Casbin

Casbin

  • Docs
  • API
  • Editor
  • IDE Plugins
  • Single Sign-On (SSO)
  • Forum
  • Help
  • Blog
  • Pricing
  • Contact Sales
  • Languages iconEnglish
    • 中文
    • 한국어
    • Русский
    • Français
    • Deutsch
    • 日本語
    • Help Translate
  • GitHub

›The Basics

The Basics

  • Overview
  • Get Started
  • How it Works
  • Tutorials

Model

  • Supported Models
  • Syntax for Models
  • Effector
  • Function
  • RBAC
  • RBAC with Pattern
  • RBAC with Domains
  • Casbin RBAC v.s. RBAC96
  • ABAC
  • Priority Model
  • Super Admin

Storage

  • Model Storage
  • Policy Storage
  • Policy Subset Loading

Extensions

  • Enforcers
  • Adapters
  • Watchers
  • Dispatchers
  • Role Managers
  • Middlewares
  • GraphQL Middlewares
  • Cloud Native Middlewares

API

  • API Overview
  • Management API
  • RBAC API
  • RBAC with Domains API
  • RoleManager API
  • Data Permissions

Advanced Usage

  • Multi-threading
  • Benchmarks
  • Performance Optimization
  • Authorization of Kubernetes
  • Authorization of Service Mesh through Envoy

Management

  • Admin Portal
  • Casbin Service
  • Log & Error Handling
  • Frontend Usage

Editor

  • Online Editor
  • IDE Plugins

More

  • Our Adopters
  • Contributing
  • Privacy Policy
  • Terms of Service
Edit

Overview

Casbin is a powerful and efficient open-source access control library. It provides support for enforcing authorization based on various access control models.

All the languages supported by Casbin:

golangjavanodejsphp
CasbinjCasbinnode-CasbinPHP-Casbin
production-readyproduction-readyproduction-readyproduction-ready
pythondotnetc++rust
PyCasbinCasbin.NETCasbin-CPPCasbin-RS
production-readyproduction-readyproduction-readyproduction-ready

Feature set for different languages

FeatureGoJavaNode.jsPHPPythonC#DelphiRustC++LuaDartElixir
Enforcement✅✅✅✅✅✅✅✅✅✅✅✅
RBAC✅✅✅✅✅✅✅✅✅✅✅✅
ABAC✅✅✅✅✅✅✅✅✅✅✅✅
Scaling ABAC (eval())✅✅✅✅✅✅❌✅✅✅✅✅
Adapter✅✅✅✅✅✅✅✅✅✅✅❌
Management API✅✅✅✅✅✅✅✅✅✅✅✅
RBAC API✅✅✅✅✅✅✅✅✅✅✅✅
Batch API✅✅✅✅✅✅❌✅✅✅❌❌
Filtered Adapter✅✅✅✅✅✅❌✅✅✅❌❌
Watcher✅✅✅✅✅✅✅✅✅✅❌❌
Role Manager✅✅✅✅✅✅❌✅✅✅✅❌
Multi-Threading✅✅✅❌✅❌❌✅❌❌❌❌
'in' of matcher✅✅✅✅✅❌✅❌❌❌✅✅

We are always working our best to make Casbin have the same set of features for all languages. But the reality is not that beautiful. The current progress is as the above table. ✅ for Watcher or Role Manager only means having the interface in the core library. Whether there is an available watcher or role manager implementation is another question.

What is Casbin?

What Casbin does:

  1. enforce the policy in the classic {subject, object, action} form or a customized form as you defined, both allow and deny authorizations are supported.
  2. handle the storage of the access control model and its policy.
  3. manage the role-user mappings and role-role mappings (aka role hierarchy in RBAC).
  4. support built-in superuser like root or administrator. A superuser can do anything without explicit permissions.
  5. multiple built-in operators to support the rule matching. For example, keyMatch can map a resource key /foo/bar to the pattern /foo*.

What Casbin does NOT do:

  1. authentication (aka verify username and password when a user logs in)
  2. manage the list of users or roles. I believe it's more convenient for the project itself to manage these entities. Users usually have their passwords, and Casbin is not designed as a password container. However, Casbin stores the user-role mapping for the RBAC scenario.
Last updated on 11/28/2022
Get Started →
  • All the languages supported by Casbin:
  • Feature set for different languages
  • What is Casbin?
Casbin
Docs
Getting StartedManagement APIRBAC APIMiddlewares
Community
Who's using Casbin?Stack Overflow
Casbin          jCasbin
Node-Casbin   PHP-CasbinPyCasbin          Casbin.NETCasbin-CPP        Casbin-RS
Follow @casbinHQ
Copyright © 2022 Casbin Organization