After this lesson, you will be able to: Explain how Active Directory, LDAP, SSO, OAuth, and OIDC fit together in modern identity systems.
Real organizations don't manage identity per app, they centralize it. This lesson covers directory services (the canonical user list), single sign-on (one login for many apps), and the OAuth/OIDC protocols that power 'Sign in with Google' everywhere.
A directory service is a database of users, groups, devices, and policies. Microsoft Active Directory dominates enterprise IT, it stores who works at the company, what groups they're in, and what they can access on every Windows machine. LDAP is the protocol AD speaks; you can query 'all users in the engineering OU' with a few lines of code.
SSO lets a user log in once and then access many services without re-authenticating. The user authenticates with the identity provider (IdP). Okta, Microsoft Entra, Google Workspace, and the IdP issues a token the apps trust. Benefits: one strong password instead of dozens, central MFA, instant offboarding when a user leaves.
OAuth is for authorization, 'this app can read my Google contacts'. OIDC is OAuth + identity, it adds an ID token that proves who you are. When you click 'Sign in with Google', that's OIDC. Behind the scenes the app redirects you to Google, you approve, Google sends the app an ID token, and the app trusts it.
A simplified LDAP search to find all users in a department.
from ldap3 import Server, Connection, ALLserver = Server('ldap.example.com', get_info=ALL)conn = Connection(server, 'cn=admin,dc=example,dc=com', 'password', auto_bind=True)conn.search('ou=Engineering,dc=example,dc=com','(objectClass=person)',attributes=['cn', 'mail'])for entry in conn.entries:print(entry.cn, entry.mail)
Choose the best one-line answer.
Sign in and purchase access to unlock this lesson.