Our requirement is simple. We have a web application that requires users to sign up for a new account in order to use the service.
We would like to offer users to login using their AD or LDAP credentials, provided that an AD/LDAP connector was already installed on the client premises.
Is there any service that does exactly that (providing connectors and a REST interface to programatically verify user credentials), and perform a one time API integration so that users will be presented with a login form on our web application www.mywebapp.com/login, they will then enter their AD/LDAP username and password, which we would verify against their user directory using OneLogin API
I went through the API documentation for OneLogin but i have not see any method for doing that, although i can see at https://www.onelogin.com/active-directory-integration that it is a feature of OneLogin
Best Answer
After users are synchronized to OneLogin (via the Active Directory Connector or the LDAP Connector, for instance), an authentication call over the REST API will tunnel the username/password down to the Directory being synched for validation -- this should satisfy your use case.
For example you can use a function like https://developers.onelogin.com/api-docs/1/users/create-session-login-token, or just make an LDAP query against the LDAP endpoint.