Django Auth Ldap

Django authentication backend that authenticates against an LDAP service.
Alternatives To Django Auth Ldap
Project NameStarsDownloadsRepos Using ThisPackages Using ThisMost Recent CommitTotal ReleasesLatest ReleaseOpen IssuesLicenseLanguage
Authelia16,52113 hours ago34September 19, 202298apache-2.0Go
The Single Sign-On Multi-Factor portal for web apps
Errbit4,213158102 months ago7February 26, 201665mitRuby
The open source error catcher that's Airbrake API compliant
4 days ago47gpl-3.0Rust
Light LDAP implementation
Pac4j2,2671461296 days ago96September 08, 2022apache-2.0Java
Security engine for Java (authentication, authorization, multi frameworks): OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...
Glauth1,92932 months ago20February 28, 202263mitGo
A lightweight LDAP server for development, home use, or CI
Kanidm1,48738 hours ago9May 01, 2022117mpl-2.0Rust
Kanidm: A simple, secure and fast identity management platform
Adldap2 Laravel9109916a month ago96November 12, 2020107mitPHP
LDAP Authentication & Management for Laravel
Caddy Security789
2 months ago36June 20, 202295apache-2.0Go
🔐 Authentication, Authorization, and Accounting (AAA) App and Plugin for Caddy v2. 💎 Implements Form-Based, Basic, Local, LDAP, OpenID Connect, OAuth 2.0 (Github, Google, Facebook, Okta, etc.), SAML Authentication. MFA/2FA with App Authenticators and Yubico. 💎 Authorization with JWT/PASETO tokens. 🔐
14 hours ago7apache-2.0Java
MaxKey SSO ,Leading-Edge IAM-IDaas(Identity and Access Management) Product.
8 years agoapache-2.0PHP
Authentication layer for a YaCy webclient
Alternatives To Django Auth Ldap
Select To Compare

Alternative Project Comparisons

Django Authentication Using LDAP

This is a Django authentication backend that authenticates against an LDAP service. Configuration can be as simple as a single distinguished name template, but there are many rich configuration options for working with users, groups, and permissions.


Install the package with pip:

$ pip install django-auth-ldap

It requires python-ldap >= 3.1. You'll need the OpenLDAP libraries and headers available on your system.

To use the auth backend in a Django project, add 'django_auth_ldap.backend.LDAPBackend' to AUTHENTICATION_BACKENDS. Do not add anything to INSTALLED_APPS.


LDAPBackend should work with custom user models, but it does assume that a database is present.


LDAPBackend does not inherit from ModelBackend. It is possible to use LDAPBackend exclusively by configuring it to draw group membership from the LDAP server. However, if you would like to assign permissions to individual users or add users to groups within Django, you'll need to have both backends installed:


Example Configuration

Here is a complete example configuration from that exercises nearly all of the features. In this example, we're authenticating against a global pool of users in the directory, but we have a special area set aside for Django groups (ou=django,ou=groups,dc=example,dc=com). Remember that most of this is optional if you just need simple authentication. Some default settings and arguments are included for completeness.

import ldap
from django_auth_ldap.config import LDAPSearch, GroupOfNamesType

# Baseline configuration.

AUTH_LDAP_BIND_DN = 'cn=django-agent,dc=example,dc=com'
# Or:
# AUTH_LDAP_USER_DN_TEMPLATE = 'uid=%(user)s,ou=users,dc=example,dc=com'

# Set up the basic group parameters.
AUTH_LDAP_GROUP_TYPE = GroupOfNamesType(name_attr='cn')

# Simple group restrictions
AUTH_LDAP_REQUIRE_GROUP = 'cn=enabled,ou=django,ou=groups,dc=example,dc=com'
AUTH_LDAP_DENY_GROUP = 'cn=disabled,ou=django,ou=groups,dc=example,dc=com'

# Populate the Django user from the LDAP directory.
    'first_name': 'givenName',
    'last_name': 'sn',
    'email': 'mail',

    'is_active': 'cn=active,ou=django,ou=groups,dc=example,dc=com',
    'is_staff': 'cn=staff,ou=django,ou=groups,dc=example,dc=com',
    'is_superuser': 'cn=superuser,ou=django,ou=groups,dc=example,dc=com',

# This is the default, but I like to be explicit.

# Use LDAP group membership to calculate group permissions.

# Cache distinguished names and group memberships for an hour to minimize
# LDAP traffic.

# Keep ModelBackend around for per-user permissions and maybe a local
# superuser.


If you'd like to contribute, the best approach is to send a well-formed pull request, complete with tests and documentation. Pull requests should be focused: trying to do more than one thing in a single request will make it more difficult to process.

If you have a bug or feature request you can try logging an issue.

There's no harm in creating an issue and then submitting a pull request to resolve it. This can be a good way to start a conversation and can serve as an anchor point.

Popular Ldap Projects
Popular Authentication Projects
Popular Networking Categories

Get A Weekly Email With Trending Projects For These Categories
No Spam. Unsubscribe easily at any time.