Docs

What Doorman is

Doorman is a self-hosted control plane for SaaS identity and billing. It combines Ory Kratos sessions, Ory Hydra OIDC, app/tenant RBAC, service accounts, Stripe-backed subscriptions, usage metering, and operator dashboards.

• Users sign in, join orgs/tenants, and access apps through assigned roles.
• Operators manage orgs, apps, tenants, members, SSO providers, billing, plans, meters, and service accounts.
• Integrators use OIDC tokens, app-scoped APIs, and the React SDK from their own products.

Repo map

• apps/web: Doorman dashboard, auth UI, consent UI, and docs.
• examples/sample-spa: browser OIDC sample app.
• examples/sample-client: server-side OIDC sample app.
• services/control-api: Fastify control-plane API and migrations runner.
• services/worker: billing, usage, retention, and alert jobs.
• packages/react-sdk: integration helpers for auth, SSO, billing, and generic authorization.
• infra/compose, infra/ory, infra/db: local services, Ory config, migrations, and seeds.

Local start

pnpm install
cd infra/compose
docker compose up -d
cd ../..
pnpm --filter @doorman/control-api migrate
pnpm dev:api
pnpm dev:web

Run API and web in separate terminals. The compose stack starts Postgres, Kratos, Hydra, and Mailslurper.

Core URLs

• Web: http://localhost:3000
• Control API: https://doorman.f1cs-dev.it
• Kratos public: https://doorman.f1cs-dev.it/kratos
• Hydra issuer: https://doorman.f1cs-dev.it/oauth2
• OIDC discovery: https://doorman.f1cs-dev.it/oauth2/.well-known/openid-configuration
• Swagger UI: open API docs