sqlpad · rickbergfalk · Jun 26, 2020 · Jun 25, 2020
diff --git a/docs/authentication.md b/docs/authentication.md
@@ -96,6 +96,18 @@ SAML-based authentication can be enabled by setting the necessary environment va

 SQLPad users do not need to be added ahead of time, and may be created on the fly using `samlAutoSignUp`. Whenever a new user is detected (unable to match to existing user email), a user record will be added to SQLPad's user table and a user signed in. By default users are not auto-created and must otherwise be added ahead of time.

+## LDAP (Experimental)
+
+LDAP-based authentication can be enabled by setting the necessary environment variables:
+
+- `ENABLE_LDAP_AUTH`
+- `LDAP_URL`
+- `LDAP_BASE_DN`
+- `LDAP_USERNAME`
+- `LDAP_PASSWORD`
+
+Users sign in to LDAP using a username (and not an e-mail address).
+
 ## Allowed Domains for User Administration

 An entire domain can be allowed for username administration by setting enviornment variable `SQLPAD_ALLOWED_DOMAINS`. This may be particularly useful in combination with OAuth.
diff --git a/docs/configuration.md b/docs/configuration.md
@@ -425,3 +425,38 @@ When supplying both `id` and `email`, `id` will be used for user matching instea

 - Key: `authProxyHeaders`
 - Env: `SQLPAD_AUTH_PROXY_HEADERS`
+
+## enableLdapAuth
+
+Set to `true` to enable LDAP authentication
+
+- Key: `enableLdapAuth`
+- Env: `ENABLE_LDAP_AUTH`
+
+## ldapUrl
+
+LDAP server URL. Examples: `ldap://localhost:389`, `ldaps://ad.corporate.com:636`
+
+- Key: `ldapUrl`
+- Env: `LDAP_URL`
+
+## ldapBaseDN
+
+LDAP Base DN
+
+- Key: `ldapBaseDN`
+- Env: `LDAP_BASE_DN`
+
+## ldapUsername
+
+Username for LDAP lookup
+
+- Key: `ldapUsername`
+- Env: `LDAP_USERNAME`
+
+## ldapPassword
+
+Password for LDAP user used for LDAP lookup
+
+- Key: `ldapPassword`
+- Env: `LDAP_PASSWORD`