Docs

Practical guide to Doorman: what users can do, how operators set it up, and how technical teams integrate auth, RBAC, billing, and usage.

Reference

API reference

  • Swagger UI: generated control-api endpoint reference.
  • services/control-api/contracts/control-api.openapi.json: checked OpenAPI contract with Doorman auth metadata.
  • /docs/api-contract: SDK/API contract for auth, RBAC, billing, and service agents.
  • /docs/integration: detailed SSO, Stripe, SDK, and operations runbook.

Deep dives

Common use cases

  • Add login to a SaaS app: create OAuth client, configure PKCE, validate tokens with JWKS.
  • Add enterprise SSO: create org identity provider, add domain routing, test provider resolution.
  • Gate features by role: create app roles, assign tenant members, enforce token permissions.
  • Sell subscriptions: create plan/meter catalog, map Stripe prices, create checkout, poll status.
  • Meter usage: ingest usage events, aggregate, export, and alert on thresholds.
  • Give automation access: create service account, store one-time secret, request client-credentials token.