Create a LDAP connection

You're viewing Apigee X documentation.
View Apigee Edge documentation.

The LDAP connector lets you configure a generic LDAP server.

Before you begin

Before creating a LDAP Connection, perform the following tasks:

  • In your Google Cloud project:
    • Grant the following roles to the service account that you want to use to create the connection:
      • roles/secretmanager.viewer
      • roles/secretmanager.secretAccessor
    • Enable the following services:
      • apigee.googleapis.com (Apigee API)
      • secretmanager.googleapis.com (Secret Manager API)
      • connectors.googleapis.com (Connector Platform API)

    If these services or permissions have not been enabled for your project previously, you are prompted to enable them when creating the connection in the Create Connection page.

Create a connection

  1. In the Cloud console, go to the Apigee > Connectors page and then select or create a Google Cloud project.

    Go to the Connections page

  2. Click + CREATE NEW to open the Create Connection page.
  3. Configure the connection:
    1. In the Create Connection section, complete the following:
      • Connector: Select LDAP from the drop down list of available Connectors.
      • Connector version: Select the Connector version from the drop down list of available versions.
      • In the Connection Name field, enter a name for the Connection instance.

        Connection names must meet the following criteria:

        • Connection names can use letters, numbers, or hyphens.
        • Letters must be lower-case.
        • Connection names must begin with a letter and end with a letter or number.
        • Connection names cannot exceed 63 characters.
      • Optionally, enter a Description for the connection instance.
      • Service Account: Select a service account that has the required roles.
      • Base DN: The base portion of the distinguished name, used for limiting results to specific subtrees.
      • Auth Mechanism: The authentication mechanism to be used when connecting to the LDAP server.
      • Follow Referrals: Whether or not to follow LDAP referrals returned by the LDAP server.
      • Friendly GUID: Whether to return GUID attribute values in a human readable format.
      • Friendly SID: Whether to return SID attribute values in a human readable format.
      • LDAP Version: The LDAP version used to connect to and communicate with the server.
      • Scope: Whether to limit the scope of the search to the whole subtree (BaseDN and all of its descendants), a single level (BaseDN and its direct descendants), or the base object (BaseDN only).
      • Optionally, click + ADD LABEL to add a label to the Connection in the form of a key/value pair.
      • Click NEXT.
    2. Destinations: Enter details of the remote host (backend system) you want to connect.
      • Destination Type: You can specify the destination details either as a host address or a service attachment. Select any of the following destination types:
        • Host address: If you want to specify the hostname or IP address of the destination.
        • Service attachment: If you want to specify the private endpoint for your internal IP addresses. The service attachment, lets you hide your internal IP addresses from the external network. You can create a service attachment in Google Cloud, by using the Private Service Connect feature. For information on configuring a Private Service Connect, see Publish managed services.

        Based on your selection of destination type, enter the host address or the service attachment name.

      • To enter additional destinations, click +ADD DESTINATION.
      • Click NEXT.
    3. Location: Choose the location for the connection.
      • Select a location where Apigee is available from the Region drop-down list.

        Supported regions for connectors include:

        • asia-east1
        • asia-northeast1
        • asia-south1
        • asia-southeast1
        • australia-southeast1
        • europe-west1
        • europe-west2
        • europe-west3
        • europe-west4
        • europe-west6
        • northamerica-northeast1
        • southamerica-east1
        • us-central1
        • us-east1
        • us-east4
        • us-west1
        • us-west2
      • Click NEXT.
    4. Authentication: Authentication types supported by the LDAP connection:
      • Username and password

      Enter the details based on the authentication you want to use.

      • Username and password
        • Username: Username for connector
        • Password: Secret Manager Secret containing the password associated with the connector.
    5. Click NEXT.
    6. Review: Review your connection and authentication details.
  4. Click Create.

Create a Connectors task

After you create a LDAP connection, it becomes available in Apigee integrations. You can then use the connection to configure the Connectors tasks in your integrations. For more information, see Configure the Connectors task.