Authentication
Yeedu supports two types of authentication: Azure AD and LDAP.
1. Azure AD
To set up Yeedu with Azure AD, ensure that the Service Principal Name (SPN) has the necessary permissions to read users and groups from your organization's Active Directory.
To add a user to Yeedu, we first add the user to the AD group and once added, user can login to Yeedu. Once the user logs in, Admin will add that user to a tenant based on their usecase requirements.
The above screenshot shows a sample AD group G_Yeedu.
To grant a user access to Yeedu, add the user to the AD group. Once added, the user can log in to Yeedu. Administrators can then assign the user to a tenant based on their specific requirements. To add users to Yeedu, click on the Add Members button and add the respective user to the AD Group. Yeedu automatically gets the new user data and the new user can now login to Yeedu using their Azure credentials.
Below are the variables required to configure Azure AD in Yeedu's connection properties file:
| Variable | Description | Required |
|---|---|---|
| YEEDU_AUTH_AZURE_AAD_CLIENT_ID | Client ID for Azure Active Directory (AAD) authentication | Yes |
| YEEDU_AUTH_AZURE_AAD_TENANT_ID | Tenant ID for Azure Active Directory (AAD) authentication | Yes |
| YEEDU_AUTH_AZURE_AAD_CLIENT_SECRET | Client secret for Azure Active Directory (AAD) authentication | Yes |
| YEEDU_AUTH_AZURE_AAD_ALLOWED_DOMAIN | Allowed domain for Azure Active Directory (AAD) authentication | Yes |
2. LDAP
Below are the variables required to configure LDAP in Yeedu's connection properties file. Based on your organziations LDAP tree structure, provide the BASE_DN and BIND_DN.
| Variable | Description | Default Value | Required |
|---|---|---|---|
| YEEDU_AUTH_LDAP_ORGANISATION | LDAP organization name | yeedu | Yes |
| YEEDU_AUTH_LDAP_DOMAIN | LDAP domain | yeedu.com | Yes |
| YEEDU_AUTH_LDAP_ADMIN_PASSWORD | Password for LDAP administrator | Ndbk5Lgb | Yes |
| YEEDU_AUTH_LDAP_HOSTNAME | Hostname or IP address of the LDAP server | Endpoint URL of LDAP | Yes |
| YEEDU_AUTH_LDAP_PORT | Port number for LDAP server | 389 | No |
| YEEDU_AUTH_LDAP_BASE_DN | Base DN for LDAP | dc=yeedu,dc=com | Yes |
| YEEDU_AUTH_LDAP_BIND_DN | Bind DN for LDAP | cn=admin,dc=yeedu,dc=com | Yes |
| YEEDU_AUTH_LDAP_BIND_PASSWORD | Password for LDAP bind user | Ndbk5Lgb | Yes |
| YEEDU_AUTH_LDAP_SSL_ENABLED | Enable SSL encryption for LDAP connection | false | No |