Skip to main content

Role Managers

The role manager is used to manage the RBAC role hierarchy (user-role mapping) in Casbin. A role manager can retrieve the role data from Casbin policy rules or external sources such as LDAP, Okta, Auth0, Azure AD, etc. We support different implementations of a role manager. To keep light-weight, we don't put role manager code in the main library (except the default role manager). A complete list of Casbin role managers is provided as below. Any 3rd-party contribution on a new role manager is welcomed, please inform us and I will put it in this list:)

Role managerAuthorDescription
Default Role Manager (built-in)CasbinSupports role hierarchy stored in Casbin policy
Session Role ManagerEDOMO SystemsSupports role hierarchy stored in Casbin policy, with time-range-based sessions
Okta Role ManagerCasbinSupports role hierarchy stored in Okta
Auth0 Role ManagerCasbinSupports role hierarchy stored in Auth0's Authorization Extension

For developers: all role managers must implement the RoleManager interface. Session Role Manager can be used as a reference implementation.

API

See API section for details.