Casdoor | Identity Access Management (IAM) / Single-Sign-On (SSO) | SaaS

2 min read Original article ↗

Casdoor

Identity & Access Management Platform

All popular authentication protocols like OAuth 2.0, OIDC, SAML, CAS, LDAP, Single-Sign-On (SSO) and Single-Sign-Out are supported.

Organizations.
Supports multi-tenancy, each organization can have its own administrators and user pools, and can independently set permissions.

Groups.
Includes entity groups and virtual groups, corresponding to the company's organizational structure, each group can set permissions independently, and groups can be nested.

Users.
Built-in global administrators, organization administrators, and ordinary users. All fields of users (such as roles, addresses, positions, points, etc.) can be customized.

Roles | Permissions.
Roles and permissions combined can set flexible permissions for Casdoor built-in objects (such as applications) or other access behaviors.

Casbin Models | Adapters.
Flexible and powerful access control is achieved through Casbin's models and adapters, supporting various permission models such as RBAC, ABAC, RESTful, priority, etc.

Applications.
An application corresponds to a set of registration, login, and forgot password pages. Different applications can set different authentication protocols, UI interface elements, etc.

Providers.
Supports 8 different types of providers including AI, Captcha, Email, OAuth, Payment, SAML, SMS, Storage, etc.

Records | Tokens | Sessions.
Built-in powerful log audit system, records every normal access and attack behavior, issued Tokens, and the user's current session. Administrators can kick people offline in real-time.

Products | Payments.
As a payment gateway, it integrates various payment methods such as Stripe, PayPal, Paddle, etc., making it convenient for your customers to pay for your products.

Plans | Pricing | Subscriptions.
Integrated with a comprehensive SaaS subscription management function, it supports management of subscriptions and payments within the organization by organization administrators in a multi-tenant manner, and supports synchronization of subscription data with platforms such as Stripe, Paddle, Gumroad, etc.

Syncers.
Achieve real-time bidirectional data synchronization with external user databases through synchronizers such as databases, LDAP, etc., to meet heterogeneous architecture and migration requirements.

Swagger.
Opens up all the backend APIs, supports calling APIs in the identity of users or applications (i.e., Machine-to-Machine), and provides good API development documentation through Swagger.