Enterprise
LDAP Authentication

Enterprise users who host their own private Convox Console can take advantage of LDAP authentication and access. For more information on the Enterprise plan, see here.

SSO access through LDAP can be enabled by simply setting three or four environment variables on your Console app.

$ convox env set -a console AUTHENTICATION=ldap
$ convox env set -a console LDAP_ADDR=auth.example.org:636
$ convox env set -a console LDAP_BIND=uid=%s,dc=example,dc=org

AUTHENTICATION set to ldap
LDAP_ADDR set to your LDAP server address.
LDAP_BIND to a full bind string where %s will be substituted for the user’s email address.

If your LDAP server does not have a valid certificate issued by a known CA, you can disable certificate validation:

$ convox env set -a console LDAP_VERIFY=no

Once configured, promote the environment changes

$ convox releases promote -a console --wait

To disable LDAP SSO access, change the AUTHENTICATION environment variable back to it’s previous value or simply remove the value, as appropriate.

Introduction

Application Setup

Development

Deployment

Management

Use Cases

Console

Enterprise

Example Apps

Reference

External Services

Migration Guides

Generation 1

Help

Enterprise LDAP Authentication

Enterprise
LDAP Authentication