Active Directory Connector

vbrissat · April 8, 2019, 9:36am

Hello,

I don’t know if it is the good place, but thank you in advance for your help.

I just have a question about login process with the AD Connector : i read in the doc (Connect Your App to Active Directory using LDAP) that the connector is a bridge.

So there is a sync between AD accounts and Auth0 accounts, but where are passwords stocked ?

I just think that bridge means that when a user authenticate, Auth0 send the password via the connector, and the verification step is done by AD ?

Thank you in advance for your help,

Best reguard

jmangelo · April 8, 2019, 10:08am

Your interpretation is correct that for a first login the password will be sent to the connector and the connector will validate it against the underlying AD.

However, if caching is enabled (AD/LDAP Connector) which it is by default, then a hash of the password may be stored in the Auth0 service itself in order to handle situations where the connector is down.

You can disable the cache in the connection settings if you do not want to have the above behavior.

vbrissat · April 8, 2019, 10:51am

Thank you, that was my thought