Also visit [[stoney core: Authentication Resource - REST API]].
= Overview =
= Auth action Action === Auth retrieval Retrieval (GET) ==The following sequence describe describes the authentication and role retrieval:# Look-up the user in the OpenLDAP directory in the ou=people,dc=stoney-cloud,dc=org sub tree (with a configurable LDAP service user):#: filter: <code>(mail=name.surname@example.com)</code>#: scope: <code>one</code># If the user exists, use the retrieved DN and try to bind with it (a working LDIF is described under [[stoney_core:_OpenLDAP_directory_data_organisation#Services People_uid_.28per_person.29 | users credentials]]).#: bind dn: <code>uid=<UID>,ou=servicespeople,dc=stoney-cloud,dc=org</code>#: password: <code>myverysecretpassword</code># If the bind was successful, retrieve further information with the LDAP service user from the leaf uid=<UID>,ou=administrationpeople,dc=stoney-cloud,dc=org]].
An example how to bind with the user credentials, presuming uid=<UID>:
ldapsearch -H ldaps://ldapm.stoney-cloud.org -b "ou=people,dc=stoney-cloud,dc=org" -D "uid=<UID>,ou=people,dc=stoney-cloud,dc=org" -x "(objectclass=*)" -v -W
Information about the configurable LDAP service user:
* Currently, the LDAP service user is cn=Manager,dc=stoney-cloud,dc=org
* Later on, this will be a [[stoney_core:_OpenLDAP_directory_data_organisation#Services | LDAP service user]].
=== Auth Retrieval (GET) Mapping ===
{| border="1" class="wikitable sortable"
! API Attribute
! LDAP Attribute
|-
| id
| uid
|-
| user
| mail
|-
|}
= Links =