Casdoor

Casdoor

Website

UI-first IAM and SSO platform for modern authentication

RepositoryWebsiteDemo
12.9kstars
1.5kforks
Last commit: 23h ago
Repo age: 6y old

Casdoor is an open-source, UI-first Identity and Access Management (IAM) and Single Sign-On (SSO) platform that provides a web-based admin console for managing users, organizations, and authentication flows. It is designed to integrate with applications via standard identity protocols and offers extensible user authentication options.

Key Features

  • Web UI for user, organization, application and permission management
  • SSO and federation support via OAuth 2.0, OpenID Connect (OIDC), and SAML 2.0
  • Directory and provisioning integrations including LDAP and SCIM
  • Multiple authentication methods including WebAuthn and TOTP-based MFA
  • Built-in registration, email verification, and password recovery flows
  • Public REST API and SDKs to simplify application integration

Use Cases

  • Centralized login and SSO for internal apps and SaaS-style multi-tenant products
  • Adding MFA and modern authentication (OIDC/WebAuthn) to existing services
  • User lifecycle management and provisioning across connected systems

Casdoor fits teams that want an admin-friendly IAM/SSO solution with broad protocol support and a ready-to-use web console. It is especially useful when you need standards-based SSO plus flexible authentication methods in one deployable service.

Categories:

Identity & Access Management (IAM)SSO & Federated Identity (OIDC/SAML)

Tags:

# Authentication# IAM# OAuth2# Authorization# OIDC# SAML# Two-Factor Authentication# Single Sign-On# LDAP

Tech Stack:

HelmHelm
D
DockerfileGoGoKubernetesKubernetesDockerDocker
D
Docker Compose
Share:

Similar Services

PocketBase

PocketBase

Lightweight open-source realtime backend with embedded SQLite

55.3k
3k
Last commit: 1d ago

Open-source Go backend providing embedded SQLite, realtime (SSE) subscriptions, auth (JWT/OAuth2), file storage, admin UI and REST-style APIs for web and mobile apps.

Alternative to:
PocketBase Cloud
PocketBase Cloud+17
Keycloak

Keycloak

Open-source identity and access management with SSO

32.3k
8k
Last commit: 21h ago

Keycloak is an open-source IAM server providing single sign-on, user federation, and centralized authentication and authorization using OIDC, OAuth 2.0, and SAML.

Alternative to:
Okta
Okta+19
Authelia

Authelia

Self-hosted IAM with SSO and multi-factor authentication

26.4k
1.3k
Last commit: 1d ago

Authelia is an open-source IAM and authentication server providing SSO, MFA, and access control for web apps, with OpenID Connect/OAuth 2.0 and reverse-proxy integration.

Alternative to:
Auth0
Auth0+16
Infisical

Infisical

Open-source platform for secrets, PKI certificates, and privileged access

24.5k
1.7k
Last commit: 20h ago

Infisical is an open-source platform to manage and deliver app secrets, certificates (PKI), SSH credentials, and encryption keys across teams and infrastructure.

Alternative to:
HashiCorp Vault
HashiCorp Vault+9
authentik

authentik

Open-source Identity Provider (IdP) for SSO, OIDC, and SAML

19.7k
1.4k
Last commit: 17h ago

Open-source IdP delivering SSO, OAuth2/OIDC, SAML2, LDAP, RADIUS, MFA, WebAuthn, conditional access and application-proxy capabilities for self-hosted deployments.

Alternative to:
Okta
Okta+19
Teleport

Teleport

Identity-aware access proxy for infrastructure and internal apps

19.7k
2k
Last commit: 17h ago

Secure access platform for servers, Kubernetes, databases, desktops, and web apps with SSO/MFA, short-lived certificates, and full session auditing.

Alternative to:
Twingate
Twingate+16