You can make requests dynamic by interpolating attribute values into different parameters. See Attribute interpolation.


Specify the following settings to configure an LDAP service. A publicly available LDAP service is used as an example.

Host and Port

The host name and port number of the LDAP server. For example:

Port: 389

Username / Bind DN and Password

The user or bind credentials for the LDAP server. For example:

Bind DN: cn=read-only-admin,dc=example,dc=com
Password: password


If the LDAP server is secured using SSL, enable this setting.

Enabling this setting populates the Certificate Validation section, which is useful when configuring TLS and M-TLS certificates. For more information, see Certificate validation.

Search Base DN / LDAP filter

These settings define the LDAP query. For example:

Search Base DN: dc=example,dc=com
LDAP Filter: ou=mathematicians


Because the server converts the result of an LDAP query to an XML document, you must set the service value type to XML. The previous example query results in the following document.

    <attr name="ou">mathematicians</attr>
    <attr name="objectClass">groupOfUniqueNames</attr>
    <attr name="objectClass">top</attr>
    <attr name="uniqueMember">uid=euclid,dc=example,dc=com</attr>
    <attr name="uniqueMember">uid=riemann,dc=example,dc=com</attr>
    <attr name="uniqueMember">uid=euler,dc=example,dc=com</attr>
    <attr name="uniqueMember">uid=gauss,dc=example,dc=com</attr>
    <attr name="uniqueMember">uid=test,dc=example,dc=com</attr>
    <attr name="cn">Mathematicians</attr>

You can extract Individual parts or collections of the data from the resulting XML document by using XPath processors.