https://github.com/casdoor/casdoor
An open-source UI-first Identity and Access Management (IAM) / Single-Sign-On (SSO) platform with web UI supporting OAuth 2.0, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, RADIUS, Google Workspace, Active Directory and Kerberos
https://github.com/casdoor/casdoor
ai-gateway auth authentication authn casdoor faceid iam ldap llm-gateway mcp-gateway mfa oauth oidc radius saml scim single-sign-on sso totp webauthn
Last synced: about 1 month ago
JSON representation
An open-source UI-first Identity and Access Management (IAM) / Single-Sign-On (SSO) platform with web UI supporting OAuth 2.0, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, RADIUS, Google Workspace, Active Directory and Kerberos
- Host: GitHub
- URL: https://github.com/casdoor/casdoor
- Owner: casdoor
- License: apache-2.0
- Created: 2020-10-22T14:40:03.000Z (over 5 years ago)
- Default Branch: master
- Last Pushed: 2026-02-07T18:25:59.000Z (4 months ago)
- Last Synced: 2026-02-08T03:31:17.304Z (4 months ago)
- Topics: ai-gateway, auth, authentication, authn, casdoor, faceid, iam, ldap, llm-gateway, mcp-gateway, mfa, oauth, oidc, radius, saml, scim, single-sign-on, sso, totp, webauthn
- Language: Go
- Homepage: https://casdoor.org
- Size: 42.2 MB
- Stars: 12,982
- Watchers: 76
- Forks: 1,558
- Open Issues: 116
-
Metadata Files:
- Readme: README.md
- License: LICENSE
- Security: SECURITY.md
Awesome Lists containing this project
- awesome - casdoor/casdoor - An open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD (Go)
- awesome-tools - casdoor/casdoor - An open-source Identity and Access Management (IAM) / Single-Sign-On (SSO) platform with web UI supporting OAuth 2.0, OIDC, SAML and CAS (Authentication)
- awesome-ChatGPT-repositories - casdoor - An open-source Identity and Access Management (IAM) / Single-Sign-On (SSO) platform powered by Casbin and AI gateway with web UI supporting OAuth 2.0, OIDC, SAML and OpenAI ChatGPT (Openai)
- Awesome-GithubRepos - casdoor - Sign-On (SSO) platform with web UI supporting OAuth 2.0, OIDC, SAML and CAS, QQ group: 645200447 (This repo contains the list of awesome repo present in github. A tribute to the freely available awesome educational resources.)
- awesome-auth - Casdoor - UI-first centralized authentication / Single-Sign-On (SSO) platform supporting OAuth 2.0 / OIDC and SAML. (Authentication / <a name="authN-golang"></a>Golang)
- awesome-ai-agents - casdoor/casdoor - Casdoor is an open-source, AI-first Identity and Access Management (IAM) and Model Context Protocol (MCP) gateway with a web UI, offering extensive authentication and authorization capabilities for... (Agent Integration & Deployment Tools / AI Agent Gateway)
- cybersecurity-auth - Casdoor - UI-first centralized authentication / Single-Sign-On (SSO) platform supporting OAuth 2.0 / OIDC and SAML. (`Authentication` / `SSO (Single-Sign-On)`)
- awesome-golang-repositories - casdoor - Sign-On (SSO) platform with web UI supporting OAuth 2.0, OIDC, SAML and CAS, QQ group: 645200447 (Repositories)
- awesome-arsenal - Casdoor - SSO 平台。 (武器库 / 后端)
- awesome-ccamel - casdoor/casdoor - An open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD (Go)
- Dev-Notes - Casdoor
- awesome-github-star - casdoor - source Identity and Access Management (IAM) / Single-Sign-On (SSO) platform with web UI supporting OAuth 2.0, OIDC, SAML, CAS, LDAP, WebAuthn, TOTP, MFA and RADIUS | casdoor | 7069 | (Go)
- awesome-platform-engineering - Casdoor- IAM/SSO platform with web UI
- awesome-mcp-registry - casdoor/casdoor - first Identity and Access Management (IAM) / MCP gateway and auth server. | (Security (2))
- awesome-openclaw-skills - casdoor/casdoor - source AI-first Identity and Access Management (IAM) /AI MCP gateway and auth server with we... | 13.2k | (Security & Auth)
- awesome-x-ops - Casdoor - source identity management platform supporting OAuth 2.0, OIDC, and SAML. (Platform Engineering / Identity and Access Management (IAM))
- awesome-mcp - casdoor/casdoor - Casdoor is an open-source, AI-first Identity and Access Management (IAM) solution and Model Context Protocol (MCP) gateway, providing a web UI for managing users, applications, and authentication f... (MCP Servers / Security & Reverse Engineering)
README
Casdoor: AI-First Identity and Access Management (IAM) / AI MCP Gateway
An open-source, AI-first IAM / MCP gateway and authentication server with a web UI.
Supporting MCP, A2A, OAuth 2.0, OIDC (OAuth 2.x), SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID,
Google Workspace, Azure AD, and more.
Documentation and guides: casdoor.ai
Website ·
Documentation ·
Live demo ·
Discord
---
## Table of contents
- [Why Casdoor](#why-casdoor)
- [Live demos](#live-demos)
- [Quick start](#quick-start)
- [Features](#features)
- [Technology stack](#technology-stack)
- [Documentation](#documentation)
- [Integrations](#integrations)
- [Security](#security)
- [Community and support](#community-and-support)
- [Contributing](#contributing)
- [License](#license)
---
Casdoor is a **UI-first** identity provider and access management platform: one place to manage users, organizations, applications, and providers, with a modern web console. Authorization policies can be expressed with **[Casbin](https://casbin.org/)** (ACL, RBAC, ABAC, and more). Unlike reverse-proxy-centric auth companions, Casdoor is a dedicated auth server with broad protocol support, designed to be straightforward to self-host and integrate—see **[casdoor.ai](https://casdoor.ai)** for documentation.
---
| Environment | URL | Description |
|-------------|-----|-------------|
| **Read-only** | [door.casdoor.com](https://door.casdoor.com) | Global demo; **any modification or write operation will fail** (read-only). |
| **Writable** | [demo.casdoor.com](https://demo.casdoor.com) | Full access for testing; **data is reset about every 5 minutes**. |
Default demo admin login (where applicable): `admin` / `123` — use only for demos; change credentials on your own deployment.
---
Pick one deployment method below. To keep behavior consistent with upstream, the steps are aligned with official docs.
### 🛠️ Source code (default)
1. Install dependencies: **Go 1.25** (follow `go.mod`), **Node.js LTS (20)**, **Yarn 1.x**, and a supported database.
2. Clone the repository:
```bash
git clone https://github.com/casdoor/casdoor.git
cd casdoor
```
3. Configure database in `conf/app.conf` (at minimum set `driverName`, `dataSourceName`, and `dbName`; for MySQL create database `casdoor` first).
4. Build frontend and start backend:
```bash
cd web
yarn install
yarn build
cd ..
go run main.go
```
5. Open [http://localhost:8000](http://localhost:8000) and sign in with `built-in/admin` / `123` on a fresh install (change password immediately in production).
Official guide: [Server installation](https://casdoor.ai/docs/basic/server-installation)
### 🐳 Docker
Use one of the official Docker paths:
- **All-in-one (SQLite quick trial)**:
```bash
docker run -p 8000:8000 casbin/casdoor-all-in-one
```
- **Docker Compose** (with your `conf/app.conf` next to `docker-compose.yml`):
```bash
docker compose up
```
Then open [http://localhost:8000](http://localhost:8000) and sign in with `built-in/admin` / `123` on a fresh install.
Official guide: [Try with Docker](https://casdoor.ai/docs/basic/try-with-docker)
### ☸️ Kubernetes Helm
With Helm v3 and a running Kubernetes cluster:
```bash
helm install casdoor oci://registry-1.docker.io/casbin/casdoor-helm-charts
```
After installation, access Casdoor through your cluster service/ingress. The official guide covers chart versions (including optional `--version`) and cluster-specific settings.
Official guide: [Try with Helm](https://casdoor.ai/docs/basic/try-with-helm)
---
### 🔐 Authentication
- **OAuth 2.0 / OIDC** — OpenID Connect and OAuth 2.x authorization
- **SAML 2.0** — Enterprise SSO integration
- **CAS** — Central Authentication Service
- **LDAP** — Directory service integration
- **WebAuthn / Passkeys** — Passwordless authentication
- **TOTP / MFA** — Multi-factor authentication
- **Face ID** — Biometric authentication
### 🏢 Enterprise
- **SCIM 2.0** — User provisioning
- **RBAC** — Role-based access control
- **Social Login** — Google, GitHub, Azure AD, and more
- **Custom providers** — Extensible identity providers
- **User management** — Web UI for administration
- **Audit logs** — Comprehensive logging
- **Multi-tenancy** — Organization support
### 🤖 AI & MCP
- **MCP Gateway** — Model Context Protocol support
- **A2A Protocol** — Agent-to-Agent communication
- **AI-First Design** — Built for AI applications
### 🛠️ Developer Experience
- **RESTful API** — Complete API coverage
- **SDKs** — Go, Java, Python, Node.js, and more
- **Swagger UI** — Interactive API documentation
- **Webhooks** — Event-driven integrations
- **Customizable UI** — Brand theming support
---
Casdoor is built as a **frontend–backend separated** project:
- **Web UI**: JavaScript and **React** ([`web/`](https://github.com/casdoor/casdoor/tree/master/web))
- **API server**: **Go** with **Beego**, RESTful APIs ([repository root](https://github.com/casdoor/casdoor))
- **Data**: mainstream databases including **MySQL**, **PostgreSQL**, and others ([overview](https://casdoor.ai/docs/overview))
- **Cache**: optional **Redis** for session/cache-style deployments (configure as needed)
---
**All product documentation, installation, and tutorials live at [casdoor.ai/docs/overview](https://casdoor.ai/docs/overview).** Start here, then use the sections below.
**Install**
- [Install from source](https://casdoor.ai/docs/basic/server-installation)
- [Install with Docker](https://casdoor.ai/docs/basic/try-with-docker)
- [Install with Kubernetes Helm](https://casdoor.ai/docs/basic/try-with-helm)
**Connect applications**
- [How to connect to Casdoor](https://casdoor.ai/docs/how-to-connect/overview)
**APIs**
- [Public API](https://casdoor.ai/docs/basic/public-api)
- [Swagger UI](https://door.casdoor.com/swagger) (live API explorer)
---
Casdoor integrates with common languages and frameworks:
Browse the full list: [Integrations](https://casdoor.ai/docs/category/integrations).
---
- **Discord**: [Join our community](https://discord.gg/5rPsrAzK7S)
- **Contact**: [casdoor.ai/help](https://casdoor.ai/help)
- **Issues**: [GitHub Issues](https://github.com/casdoor/casdoor/issues)
- **Discussions**: [GitHub Discussions](https://github.com/casdoor/casdoor/discussions)
---
If you have questions about Casdoor, you can **[open an issue](https://github.com/casdoor/casdoor/issues)**. Pull requests are welcome; **we recommend opening an issue first** so you can align with maintainers and the community before larger changes.
Please also read our [contribution guidelines](https://casdoor.ai/docs/contributing/) before contributing.
### Translation and i18n
- **Crowdin** is used for translation workflows: [casdoor-site on Crowdin](https://crowdin.com/project/casdoor-site).
- The web app uses **i18next**. When you add or change user-visible strings under [`web/`](https://github.com/casdoor/casdoor/tree/master/web), update the English catalog at [`web/src/locales/en/data.json`](web/src/locales/en/data.json) accordingly.
---
Casdoor is licensed under the [Apache License 2.0](https://github.com/casdoor/casdoor/blob/master/LICENSE).
---
[](https://casdoor.ai) [](https://casdoor.ai)
© 2026 Casdoor. Licensed under Apache License 2.0.