In case that’s too many acronyms,

A UI-first Identity Access Management (IAM) / Single-Sign-On (SSO) platform supporting OAuth 2.0, OIDC, SAML and CAS, integrated with Casbin RBAC and ABAC permission management. Supports third-party applications login, such as GitHub, Google, QQ, WeChat, etc., and other plugins can extend the third party logins Casdoor can use.

  • roosmaa@lemmy.sdf.org
    link
    fedilink
    English
    arrow-up
    2
    ·
    2 years ago

    Been meaning to set-up SSO in my homelab. Adding it to the list of projects to look into. Thanks!

    • exu@feditown.com
      link
      fedilink
      English
      arrow-up
      2
      ·
      2 years ago

      I might be wrong, but to me this looks more like a middle layer between your application and other provider to host a standardised API to all of them.

    • andrew@lemmy.stuart.fun
      link
      fedilink
      English
      arrow-up
      2
      ·
      2 years ago

      I’d definitely suggest checking out Keycloak. It’s still the best I’ve used as far as being intuitive and standards compliant.

    • g5pw@feddit.it
      link
      fedilink
      English
      arrow-up
      1
      ·
      2 years ago

      I’m looking into kanidm, it’s a pretty new project and very lightweight (compared to Keycloak).

      If that won’t pan out, I’ll probably fall back to lldap + Authelia.

      If that fails I’ll set up Authentik.

  • The_Shwa
    link
    fedilink
    English
    arrow-up
    1
    ·
    2 years ago

    Sounds super interesting, though I’m not sure if I understand 100% what it does. Seems like its a centralized login system for connecting to any setup application, so could it be setup to login to say jellyfin/plex/gitlab. Does it need an ldap system to connect to? Could it store ssh keys? Can it connect to bitwarden or is it more of a replacement for bitwarden?

    • PenguinCoder@beehaw.orgOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      2 years ago

      Neither, it’s a method to allow users to login to your app/site, without needing a specific registration there. It does not replace Bitwarden, that is client side. This is server side.

      EG you set this up and then on your app login, you say ‘hey, login with facebook’. Casdoor handles the authorization and authentication to Facebook, returns a code to your site ‘Yes thats good’ or ‘No that’s not’. Then you handle accordingly