# LDAP

This section includes a general guide for configuring an LDAP provider and guides for specific LDAP providers in Immuta. The getting started section below provides best practices for setup and configuration.

## Getting started with LDAP

1. **Start by creating a few initial** [**subscription**](/saas/govern/secure-your-data/authoring-policies-in-secure/section-contents.md) **and** [**data policies**](/saas/govern/secure-your-data/authoring-policies-in-secure/data-policies.md) **so that you know the user metadata you will need from your IAM.** For example, will user attributes be used to author policies, or will groups also be needed? The subscription and data policies below illustrate the need for both groups and attributes to be imported from the IAM to enforce appropriate access controls:
   1. **Subscription policy**: Allow all users in the `Marketing` group to access data sources tagged `Marketing`.
   2. **Data policy**: Mask all columns tagged `Location` except for users with the attribute `AccessLevel.Gold`.
2. [**Validate that your provider is supported by Immuta.**](/saas/releases/support-matrix.md#iam-providers) If your provider is not listed, reach out to your Immuta representative for guidance.
3. [**Configure your LDAP provider in Immuta** **with LDAP sync enabled**](/saas/configuration/people/section-contents/how-to-guides/ldap/ldap-protocol.md)**.** For guidance specific to Okta, see the [Okta LDAP interface page](/saas/configuration/people/section-contents/how-to-guides/ldap/okta-ldap.md).

## Next steps <a href="#what-next" id="what-next"></a>

Once your IAM is configured, complete one of the following tasks:

* [Register data in Immuta](/saas/configuration/integrations/data-and-integrations/registering-metadata.md)
* [Author policies](/saas/govern/secure-your-data/authoring-policies-in-secure.md)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://documentation.immuta.com/saas/configuration/people/section-contents/how-to-guides/ldap.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.