Burp Suite Enterprise Edition is now available in our secure Cloud  –  Learn more

Enterprise Edition

Configuring LDAP single sign-on for Burp Suite Enterprise Edition

  • Last updated: July 16, 2024

  • Read time: 2 Minutes

If you have a self-hosted instance of Burp Suite Enterprise Edition, you can configure LDAP-based single sign-on (SSO). This enables your users to log in with their existing Active Directory credentials.

To configure the LDAP connection between Burp Suite Enterprise Edition and your Active Directory server:

  1. Log in to Burp Suite Enterprise Edition as an administrator.
  2. From the settings menu , select Integrations.
  3. On the LDAP tile, click Configure.
  4. Under Connection details, select LDAP or LDAPS. We recommend using LDAPS wherever possible.
  5. In the Server field, enter the IP address or hostname of your Active Directory server.


    The port updates automatically. By default, LDAP uses port 389 and LDAPS uses port 636.

  6. Under Service account details, enter the username and password for a valid Active Directory service account. This is used to query your Active Directory when authenticating users.
  7. Specify the base distinguished name from which Burp Suite Enterprise Edition should search for users. All of the users that you want to manage must be children of this base distinguished name.
  8. Select a Login method. This determines whether users log in with their UserPrincipleName or their sAMAccountName.
  9. When you are happy with your entries, click Check Connection.
  10. To use a self-signed certificate for LDAPS, upload the root certificate when prompted if necessary.

Testing your configuration

Once the connection is successfully established, you can test your configuration by logging in to Burp Suite Enterprise Edition. If the configuration was successful, you will see a message that you have logged in, but you don't yet have permission to do anything.

You can now configure user groups and permissions for your users. For more information, see Configuring groups for SAML or LDAP.

Was this article helpful?