Lightweight Directory Access Protocol (LDAP) is an open, vendor-neutral application protocol used to access and manage directory information services over a network. In essence, LDAP provides a standardized way for applications and users to query, search, and modify information stored in directory services—these directories typically hold data such as usernames, passwords, email addresses, device locations, and more.
LDAP operates on a client-server model: clients send requests to an LDAP server, which manages the directory data and responds to queries. The protocol is designed for fast retrieval (read) of data that doesn’t change often, making it ideal for storing static information like user credentials and organizational resources. LDAP directories are often structured hierarchically, similar to a tree, with branches representing different organizational units, users, or devices. LDAP can be used for both querying information (e.g., finding a user’s email address) and authentication (e.g., verifying usernames and passwords for access control).