LDAP Auth Backend¶
Authentication¶
Generic authentication with an LDAP username and password:
client.auth_ldap('MY_USERNAME', 'MY_PASSWORD')
client.auth_userpass('MY_USERNAME', 'MY_PASSWORD')
Using a custom mount_point:
# For a LDAP backend mounted under a non-default (ldap) path.
# E.g., via Vault CLI with `vault auth enable -path=prod-ldap ldap`
from getpass import getpass
import hvac
service_account_username = 'someuser'
password_prompt = 'Please enter your password for the LDAP authentication backend: '
service_account_password = getpass(prompt=password_prompt)
client = hvac.Client()
# Here the mount_point parameter corresponds to the path provided when enabling the backend
client.auth_ldap(
username=service_account_username,
password=service_account_password,
mount_point='prod-ldap'
)
print(client.is_authenticated) # => True