12.5. Python API LDAP Authentication

12.5.1. Introduction

SFTPPlus allows developers to write custom authentication handling code to augment the standard LDAP authentication functionality.

The extension code is executed in the main application thread. It should not block the thread.

12.5.2. API interface

The code for the extension needs to be placed in a Python file (module) inside the extension/ folder from the SFTPPlus installation folder. The Python file should contain a class that implements a set of methods that are the interface of the LDAP authentication extension.

The class can have any name, but it should implement using the same method name and all the arguments with the exact argument names.

class chevah.server.extension.auth_ldap_noop.AuthLDAPNoop(configuration)

This is an LDAP authentication extension that has no extra functionality.

It servers as a documentation for the extension interface.

The extension is implicitly started at initialization.


Called when the associated LDAP authentication starts.


configuration -- A text which can be formatted as JSON. But each extension can parse it as it wants. JSON format is not required. It is only recommended.

For more details about the usage of this API get in touch with our support team.

12.5.3. Usage

You can find a skeleton example inside the extension/ file of the default SFTPPlus installation. It can be used as the base for implementing custom functionality.

This extension handler can be configured as:

type = ldap
name = Authenticate from LDAP with Python API extension

extension_entry_point = python:auth_ldap_noop.AuthLDAPNoop
extension_configuration = {
    "key": "value"