The Okta LDAP Interface (LDAPi) provides an LDAPv3-compatible read-only connection to the Okta Universal Directory for use by third-party platforms. The LDAPi translates LDAPv3 queries into Okta API GET requests. To perform this transaction internally, an Okta user with Read-Only Admin permissions performs an LDAP bind, submits the query, and receives the results. 

Okta generates System Log events for LDAPi only when a failure or non-zero error code occurs. Search the System Log for specific LDAPi event types to find them.

• Okta Identity Engine (OIE)
• Okta Classic Engine
• Okta LDAP Interface (LDAPi)
• System Log

What event types indicate LDAPi activity in the System Log?

Use this query to search the System Log for failed LDAP bind, unbind, and search activity.

eventType eq "system.ldapi.bind" or eventType eq "system.ldapi.unbind" or eventType eq "system.ldapi.search"

NOTE: The System Log search string does not log successful LDAPi bind, unbind, or search events. Instead, for successful LDAPi queries, the System Log displays the successful login, policy evaluation, and logout of the Okta user.

Review the following examples of a successful search in the terminal and the corresponding System Log events.

When does Okta log LDAPi events?

Okta logs System Log events only when a failure or a non-zero error code results from the query. Okta logs these events to aid in troubleshooting the failure.

Review the following examples of a search failure in the terminal and the corresponding System Log events.

Review the following examples of a bind failure in the terminal and the corresponding System Log events.

Related References

• Verify a Connection to the Okta LDAP Interface
• Event Types (Okta Developer)