issuer: http://127.0.0.1:5556/dex storage: type: sqlite3 config: file: examples/dex.db web: http: 0.0.0.0:5556 connectors: - type: ldap name: OpenLDAP id: ldap config: host: localhost:10389 # No TLS for this setup. insecureNoSSL: true # This would normally be a read-only user. bindDN: cn=admin,dc=example,dc=org bindPW: admin userSearch: baseDN: ou=People,dc=example,dc=org filter: "(objectClass=person)" username: mail # "DN" (case sensitive) is a special attribute name. It indicates that # this value should be taken from the entity's DN not an attribute on # the entity. idAttr: DN emailAttr: mail nameAttr: cn groupSearch: baseDN: ou=Groups,dc=example,dc=org filter: "(objectClass=groupOfNames)" # A user is a member of a group when their DN matches # the value of a "member" attribute on the group entity. userAttr: DN groupAttr: member # The group name should be the "cn" value. nameAttr: cn staticClients: - id: example-app redirectURIs: - 'http://127.0.0.1:5555/callback' name: 'Example App' secret: ZXhhbXBsZS1hcHAtc2VjcmV0