User Federation Ldap Kerberos Blueprint
LDAP, Kerberos, and AD directory integration
| Feature | user-federation-ldap-kerberos |
| Category | Integration |
| Version | 1.0.0 |
| Tags | federation, ldap |
| YAML Source | View on GitHub |
| JSON API | user-federation-ldap-kerberos.json |
Fields
| Name | Type | Required | Label | Description |
|---|---|---|---|---|
connection_url | url | Yes | LDAP URL | Validations: required, url |
bind_dn | text | Yes | Bind DN | Validations: required |
Rules
- core: Directory synchronization
Outcomes
User_found (Priority: 5)
Given:
connection_urlexistsnull
Then:
- emit_event event:
federation.user_found
Result: User found in directory
Errors
| Code | Status | Message | Retry |
|---|---|---|---|
FEDERATION_ERROR | 503 | Federation service unavailable | No |
Events
| Event | Description | Payload |
|---|---|---|
federation.user_found | User found in directory | username |
AGI Readiness
Goals
Reliable User Federation Ldap Kerberos
LDAP, Kerberos, and AD directory integration
Success Metrics:
| Metric | Target | Measurement |
|---|---|---|
| success_rate | >= 99.5% | Successful operations divided by total attempts |
| error_recovery_rate | >= 95% | Errors that auto-recover without manual intervention |
Constraints:
- availability (non-negotiable): Must degrade gracefully when dependencies are unavailable
Autonomy
Level: supervised
Escalation Triggers:
error_rate > 5
Tradeoffs
| Prefer | Over | Reason |
|---|---|---|
| reliability | throughput | integration failures can cascade across systems |
Safety
| Action | Permission | Cooldown | Max Auto |
|---|---|---|---|
| user_found | autonomous | - | - |