Configuring LDAP single sign-on for Burp Suite Enterprise Edition

  • Last updated: June 21, 2022

  • Read time: 2 Minutes

Burp Suite Enterprise Edition allows you to implement single sign-on (SSO) via LDAP.

You first need to configure the LDAP connection between Burp Suite Enterprise Edition and your Active Directory server. This will allow your users to log in with their existing credentials.

  1. Log in to Burp Suite Enterprise Edition as an administrator.
  2. From the settings menu, select "Integrations".
  3. On the "LDAP" tile, click the "Configure" button.
  4. Choose whether you want to use the LDAP or LDAPS protocol. We recommend using LDAPS wherever possible.
  5. Enter the IP address or hostname of your Active Directory server. The port will automatically be updated based on the protocol that you selected. By default, LDAP uses port 389, while LDAPS uses port 636.
  6. Enter the credentials for a valid Active Directory service account. This will be used to query your Active Directory when authenticating users.
  7. Specify the base distinguished name from which Burp Suite Enterprise Edition should search for users. All of the users that you want to manage must be children of this base distinguished name.
  8. Select you preferred login method. This determines whether users are required to log in with their UserPrincipleName or their sAMAccountName.
  9. When you are happy with your entries, click "Check Connection".
  10. If the connection could be established, a message will confirm this. If you are using a self-signed certificate for LDAPS, you might be prompted to upload the root certificate for security reasons.

Once this connection is successfully established, you can move on to creating your user groups and configuring their permissions.