRIM
        • TRIM_LEFT
        • LEFT
        • RIGHT
        • SLICE
        • REPLACE
        • REPLACE_CHARS
        • format
        • calculated_name
        • CONCAT
        • markdown_table
        • make_filename
        • JOIN
        • uuid
      • Special Operators
        • :=
        • ensure
        • get_attr
        • get_translated_attr
        • has_attr
        • get_properties
        • instances
        • instances_exist
        • is
        • ontology
        • Translate (.$)
        • translate_string
        • roles
        • self
        • name_and_log (debug)
    • Conditional Expressions
      • case
      • if-then-else
      • switch
    • Comments
    • Information about the case
    • Accessing the outcome instance
    • Information about documents
    • Recipes
  • Document XML (ADX)
    • ℹ️What is ADX?
    • ADX Elements
      • Body
      • Text
      • Image
      • Columns
      • Field
      • Checkbox
      • Table
      • Rect
      • Line
      • Space
      • KeepTogether
      • Template
      • Style
      • Page Number
      • QR Code
      • HR Code
    • Jinja Templating
      • Instances
      • Case Meta Information
      • Custom Translations
      • Functions
      • Jinja filters
    • Font support
  • API
    • ℹ️What is the Atfinity API?
    • Generate API Keys
    • API Documentation
    • Calling your APIs within Cases
    • External Data Sources (e.g. CRM)
  • Deploying
    • Deploying on-site
      • Kubernetes
      • Docker Compose
    • Management commands
    • Security Logging
    • LDAP User Backend
    • Single Sign On
  • Integrations
    • Avaloq
    • Worldcheck
  • Releases
    • Release Notes
      • Version 11.x
      • Version 10.x
      • Version 9.x and earlier
    • Release Schedule
Powered by GitBook
On this page
  • Working principle
  • Configuration
  • Loading Groups and Roles

Was this helpful?

  1. Deploying

LDAP User Backend

PreviousSecurity LoggingNextSingle Sign On

Last updated 3 years ago

Was this helpful?

Atfinity can use your LDAP directory as a user backend. The Atfinity login screen is still used, but username and password are forwarded to your LDAP directory. If you are looking for a single sign on solution, that uses external login screen, please have a look at .

Working principle

If an LDAP directory is set up and when a user tries to login on the atfinity login screen, the username and password is forwarded to your LDAP and the user and certain values like roles and group memberships are copied into atfinity. At each login, these values are refreshed again, meaning that roles and groups will not change as long as a user is logged in (Note that a login is only valid for maximum 24 hours, which can also be configured)

Configuration

To set up LDAP, navigate to Administration -> Integrations -> LDAP Tab and enter the following values according to your setup.

Name

Value

URL

Where can atfinity reach your LDAP User directory?

Base

The base DN for your users, e.g. ou=AADDC Users,dc=atfinity,dc=ch

First Name Attribute

The attribute of the returned object containing the first name (e.g givenName)

Last Name Attribute

The attribute of the returned object containing the last name (e.g. sn)

Initials Attribute

The attribute of the returned object containing the initials, if not given these will be calculated from the first and last name

Admin Role Name

You can specify here a role (returned by the query) that should signify a user is to be made an admin with full rights. Note that users will not become a member of a group with this name.

Loading Groups and Roles

Atfinity will make a second query to load the groups and roles atfinity should assign to a user. For this, the member attribute of a user identified by its distinguishedName. The returned list of groups is compared against the configured groups and roles. If any name matches exactly (case sensitive) to the name of a group or role the user will be assigned to that group and role. All previous users group and roles not in that list will be removed.

Single Sign On
groups and roles