• Home
• Tools
  • App Studio (Web)
  • FHC (CLI)
  • Eclipse Plugin (IDE)
• Reference
  • Development
    • Fundamentals
      • Client Development
      • Cloud Development
    • SDKs
      • JavaScript SDK
        • Introduction
        • Initialization
        • Calling a cloud side function
      • iOS SDK
        • Introduction
        • Quickstart
        • Initialization
        • Calling a cloud side function
        • Authentication/authorization
      • Android SDK
        • Introduction
        • Quickstart
        • Initialization
        • Calling a cloud side function
        • Authentication/authorization
    • Testing
      • Client
      • Cloud
      • Continuous Integration
    • Tutorials
      • 5 Minute App
        • Using the App Studio
        • Using Git
      • FHC Labs
        • Create an App from Github
        • Building an Android App
        • Building an iOS App
      • App Labs
        • App Anatomy
        • Mapping and Geolocation
        • Mash Hash Cache
        • Multilingual Support
        • Device API Tester
        • Current Date and Time Cache
    • HOWTOs
      • Choose App Libraries
      • Debugging
      • Push Notification
    • Building
      • App Resources
      • Uploading using FHC
      • Android (.apk)
      • iOS (.app)
    • Deploying
      • iOS Deploy
      • Android Deploy
    • Submitting
      • iOS App Store
      • Google Play
    • Data Sync Framework
    • Security Keys Management
  • Account Management
    • User API Keys
      • User API Keys (App Studio)
      • User API Keys (FHC)
  • Administration
    • Users
    • Auth Policies
      • oAuth
        • oAuth - Google
      • FeedHenry
      • LDAP
    • Mobile App Mgmt
      • App Store
      • App Store Items
      • App Store Item Groups
      • App Store Audit Log
      • Devices
  • Mobile App Store
  • Manage Deployment Targets
  • Endpoint Security
  • App Event Notifications
  • Manage Environment Variables
• API
  • Apps
    • Client
      • Android SDK API
      • iOS SDK API
      • Javascript SDK API
        • $fh.init
        • $fh.act
        • $fh.auth
        • $fh.sync
        • $fh.hash
        • $fh.sec
      • Hybrid Client APIs
        • Overview
        • $fh.init
        • $fh.act
        • $fh.auth
        • $fh.sync
        • $fh.acc
        • $fh.audio
        • $fh.cam
        • $fh.contacts
        • $fh.data
        • $fh.env
        • $fh.file
        • $fh.handlers
        • $fh.geoip
        • $fh.geo
        • $fh.log
        • $fh.map
        • $fh.send
        • $fh.notify
        • $fh.ori
        • $fh.push
        • $fh.ready
        • $fh.web
        • $fh.webview
    • Cloud
      • APIs
        • $fh.cache
        • $fh.hash
        • $fh.sec
        • $fh.web
        • $fh.feed
        • $fh.log
        • $fh.parse
        • $fh.stringify
        • $fh.util
        • $fh.push
        • $fh.db
      • Integrations
  • Platform
    • API Keys
    • Administration
      • Users
      • Roles
      • Auth Policies
      • App Store
      • App Store Items
      • Devices
    • Mobile App Store
      • App Store API
      • App Store Items API
      • App Store Audit Log API
    • Deployment Target
    • Endpoint Security API
    • Event Logs API
    • Environment Variables API
• Videos

LDAP Authetication

FeedHenry supports using an LDAP Server for Authenticating Users. This includes both Active Directory and Open LDAP.

Creating an LDAP Auth Policy

From the Auth Policies screen, click 'Create' and select 'LDAP' as the Authentication Type.

Authentication method

The following LDAP Authentication methods are supported in FeedHenry:

• Simple: Simple Bind, where the users DN and password are sent to the LDAP Server. This option is supported out of the box with Active Directory and OpenLDAP.
• SASL: Two types of Simple Authentication and Security Layer are supported, Digest MD5 and CRAM MD5. Consult your LDAP servers documentation for information on the type of SASL it supports.

URL

The URL field is the address of your LDAP server, e.g. ldap://foo.example.com:389. Note that '389' is the standard LDAP port.

DN Prefix

The 'Distinguished Name (dn) prefix' field is the prefix for the full user DN. The format of a Users full DN required for Authentication is typically: <prefix><user>,<dn>, e.g. "uid=fred,ou=people,dc=example,dc=com".
The prefix is typically 'cn' for Active Directory or 'uid' for Open LDAP. Consult with your LDAP Administrator for what this setting should be. Note that this can also be blank, it is not a mandatory setting.

DN

The 'Distinguished Name (dn)' field can be used to provide the full directory path to the user, e.g. the 'ou=people,dc=example,dc=com' in the example above. Again, this can be blank, consult with your LDAP Administrator regarding this setting.

Sample Active Directory Settings

Here are some sample instructions for how to Authenticate Users against your Active Directory (AD) server:

• First, your server needs to be accessible from the FeedHenry Cloud. For private FeedHenry deploys this is usually not an issue as all services will be behind the same firewall. For public FeedHenry cloud, you will either need to set up a VPN for us to access your AD Server, you will need to contact us to discuss this. Alternatively, ensure your AD Server is publicly accessible.

• Next, create an Auth Policy and specify the following values:

  • By default, AD supports the 'Simple' Authentication Method out of the box, so choose 'Simple'as the Authentication Method
  • In the URL field, enter the address of your AD server, e.g. ldap://foo.example.com:389
  • Leave the 'DN Prefix' and 'DN' fields blank. These are not required by default for AD. When a User authenticates, their email address alone is passed on to AD and this is normally sufficient to identify the AD User.