The Stormpath Active Directory/LDAP integration uses a lightweight, configurable agent to securely mirror AD or LDAP directories to Stormpath – making it an ideal solution for plugging into your directories into new webapps, securely.
The one-way, outbound-only sync creates zero additional IT risk and the directory server remains the system of truth. You do not need to open any additional ports or configure your firewall for the agent to communicate with Stormpath.
The communication flow is illustrated in the diagram below.
From an application’s point of view, working with Accounts and Groups in a Directory of mirrored LDAP/AD Accounts is the same as working with any other Stormpath object. The sync agent independently manages the integration with the server it’s installed on.
For a more detailed guide, including steps to implement, please refer to our AD/LDAP documentation.