authentik/blueprints/system/sources-ldap.yaml

version: 1
metadata:
  labels:
    blueprints.goauthentik.io/system: "true"
  name: System - LDAP Source - Mappings
entries:
  - identifiers:
      managed: goauthentik.io/sources/ldap/default-name
    model: authentik_sources_ldap.ldappropertymapping
    attrs:
      name: "authentik default LDAP Mapping: Name"
      object_field: "name"
      expression: |
        return ldap.get('name')
  - identifiers:
      managed: goauthentik.io/sources/ldap/default-mail
    model: authentik_sources_ldap.ldappropertymapping
    attrs:
      name: "authentik default LDAP Mapping: mail"
      object_field: "email"
      expression: |
        return ldap.get('mail')
  # ActiveDirectory-specific mappings
  - identifiers:
      managed: goauthentik.io/sources/ldap/ms-samaccountname
    model: authentik_sources_ldap.ldappropertymapping
    attrs:
      name: "authentik default Active Directory Mapping: sAMAccountName"
      object_field: "username"
      expression: |
        return ldap.get('sAMAccountName')
  - identifiers:
      managed: goauthentik.io/sources/ldap/ms-userprincipalname
    model: authentik_sources_ldap.ldappropertymapping
    attrs:
      name: "authentik default Active Directory Mapping: userPrincipalName"
      object_field: "attributes.upn"
      expression: |
        return list_flatten(ldap.get('userPrincipalName'))
  - identifiers:
      managed: goauthentik.io/sources/ldap/ms-givenName
    model: authentik_sources_ldap.ldappropertymapping
    attrs:
      name: "authentik default Active Directory Mapping: givenName"
      object_field: "attributes.givenName"
      expression: |
        return list_flatten(ldap.get('givenName'))
  - identifiers:
      managed: goauthentik.io/sources/ldap/ms-sn
    model: authentik_sources_ldap.ldappropertymapping
    attrs:
      name: "authentik default Active Directory Mapping: sn"
      object_field: "attributes.sn"
      expression: |
        return list_flatten(ldap.get('sn'))
  # OpenLDAP specific mappings
  - identifiers:
      managed: goauthentik.io/sources/ldap/openldap-uid
    model: authentik_sources_ldap.ldappropertymapping
    attrs:
      name: "authentik default OpenLDAP Mapping: uid"
      object_field: "username"
      expression: |
        return ldap.get('uid')
  - identifiers:
      managed: goauthentik.io/sources/ldap/openldap-cn
    model: authentik_sources_ldap.ldappropertymapping
    attrs:
      name: "authentik default OpenLDAP Mapping: cn"
      object_field: "name"
      expression: |
        return ldap.get('cn')