{"id":63185,"date":"2022-05-18T13:44:49","date_gmt":"2022-05-18T17:44:49","guid":{"rendered":"https:\/\/jumpcloud.com\/?p=63185"},"modified":"2022-11-01T17:52:46","modified_gmt":"2022-11-01T21:52:46","slug":"ldap-injection-explained","status":"publish","type":"post","link":"https:\/\/jumpcloud.com\/blog\/ldap-injection-explained","title":{"rendered":"What Is LDAP Injection?"},"content":{"rendered":"\n<p>Directories house some of an organization\u2019s most sensitive information that could be extremely dangerous in the wrong hands. LDAP injection attacks take advantage of this risk by leveraging vulnerabilities in the LDAP protocol to access, manipulate, and seize directory data, which can result in anything from spoofed authentication to ransomware attacks.&nbsp;<\/p>\n\n\n\n<p>Fortunately, there are ways to guard against LDAP injection. This article covers how LDAP injection attacks work and how to prevent them in your organization.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>LDAP Servers, Authentication, and Authorization<\/strong><\/h2>\n\n\n\n<p>It\u2019s important to understand the basics of <a href=\"https:\/\/jumpcloud.com\/blog\/what-is-ldap\">LDAP<\/a> and how it works to fully understand LDAP injection.&nbsp;<\/p>\n\n\n\n<p>LDAP (lightweight directory authentication protocol) is a protocol that facilitates directory creation, maintenance, and authentication. LDAP can perform the following main functions:&nbsp;<\/p>\n\n\n\n<ul><li>Query.<\/li><li>Modify (add, delete, or change).<\/li><li>Authenticate.<\/li><li>Authorize.<\/li><\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">LDAP Servers<\/h3>\n\n\n\n<p>LDAP servers house LDAP directory information, which is arranged within a directory information tree according to a customizable LDAP schema. LDAP directories can store information like:&nbsp;<\/p>\n\n\n\n<ul><li>Users.<\/li><li>Systems and equipment.<\/li><li>Attributes (of users and equipment, for example).&nbsp;<\/li><li>Group membership privileges.<\/li><\/ul>\n\n\n\n<p>Because schemas are customizable, LDAP directories are highly flexible, and this list is not exhaustive; organizations can configure their LDAP directory to best fit their needs.&nbsp;<\/p>\n\n\n\n<p>LDAP servers can be hosted on premises or in the cloud, and LDAP directories can run on free open source software, like <a href=\"https:\/\/jumpcloud.com\/blog\/what-is-openldap\">OpenLDAP<\/a>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">LDAP Authentication and Authorization<\/h3>\n\n\n\n<p>LDAP can authenticate users and authorize them to applications and resources that support LDAP. It does so by comparing a user\u2019s login input with the credentials tied to their username in the LDAP directory; if they match, the user is authorized to access the desired resource.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">LDAP Queries<\/h3>\n\n\n\n<p>LDAP relies heavily on queries, which is a request for information from the LDAP server. In fact, the reason LDAP is considered \u201clightweight\u201d is because it receives more <em>read<\/em> requests (i.e., queries) than <em>write <\/em>requests (i.e., modifications).&nbsp;<\/p>\n\n\n\n<p>Queries are a critical component of the authentication and authorization process \u2014 and a frequently leveraged function in LDAP injection attacks. They are built upon LDAP search filters, which determine which information in the directory to pull and are formed in accordance with LDAP syntax. Bad actors that are skilled with LDAP syntax can inject their own code into LDAP queries and filters to manipulate the results. This is the basis of LDAP injection.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>LDAP Injection Overview<\/strong><\/h2>\n\n\n\n<p>LDAP injection is a type of attack that modifies queries and commands to the LDAP server to manipulate its behavior. LDAP injection is dangerous because it compromises organization-wide directory information, granting bad actors access to critical organizational data and systems.&nbsp;<\/p>\n\n\n\n<p>LDAP injection is often initiated by exploiting web applications or interfaces that don\u2019t validate LDAP input before sending it to the LDAP server. Injections are built upon queries, and they can execute the same functions as standard LDAP functions can \u2014 e.g., query, modify, and authenticate. Let\u2019s explore how hackers commonly exploit these functions in an LDAP injection attack.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>LDAP Injection Examples&nbsp;<\/strong><\/h2>\n\n\n\n<p>Because LDAP injection is based on code, it is a flexible tactic and takes many forms. Some of the most common forms of LDAP injection include:&nbsp;<\/p>\n\n\n\n<ul><li><strong>Return a list of private data. <\/strong>An LDAP query can pull lists of directory information \u2014 including information that should be private. Bad actors commonly use this function to pull and compromise company and employee data.&nbsp;<\/li><li><strong>Bypass authentication.<\/strong> When requesting <a href=\"https:\/\/jumpcloud.com\/blog\/what-is-ldap-authentication\">LDAP authentication<\/a> from the server, a bad actor can inject code that ends the query after the username so that the password input doesn\u2019t matter. This guarantees successful authentication without a password.<\/li><li><strong>Modify the directory. <\/strong>Modifications include additions, changes, and deletions. For example, a hacker could use a query to pull a list of critical data and then modify the directory by deleting that data from the directory, holding it for ransom in a ransomware attack.<\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>How Can Injection Attacks Be Prevented?<\/strong><\/h2>\n\n\n\n<p>Both LDAP-supported applications and LDAP implementations can play a role in preventing LDAP injection. LDAP applications can prevent malicious LDAP queries from reaching the LDAP server, and LDAP instances can have policies in place that prevent malicious queries from being processed and carried out.<\/p>\n\n\n\n<p> In addition, there are a few internal things your organization can do to minimize the likelihood of LDAP injection attacks and minimize damage, should one occur.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">LDAP Input Validation<\/h3>\n\n\n\n<p>Certain special characters can be misused to manipulate LDAP code. The asterisk is a common example \u2014 often referred to as a wildcard operator, it can take the place of any character or string of characters. <\/p>\n\n\n\n<p>Bad actors can use it to pull entire data lists: for example, a bad actor could use it to return all users whose usernames are [anything] with the following code:<\/p>\n\n\n\n<p class=\"has-text-align-center\"><code>(userID=*)<\/code><\/p>\n\n\n\n<p>Similarly, the ampersand in parenthesis \u2014 (&amp;) \u2014 stops a query. Bad actors use it after the username input to bypass authentication by preventing the query from including the password.&nbsp;<\/p>\n\n\n\n<p>To prevent this type of malicious injection, applications can compare LDAP inputs against a character whitelist, preventing known injections (like those listed above) from making it to the LDAP server. They can also escape these special characters and character combinations, processing them as the characters themselves and ignoring their intended function. For example, if an application escapes the asterisk character, the search:<\/p>\n\n\n\n<p class=\"has-text-align-center\"><code>(userID=J*)&nbsp;<\/code><\/p>\n\n\n\n<p>would look for the username string \u201cJ*\u201d rather than any username that starts with J.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Limit Data Return&nbsp;<\/h3>\n\n\n\n<p>LDAP instances can limit the amount of data they return upon a query. This helps prevent entire lists from being pulled and misused.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">LDAP Binds<\/h3>\n\n\n\n<p>An LDAP bind authenticates the user before granting them access to the LDAP server. Requiring LDAP binds and prohibiting anonymous LDAP binds both help prevent LDAP injection.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Hash Passwords<\/h3>\n\n\n\n<p>Hashing stored passwords and salting the hashes is a critical security best practice that helps protect against many attack types. In terms of preventing LDAP injection, hashing and salting passwords prevents them from being easily manipulated with special injection characters.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Least Privilege<\/h3>\n\n\n\n<p>Assign directory access according to the <a href=\"https:\/\/jumpcloud.com\/blog\/principle-least-privilege-user-management\">principle of least privilege (PoLP)<\/a> to minimize the number of people who can issue LDAP queries to make it harder for an attacker to execute an injection.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Check Your Web Application Security&nbsp;<\/h3>\n\n\n\n<p>Web applications that support LDAP should take reasonable steps to prevent injected LDAP queries from reaching your LDAP server. Validating and properly sanitizing user input is a common preventative measure applications can take. Evaluate the applications in your infrastructure using LDAP and make sure they have adequate prevention measures in place.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Secure Cloud-Based LDAP Through JumpCloud<\/strong><\/h2>\n\n\n\n<p>JumpCloud offers a cloud-based, <a href=\"https:\/\/jumpcloud.com\/blog\/overview-of-cloud-ldap\">managed LDAP<\/a> service that adheres to high security standards. For one, JumpCloud\u2019s LDAP service requires binds and prohibits anonymous binds, which help prevent LDAP injections. <\/p>\n\n\n\n<p>It is also encrypted by LDAPS and StartTLS, OpenLDAP RFC2307 compliant, and supports multi-factor authentication (<a href=\"https:\/\/jumpcloud.com\/platform\/multi-factor-authentication-mfa\">MFA<\/a>) requirements to access LDAP resources. All passwords stored in JumpCloud are one-way hashed and salted.<\/p>\n\n\n\n<p>What\u2019s more, you don\u2019t have to set up an LDAP instance when you use JumpCloud\u2019s cloud-hosted LDAP, and all the security and management is taken care of for you. It\u2019s all of the functionality with none of the hassle \u2014 and it\u2019s free for your first 10 users and devices. Learn more about JumpCloud\u2019s <a href=\"https:\/\/jumpcloud.com\/platform\/ldap\">cloud-based LDAP<\/a> offering.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>LDAP injection attacks can compromise your entire directory. Learn how they work, what they look like, and how to prevent them in your LDAP instance.<\/p>\n","protected":false},"author":144,"featured_media":63186,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_oasis_is_in_workflow":0,"_oasis_original":0,"_oasis_task_priority":"","inline_featured_image":false,"footnotes":""},"categories":[23],"tags":[2373],"collection":[2779,2775],"platform":[],"funnel_stage":[3016],"coauthors":[2532],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v22.9 (Yoast SEO v22.9) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>What Is LDAP Injection? - JumpCloud<\/title>\n<meta name=\"description\" content=\"LDAP injection attacks can compromise your entire directory. Learn how they work, what they look like, and how to prevent them in your LDAP instance.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/jumpcloud.com\/blog\/ldap-injection-explained\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"What Is LDAP Injection?\" \/>\n<meta property=\"og:description\" content=\"LDAP injection attacks can compromise your entire directory. Learn how they work, what they look like, and how to prevent them in your LDAP instance.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/jumpcloud.com\/blog\/ldap-injection-explained\" \/>\n<meta property=\"og:site_name\" content=\"JumpCloud\" \/>\n<meta property=\"article:published_time\" content=\"2022-05-18T17:44:49+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-11-01T21:52:46+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2022\/05\/ldap-injection.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"899\" \/>\n\t<meta property=\"og:image:height\" content=\"600\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Kate Lake\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Kate Lake\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/ldap-injection-explained#article\",\"isPartOf\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/ldap-injection-explained\"},\"author\":{\"name\":\"Kate Lake\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/person\/f8e192cbcdde7ffa4bc2f96c48ceda78\"},\"headline\":\"What Is LDAP Injection?\",\"datePublished\":\"2022-05-18T17:44:49+00:00\",\"dateModified\":\"2022-11-01T21:52:46+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/ldap-injection-explained\"},\"wordCount\":1224,\"publisher\":{\"@id\":\"https:\/\/jumpcloud.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/ldap-injection-explained#primaryimage\"},\"thumbnailUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2022\/05\/ldap-injection.jpg\",\"keywords\":[\"security\"],\"articleSection\":[\"Best Practices\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/ldap-injection-explained\",\"url\":\"https:\/\/jumpcloud.com\/blog\/ldap-injection-explained\",\"name\":\"What Is LDAP Injection? - JumpCloud\",\"isPartOf\":{\"@id\":\"https:\/\/jumpcloud.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/ldap-injection-explained#primaryimage\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/ldap-injection-explained#primaryimage\"},\"thumbnailUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2022\/05\/ldap-injection.jpg\",\"datePublished\":\"2022-05-18T17:44:49+00:00\",\"dateModified\":\"2022-11-01T21:52:46+00:00\",\"description\":\"LDAP injection attacks can compromise your entire directory. Learn how they work, what they look like, and how to prevent them in your LDAP instance.\",\"breadcrumb\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/ldap-injection-explained#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/jumpcloud.com\/blog\/ldap-injection-explained\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/ldap-injection-explained#primaryimage\",\"url\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2022\/05\/ldap-injection.jpg\",\"contentUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2022\/05\/ldap-injection.jpg\",\"width\":899,\"height\":600},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/ldap-injection-explained#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/jumpcloud.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"What Is LDAP Injection?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/jumpcloud.com\/#website\",\"url\":\"https:\/\/jumpcloud.com\/\",\"name\":\"JumpCloud\",\"description\":\"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.\",\"publisher\":{\"@id\":\"https:\/\/jumpcloud.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/jumpcloud.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/jumpcloud.com\/#organization\",\"name\":\"JumpCloud\",\"url\":\"https:\/\/jumpcloud.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"contentUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"width\":598,\"height\":101,\"caption\":\"JumpCloud\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/person\/f8e192cbcdde7ffa4bc2f96c48ceda78\",\"name\":\"Kate Lake\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/person\/image\/46cab796831a4f3fb686940689408879\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/49d664ae369f57340f0165a652ddb04b?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/49d664ae369f57340f0165a652ddb04b?s=96&d=mm&r=g\",\"caption\":\"Kate Lake\"},\"description\":\"Kate Lake is a Senior Content Writer at JumpCloud, where she writes about JumpCloud\u2019s cloud directory platform and trends in IT, technology, and security. She holds a Bachelors in Linguistics from the University of Virginia and is driven by a lifelong passion for writing and learning. When she isn't writing for JumpCloud, Kate can be found traveling, exploring the outdoors, or quoting a sci-fi movie (often all at once).\",\"sameAs\":[\"https:\/\/jumpcloud.com\/blog\"]}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"What Is LDAP Injection? - JumpCloud","description":"LDAP injection attacks can compromise your entire directory. Learn how they work, what they look like, and how to prevent them in your LDAP instance.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/jumpcloud.com\/blog\/ldap-injection-explained","og_locale":"en_US","og_type":"article","og_title":"What Is LDAP Injection?","og_description":"LDAP injection attacks can compromise your entire directory. Learn how they work, what they look like, and how to prevent them in your LDAP instance.","og_url":"https:\/\/jumpcloud.com\/blog\/ldap-injection-explained","og_site_name":"JumpCloud","article_published_time":"2022-05-18T17:44:49+00:00","article_modified_time":"2022-11-01T21:52:46+00:00","og_image":[{"width":899,"height":600,"url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2022\/05\/ldap-injection.jpg","type":"image\/jpeg"}],"author":"Kate Lake","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Kate Lake","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/jumpcloud.com\/blog\/ldap-injection-explained#article","isPartOf":{"@id":"https:\/\/jumpcloud.com\/blog\/ldap-injection-explained"},"author":{"name":"Kate Lake","@id":"https:\/\/jumpcloud.com\/#\/schema\/person\/f8e192cbcdde7ffa4bc2f96c48ceda78"},"headline":"What Is LDAP Injection?","datePublished":"2022-05-18T17:44:49+00:00","dateModified":"2022-11-01T21:52:46+00:00","mainEntityOfPage":{"@id":"https:\/\/jumpcloud.com\/blog\/ldap-injection-explained"},"wordCount":1224,"publisher":{"@id":"https:\/\/jumpcloud.com\/#organization"},"image":{"@id":"https:\/\/jumpcloud.com\/blog\/ldap-injection-explained#primaryimage"},"thumbnailUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2022\/05\/ldap-injection.jpg","keywords":["security"],"articleSection":["Best Practices"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/jumpcloud.com\/blog\/ldap-injection-explained","url":"https:\/\/jumpcloud.com\/blog\/ldap-injection-explained","name":"What Is LDAP Injection? - JumpCloud","isPartOf":{"@id":"https:\/\/jumpcloud.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/jumpcloud.com\/blog\/ldap-injection-explained#primaryimage"},"image":{"@id":"https:\/\/jumpcloud.com\/blog\/ldap-injection-explained#primaryimage"},"thumbnailUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2022\/05\/ldap-injection.jpg","datePublished":"2022-05-18T17:44:49+00:00","dateModified":"2022-11-01T21:52:46+00:00","description":"LDAP injection attacks can compromise your entire directory. Learn how they work, what they look like, and how to prevent them in your LDAP instance.","breadcrumb":{"@id":"https:\/\/jumpcloud.com\/blog\/ldap-injection-explained#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/jumpcloud.com\/blog\/ldap-injection-explained"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/blog\/ldap-injection-explained#primaryimage","url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2022\/05\/ldap-injection.jpg","contentUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2022\/05\/ldap-injection.jpg","width":899,"height":600},{"@type":"BreadcrumbList","@id":"https:\/\/jumpcloud.com\/blog\/ldap-injection-explained#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/jumpcloud.com\/"},{"@type":"ListItem","position":2,"name":"What Is LDAP Injection?"}]},{"@type":"WebSite","@id":"https:\/\/jumpcloud.com\/#website","url":"https:\/\/jumpcloud.com\/","name":"JumpCloud","description":"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.","publisher":{"@id":"https:\/\/jumpcloud.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/jumpcloud.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/jumpcloud.com\/#organization","name":"JumpCloud","url":"https:\/\/jumpcloud.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/","url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","contentUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","width":598,"height":101,"caption":"JumpCloud"},"image":{"@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/jumpcloud.com\/#\/schema\/person\/f8e192cbcdde7ffa4bc2f96c48ceda78","name":"Kate Lake","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/#\/schema\/person\/image\/46cab796831a4f3fb686940689408879","url":"https:\/\/secure.gravatar.com\/avatar\/49d664ae369f57340f0165a652ddb04b?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/49d664ae369f57340f0165a652ddb04b?s=96&d=mm&r=g","caption":"Kate Lake"},"description":"Kate Lake is a Senior Content Writer at JumpCloud, where she writes about JumpCloud\u2019s cloud directory platform and trends in IT, technology, and security. She holds a Bachelors in Linguistics from the University of Virginia and is driven by a lifelong passion for writing and learning. When she isn't writing for JumpCloud, Kate can be found traveling, exploring the outdoors, or quoting a sci-fi movie (often all at once).","sameAs":["https:\/\/jumpcloud.com\/blog"]}]}},"_links":{"self":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts\/63185"}],"collection":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/users\/144"}],"replies":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/comments?post=63185"}],"version-history":[{"count":2,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts\/63185\/revisions"}],"predecessor-version":[{"id":71149,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts\/63185\/revisions\/71149"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/media\/63186"}],"wp:attachment":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/media?parent=63185"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/categories?post=63185"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/tags?post=63185"},{"taxonomy":"collection","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/collection?post=63185"},{"taxonomy":"platform","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/platform?post=63185"},{"taxonomy":"funnel_stage","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/funnel_stage?post=63185"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/coauthors?post=63185"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}