Enabling Synchronization of LDAP Groups for SAML SSO

JFrog Platform Administration Documentation

Content Type
Administration / Platform
ft:sourceType
Paligo

Starting with Artifactory version 7.98, the deprecated user plugin synchronizeLdapGroups will no longer be used for SAML SSO user login. As an alternative, the functionality of the plugin has been implemented as part of the SAML SSO provider in Access.

Follow these steps to enable synchronize LDAP group for SAML SSO.

  1. In the Access YAML Configuration, set the synchronize-ldap-groups key to true.Access YAML Configuration

    security:
      authentication:
            saml:
              synchronize-ldap-groups: true
    
  2. You can use the Update SAML Settings API to update the SAML SSO provider and configure the relevant LDAP group settings, as in the following example.

    Sample Usage

    PUT access/api/v1/saml/{setting_name}
    {
      "name" : "okta",
      "ldap_group_settings" : [ "group1", "group2" ]
    }