OpenOTP LDAP Bridge

OpenOTP LDAP Bridge

Protect your virtual private networks

OpenOTP LDAP Bridge (LDProxy) provides user authentication with OTP over the standard LDAP protocol.

With LDAP Bridge you can also integrate a large variety of third-party products and systems with multi-factor authentication, even if these products only support LDAP as authentication back-end. To achieve this, LDProxy acts as an LDAP proxy for your applications and intercepts user binds (LDAP authentication) operations.

How it works?

OpenOTP LDAP Bridge

VPN-graphic
The main use-case of LDProxy is also accommodating Enterprise applications that only support LDAP as external authentication mechanism. LDProxy includes configurations to distinguish which authentication requests are delegated to the OpenOTP server and which are forwarded to the LDAP back-end. It is able to proxy standard LDAP requests in order to keep your applications use the LDAP back-end, as usual. LDProxy is also deployed between the applications and the LDAP back-end.

LDAP Bridge supports single-factor authentication with password-only or OTP-only too. The OpenOTP authentication policies are very flexible and can be configured on a per-client basis in WebADM. Moreover, the client policies can be contextual to the nework of the users accessing your systems. This flexibility also provides support for integrations where the first factor is handled by your AD servers and the second factor (the OTP) is handled by your OpenOTP server.

LDAP Bridge provides the LDAP interface on top of OpenOTP server. And it is included in your OpenOTP license at no extra charge.
The LDAP standard is supported by all major Enterprise products on the market from HP, IBM, Oracle, BMC…
The RADIUS standard is supported by all major security products on the market. You can also implement OpenOTP authentication methods for:
LDAP integrations support most OpenOTP features
100% compatible with LDAP client applications
Robust implementation built with OpenLDAP
Distinguishes system accounts and user accounts (OTP)
LDAP+OTP is supported with password concatenation
Transparently proxies LDAP requests to the LDAP back-end
Authentication policies per client application or group of users
Bridges all the OpenOTP functionalities (Tokens, Yubikey, SMSOTP, MailOTP…)
Standalone service with no additional OpenOTP configuration required
High performances with hundreds of requests per second
Cluster support with multiple bridges for HA
See how simple it is to use OpenOTP LDAP Bridge:

Authentication methods

LDAP Bridge provides Two-Factor authentication with most OpenOTP One-Time Password methods:

To request an online demo, you only have to create your account or contact us.

Online Demos are available for free to let you try RCDevs multi-factor in 5 minutes and authenticate with your mobile or Yubikey.