Quickstart

Download the binary, point it at your LDAP source, and start querying.

• PostgreSQL database (15+, recommended 18+)
• Access to an LDAP directory (Active Directory, OpenLDAP, etc.)
• curl (for testing REST)
• ldapsearch (optional, for testing LDAP)

Create identity-scribe.conf with your database and LDAP source:

database.url = "jdbc:postgresql://localhost:5432/scribe"
database.user = "scribe"
database.password = ${DB_PASSWORD}

transcribes {
  users {
    ldap.url = "ldap://your-ldap-server:389"
    ldap.bind-dn = "cn=reader,dc=example,dc=com"
    ldap.bind-password = ${LDAP_BIND_PASSWORD}
    base = "ou=users,dc=example,dc=com"
    filter = "(objectClass=person)"
  }
}

export DB_PASSWORD="your-db-password"
export LDAP_BIND_PASSWORD="your-ldap-password"

./identity-scribe-linux-x64

Wait for the startup banner to show all transcribes are synced:

curl http://localhost:8080/readyz
# Expected: readyz check passed

# List all entries
curl http://localhost:8080/api/entries/users | jq

# Search by attribute
curl "http://localhost:8080/api/entries/users?filter=cn%3DJohn*" | jq

# Get a specific entry by DN
curl "http://localhost:8080/api/entries/users/cn=john,ou=users,dc=example,dc=com" | jq

# List all entries
ldapsearch -H ldap://localhost:10389 -x -b "o=data" "(objectClass=*)" cn

# Search users by name
ldapsearch -H ldap://localhost:10389 -x -b "ou=users,o=data" "(cn=John*)" cn mail

Open http://localhost:8080/ui in your browser:

• Dashboard — System health and sync status
• Entries — Browse synchronized identity data
• Observe — Metrics, traces, and diagnostics

For a complete stack with Grafana, Prometheus, and Tempo:

cd monitoring/docker
docker compose up -d

This starts PostgreSQL, IdentityScribe, and the full monitoring stack. See Deployment for details.

• Architecture — Understand how IdentityScribe works
• Configuration — All settings explained
• Deployment — Docker, Kubernetes, or bare metal