How to Setup Credential Provider Authentication on a Switchboard

  Version 6.0 

Applies to Platform: Switchboard 6.8.x 
Last update: 3 Sep 2025

A new major feature for the Endian Switchboard in 6.8.x is support for single sign-on (SSO) authentication utilizing OAuth 2.0 protocol for users to sign in to the platform. With this new authentication engine, we've changed how you utilize credential providers for authentication in the platform. This article will help guide you through the process of utilizing this new process.

Requirements

Before you begin you will need the following in order to complete this process:

1. A supported credential provider (server) like LDAP or Active Directory that is accessible to the Endian Switchboard appliance.
    
2. An Endian Switchboard that is already setup and accessible.
    
3. An account with administrative access on the Endian Switchboard.
    

Setup Switchboard Configuration

In the Switchboard Administration web interface (https://<green ip>:10443) navigate to Authentication > Providers and click the New provider button

1. Connection Type:  Select Credential provider
2. OAuth Provider:  Select an LDAP provider type
3. Click Setup connection to proceed to the next step

1. Name:  Enter a descriptive name for the connection
2. Server IP / FQDN:  Enter the IP address or fully qualified domain name (FQDN) of the server
3. Port:  Enter the server LDAP service port
4. Bind DN Username:  The fully distinguished name of the LDAP account that is used to retrieve user data from the LDAP server
5. Bind DN Password:  The password of the bind DN user
6. User Base DN:  The base DN which is used as the starting place for looking up users
7. Group Base DN:  The base DN which is used as the starting place for looking up groups
8. Click Create in order to validate the connection. You should see a success message if everything is entered correctly; otherwise you will get a failure message where you can then correct the issue.

.   

Create the Proxy Provider

Navigate to Authentication > Providers and click the New provider button.

1. Connection Type:  Select Credential provider
2. OAuth Provider:  Select the Proxy provider type
3. Click Setup connection to proceed to the next step

1. Name:  Enter a descriptive name for the connection
2. User Provider:  Select the Switchboard Database
3. Password Provider:  Select the LDAP provider you just created above
4. Click Create in order to create the connection.

Click Apply now button to apply your changes.

Map the Proxy Provider to Switchboard Service

Navigate to Authentication > Services and click the Edit button next to the Switchboard service.

 Under the Credential Provider tab, select the Add credential provider button.

1. Select the Proxy provider you previously created by click the button
2. Click Continue to save your selection

Create Corresponding Switchboard Users

The LDAP users from the provider you created above are not automatically imported into the Switchboard since they can also be used in various other services (like OpenVPN, IPsec, etc). Because of this, you will need to manually create each Switchboard user using the same email address from the LDAP service.

1. Email Address:  Enter the email address of a corresponding user from the LDAP service
2. Authenticate using external authentication server:  Check this box to use the LDAP service for password
3. Click the Add button 

Validate a Successful Login

At this point, you can now access the Switchboard portal and attempt to sign in using your LDAP email address and password as your authentication mechanism.

Next Steps

• How to Setup User Onboarding with any OAuth Provider
• How to Setup Users and Devices on the Switchboard
• How to Setup Applications on the Switchboard
• How to Connect a Security Gateway to a Switchboard - Manual
• How to connect to Endian Switchboard using Endian Connect App