LDAP for single sign-on reaching End of Life on Oct 15, 2021
On Wednesday, October 15, 2021, we will officially retire LDAP (Lightweight Directory Access Protocol) as a source of authentication to the Quickbase platform.
For Platform and Unlimited customers, we have been offering LDAP as an option to authenticate users logging into Quickbase by integrating with their company’s user directory service as a Single Sign-On (SSO) solution. Any accounts currently using LDAP will need to migrate to SAML (Security Assertion Markup Language) to continue authenticating to the Quickbase platform with directory service integration. If there is any issue with switching to SAML, our Customer Care team can easily toggle the customer's configuration back to LDAP quickly, however this will not be possible after the October 15th deadline. Read on for more information on this feature retirement and steps for how to migrate to SAML.
Why is Quickbase retiring LDAP?
SAML is the industry best practice solution for Single Sign-On (SSO) authentication. It is a well-documented and well understood solution that is fully supported by Quickbase and likely to be the preferred solution for SSO from the perspective of your IT department. Unlike LDAP, SAML can be enabled and configured entirely by a customer’s realm admin with support from their IT department. Quickbase’s SAML implementation supports the industry standard System for Cross-domain Identity Management (SCIM) specification, which allows you to configure and automate user provisioning via identity management (IdM) solutions including Okta and OneLogin. Also, unlike LDAP, SAML requires no customer firewall changes and has no dependency on the IP addresses used by the Quickbase platform which are two of the main reasons it is the preferred choice of IT.
What do I need to do to prepare?
Before Wednesday, October 15, 2021, Realm Administrators who are currently using LDAP will need to review the SAML-related topics in Quickbase Help starting with the SAML authentication overview, and then prepare for and execute the transition from LDAP to SAML as their single sign-on (SSO) solution for Quickbase. Although you can complete the SAML setup on your end using the SAML Authentication Configuration Tool on the Manage Billing Account page, we strongly encourage customers work directly with our Care team for additional assistance to coordinate the migration. Our Customer Care team can create a test realm for you to confirm that your SAML configuration is working properly before applying it to your production realm. Customer Care can also quickly revert back to LDAP if an issue were to arise, and we have taken snapshots of each account’s current LDAP configurations.