LDAP is a well-known standard for connecting to directory services to access common enterprise services such as authentication, user, and group information. LDAP authentication should not be confused with single sign-on (SSO), because users still must enter their username and password. Centralizing authentication reduces the administrative burden of enforcing password policies and simplifies the login experience for end users by allowing the same credentials to be used across applications and enterprise services. This type of external password management is considered a best practice.

LDAP authentication can be configured to communicate with a directory service such as Active Directory or OpenLDAP, and supports multiple LDAP providers. A user can be associated with only a single LDAP provider at a time.