update_ldap_config
Update your organization's LDAP or Active Directory configuration, modifying only the supplied fields. Enable or disable LDAP login without affecting other settings.
Instructions
Update the LDAP / Active Directory configuration for the current organisation.
Only supplied fields are updated — omitted fields are left unchanged. To enable LDAP (ldap_enabled=True), ldap_server_url, ldap_bind_dn, ldap_bind_password, and ldap_search_base must already be set (or provided in the same call). Requires org_admin role.
Search filter examples: OpenLDAP : (uid={username}) Active Directory: (sAMAccountName={username}) Azure AD on-prem: (userPrincipalName={username}@domain.com)
Args: ldap_server_url: LDAP server URL, e.g. ldap://dc.corp.local or ldaps://dc.corp.local. ldap_bind_dn: Service account DN, e.g. cn=svc-vibops,ou=users,dc=corp,dc=local. ldap_bind_password: Service account password (stored Fernet-encrypted). ldap_search_base: Search base DN, e.g. ou=users,dc=corp,dc=local. ldap_search_filter: User search filter with {username} placeholder (default: (uid={username})). ldap_default_role: Role assigned to JIT-provisioned users — member, admin, or viewer. ldap_jit_provisioning: If True, unknown users are auto-provisioned on first login. ldap_enabled: Set True to activate LDAP login, False to disable without clearing config.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| ldap_bind_dn | No | ||
| ldap_enabled | No | ||
| ldap_server_url | No | ||
| ldap_search_base | No | ||
| ldap_default_role | No | ||
| ldap_bind_password | No | ||
| ldap_search_filter | No | ||
| ldap_jit_provisioning | No |