# Authentication Flow — Zammad + LDAP > **Terakhir Diperbarui:** 2026-07-02 --- ## Alur login (target) ```mermaid sequenceDiagram participant U as User participant Z as Zammad UI participant AD as AD 10.100.1.40 U->>Z: Login (username + password) Z->>AD: LDAP bind + search user AD-->>Z: OK + attributes (mail, cn, groups) Z->>Z: Map group → Zammad role/group Z-->>U: Session / JWT (Zammad internal) ``` --- ## Integrasi FE (mysupperapps_FE_PWA) ```mermaid sequenceDiagram participant FE as my.gisportal.id participant GC as geonet-console participant Z as Zammad API U->>FE: Buka /ticketing FE->>GC: Login LDAP (existing flow) FE->>Z: API calls dengan token layanan Note over FE,Z: Token dari Zammad admin — bukan password user ke API ``` > Detail implementasi FE: `mysupperapps_FE_PWA/docs/` (belum dibuat). --- ## LDAP parameters (referensi) | Parameter | Nilai | |-----------|-------| | Host | `10.100.1.40` | | Port | `389` | | Base DN | `DC=gisportal,DC=id` | | User filter | Sesuaikan atribut AD (sAMAccountName) | Sinkronisasi group: petakan AD group ke Zammad **Group** untuk routing tiket. --- ## Referensi - ADR LDAP umum: [`server-connection/docs/adr/ADR-0003-ldap-authentication.md`](../../../server-connection/docs/adr/ADR-0003-ldap-authentication.md)