For organisations already running Active Directory (or any LDAP server), Cybsis plugs in directly:
- Authentication via LDAP bind — users log in with their AD credentials, no second password to manage
- TLS — LDAPS or StartTLS, with custom CA certificates supported
- Group-restricted access — limit sign-in to chosen AD groups; nested group membership is resolved automatically
Configuration lives under Administration → Integrations with per-instance settings. Credentials are stored encrypted (AES-256-GCM) and every sign-in lands in the login history.