Casdoor: AI-First Identity and Access Management (IAM) / AI MCP Gateway

An open-source, AI-first IAM / MCP gateway and authentication server with a web UI.
Supporting MCP, A2A, OAuth 2.0, OIDC (OAuth 2.x), SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID,
Google Workspace, Azure AD, and more.

Documentation and guides: casdoor.ai

Website · Documentation · Live demo · Discord

• Why Casdoor
• Live demos
• Quick start
• Features
• Technology stack
• Documentation
• Integrations
• Security
• Community and support
• Contributing
• License

Casdoor is a UI-first identity provider and access management platform: one place to manage users, organizations, applications, and providers, with a modern web console. Authorization policies can be expressed with Casbin (ACL, RBAC, ABAC, and more). Unlike reverse-proxy-centric auth companions, Casdoor is a dedicated auth server with broad protocol support, designed to be straightforward to self-host and integrate—see casdoor.ai for documentation.

Default demo admin login (where applicable): admin / 123 — use only for demos; change credentials on your own deployment.

Pick one deployment method below. To keep behavior consistent with upstream, the steps are aligned with official docs.

1. Install dependencies: Go 1.25 (follow go.mod), Node.js LTS (20), Yarn 1.x, and a supported database.
2. Clone the repository:

git clone https://github.com/casdoor/casdoor.git
cd casdoor

3. Configure database in conf/app.conf (at minimum set driverName, dataSourceName, and dbName; for MySQL create database casdoor first).
4. Build frontend and start backend:

cd web
yarn install
yarn build
cd ..
go run main.go

5. Open http://localhost:8000 and sign in with built-in/admin / 123 on a fresh install (change password immediately in production).

Official guide: Server installation

Use one of the official Docker paths:

• All-in-one (SQLite quick trial):

docker run -p 8000:8000 casbin/casdoor-all-in-one

• Docker Compose (with your conf/app.conf next to docker-compose.yml):

docker compose up

Then open http://localhost:8000 and sign in with built-in/admin / 123 on a fresh install.

Official guide: Try with Docker

With Helm v3 and a running Kubernetes cluster:

helm install casdoor oci://registry-1.docker.io/casbin/casdoor-helm-charts

After installation, access Casdoor through your cluster service/ingress. The official guide covers chart versions (including optional --version) and cluster-specific settings.

Official guide: Try with Helm

Casdoor is built as a frontend–backend separated project:

• Web UI: JavaScript and React (web/)
• API server: Go with Beego, RESTful APIs (repository root)
• Data: mainstream databases including MySQL, PostgreSQL, and others (overview)
• Cache: optional Redis for session/cache-style deployments (configure as needed)

All product documentation, installation, and tutorials live at casdoor.ai/docs/overview. Start here, then use the sections below.

Install

• Install from source
• Install with Docker
• Install with Kubernetes Helm

Connect applications

• How to connect to Casdoor

APIs

• Public API
• Swagger UI (live API explorer)

Casdoor integrates with common languages and frameworks:

Browse the full list: Integrations.

• Discord: Join our community
• Contact: casdoor.ai/help
• Issues: GitHub Issues
• Discussions: GitHub Discussions

If you have questions about Casdoor, you can open an issue. Pull requests are welcome; we recommend opening an issue first so you can align with maintainers and the community before larger changes.

Please also read our contribution guidelines before contributing.

• Crowdin is used for translation workflows: casdoor-site on Crowdin.
• The web app uses i18next. When you add or change user-visible strings under web/, update the English catalog at web/src/locales/en/data.json accordingly.

Casdoor is licensed under the Apache License 2.0.