Configuring OpenLDAP in WSO2 Identity Server 5.11.0

WSO2 Identity Server (IS) is a leading API driven, open-source Customer Identity and Access Management (CIAM) product that is easy to use and very versatile in its offering. You can right away start using it for development if you download the product from WSO2 website.

In this brief post, I’m going to show the configuration entries needed to configure OpenLDAP, which is an open source LDAP server, as the primary user store in the WSO2 IS.

WSO2 Identity Server architecture is such that you can configure a single primary user store and multiple secondary user stores in the server. Primary user store is shared among all the tenants within the product. Product supports couple of types of user stores; JDBC User Store (a database will be the user store), Read Write LDAP user store (An LDAP that can be read and written), Read-Only LDAP user store (An LDAP that can only be read from the server) and Active Directory User Store (A specialized LDAP user store for Microsoft Active Directory).

Latest version of the WSO2 products, including WSO2 Identity Server (which is 5.11.0 as of this writing) use a simplified configuration named deployment.toml to configure the product. It’s the only file that an administrator needs to worry about configuring the product. Previously, the configurations had to be done on multiple…