Skip to main content

Role Managers

The role manager is used to manage the RBAC role hierarchy (user-role mapping) in Casbin. A role manager can retrieve role data from Casbin policy rules or external sources such as LDAP, Okta, Auth0, Azure AD, etc. We support different implementations of a role manager. To keep the lightweight, we don't include role manager code in the main library (except the default role manager). A complete list of Casbin role managers is provided below. Any third-party contributions for a new role manager are welcome. Please inform us, and we will add it to this list:)

Role managerAuthorDescription
Default Role Manager (built-in)CasbinSupports role hierarchy stored in the Casbin policy
Session Role ManagerEDOMO SystemsSupports role hierarchy stored in the Casbin policy, with time-range-based sessions
Okta Role ManagerCasbinSupports role hierarchy stored in Okta
Auth0 Role ManagerCasbinSupports role hierarchy stored in Auth0's Authorization Extension

For developers: all role managers must implement the RoleManager interface. The Session Role Manager can be used as a reference implementation.

API

See the API section for details.