Our company supports LDAP as authentication interface, but from my understanding, LDAP is just a service to validate username and password, but it won't issue a token for SSO, so I want to confirm whether the open source edition can solely support SSO based on LDAP, or else we need to purchase enterprise edition to adopt SAML in order to integrate with SSO?
Hi @scott1987
I don't think I understand what you mean by "token for SSO".
The LDAP implementation in the open source edition is different from the Enterprise Edition.
The Enterprise Edition has more functionality and attributes sync too.
We generally recommend SAML over LDAP for SSO.
@flamber
Let me describe a scenario, if a user has successfully logged into our business system, then he has been navigated to a metabase url, so does he need to login again in metabase login page, or he will be redirected to metabase home page automatically without a second login action? Is it possible to finish such automatic login on open source edition LDAP?
@scott1987 For someone to have access to Metabase, they need to authenticate through Metabase. So unless you create a session for the user, then they will see the login screen.
On the Enterprise Edition, you can then send them through the SSO login process, which then authenticates with your business system that is already logged in, and then it returns to Metabase already authenticated, which then creates a session.
Does the FOSS edition support SAML?
Nope, only pro or enterprise