Casdoor, a UI first identity and access management and single sign on platform that speaks OIDC, OAuth2, SAML, CAS and LDAP from one self contained server.
Casdoor is an open source, UI first identity and access management (IAM) and single sign on platform. It is a full authentication server: it issues signed OIDC and OAuth2 tokens and also supports SAML, CAS, LDAP and WebAuthn, so one deployment can be the login for all of your applications. A rich admin console manages organizations, users, applications, providers, roles, permissions, certificates, sessions and tokens, alongside a customisable login and account web interface. An embedded database is used, so a complete identity provider with its web console is up and answering with no separate database to run.
It suits teams that want a self hosted, standards based single sign on with a polished console, whether securing internal tools or customer facing apps.
cloudimg delivers Casdoor hardened and fully patched, served over TLS with a self signed certificate regenerated on first boot so no key material is ever shared between instances. A host firewall keeps the application reachable only through the nginx TLS reverse proxy, and the image carries no known login: Casdoor normally seeds a built in admin with a default password, so on the first boot of every instance a one shot service boots the server against an empty database, generates a random per instance admin password, resets the admin to that password through the Casdoor API, proves the default password no longer works, and writes the new one to a file only the root user can read. Every deployment is paired with a step by step deploy guide and backed by 24/7 cloudimg support.
Real screenshots taken while testing this image against its deployment guide.