LDAP + Internal OutSystems authentication within single application

Hi, we have a requirement to go with LDAP authentication for internal company users but not for external users. External users will go with self registration process with OTP and will be authenticated using OutSystems internal authentication.


How can we achieve this OutSystems?

Hi Khurram,

That should be possible. 

Albeit, I've implemented couple of authentication mechanisms but in combination with Internal + SAML 2.0 or Internal + ADFS. In that case it is easier, to use the IdP to configure SAML 2.0 (for your Azure AD) and keep Users authentication method as Internal or AD. As Internal and AD are the part of the Users application authentication mechanism. For other authentication method you may relay on the IdP component.


So, the possible options could be to define an intermediate authentication library and customize your application template to use the AuthLlib logic in the authentication flow, instead of the default actions from the Users module for external users.

--

Swatantra

Hi Khurram Rathor,

The default behavior of the End-Users authentication mechanism already supports that scenario*:

  • Login will first check against the local OutSystems users for a successful login,
  • If it is not successful, and it is configured to use LDAP, it will try it next.

So if you can guarantee that your internal users cannot go through the self-registration process, you should be good to go.

* You can double-check this information yourself by opening the Users module and checking the implementation of the User_Login server action.

Hope this helps!

Thanks Swatantra & Jorge for the replies. I will further check the users module and will post if any help is required.