Statamic Forward Authentication (LDAP, HTTP)

Addon by Dan Pegg

Statamic Forward Authentication (LDAP, HTTP) Main Screenshot

Statamic Forward Authentication

Use forward authentication to login to statamic.

How it works

Screenshot 2021-07-31 at 16 15 20


From a standard Statamic site, you can run: composer require daynnnnn/statamic-forward-auth

Then publish the config: php please vendor:publish --tag="statamic-forward-authentication"


First you'll need to adjust your config/auth.php to use the forward driver on the user provider:

'users' => [
    'driver' => 'forward',

Then you can edit config/statamic/forward-authentication.php to setup authentication


By default, there's 2 supported services: http and ldap

These can be selected via the default value in config/statamic/forward-authentication.php



An ldap search will be made of the base_dn to find the user. If the user is found, try to bind to the found user using provided password.


host: (array) List of LDAP hsots

use_ssl: (bool) Whether host should be accessed with SSL

base_dn: (string) Root search DN to find user in.

username: (string) Bind users DN.

password: (string) Bind users password.


The LDAP auth service requires Adldap2:

composer require adldap2/adldap2

HTTP Authentication


A POST request will be sent to the endpoint with the attributes of email and password. The expected response is JSON, and should contain the success status of the credentials, and if the success status is true, the full name of a user.


endpoint: (string) Address on which login will be attempted

result: (array) Where the success status and full name of the user can be found in the JSON response, example:

If your JSON response looks like this:

  "result": true,
  "data": {
    "name": "Daniel Pegg"

Your result array should look like this:

result => [
    'success' => 'result',
    'name' => '',


You can also extend this to add your own form of forward authentication, you'll need to create a new class which implements the AuthServiceContract interface, and then set a service in config/statamic/forward-authentication.php. With the service, the only requirment is that the driver is defined as your class, like this:

'driver' => App\AuthServices\MyCustomAuthService::class,

The rest of the config can be setup based on what your custom authentication service needs.