In case that’s too many acronyms,
A UI-first Identity Access Management (IAM) / Single-Sign-On (SSO) platform supporting OAuth 2.0, OIDC, SAML and CAS, integrated with Casbin RBAC and ABAC permission management. Supports third-party applications login, such as GitHub, Google, QQ, WeChat, etc., and other plugins can extend the third party logins Casdoor can use.
Been meaning to set-up SSO in my homelab. Adding it to the list of projects to look into. Thanks!
I’d definitely suggest checking out Keycloak. It’s still the best I’ve used as far as being intuitive and standards compliant.
I might be wrong, but to me this looks more like a middle layer between your application and other provider to host a standardised API to all of them.
I’m looking into kanidm, it’s a pretty new project and very lightweight (compared to Keycloak).
If that won’t pan out, I’ll probably fall back to lldap + Authelia.
If that fails I’ll set up Authentik.
Sounds super interesting, though I’m not sure if I understand 100% what it does. Seems like its a centralized login system for connecting to any setup application, so could it be setup to login to say jellyfin/plex/gitlab. Does it need an ldap system to connect to? Could it store ssh keys? Can it connect to bitwarden or is it more of a replacement for bitwarden?
Neither, it’s a method to allow users to login to your app/site, without needing a specific registration there. It does not replace Bitwarden, that is client side. This is server side.
EG you set this up and then on your app login, you say ‘hey, login with facebook’. Casdoor handles the authorization and authentication to Facebook, returns a code to your site ‘Yes thats good’ or ‘No that’s not’. Then you handle accordingly