Docs
Practical guide to Doorman: what users can do, how operators set it up, and how technical teams integrate auth, RBAC, billing, and usage.
User guide
Dashboard model
Doorman is organized as org -> app -> tenant. Orgs own apps and billing configuration. Tenants represent customer workspaces. Users get org roles and app roles inside tenants.
What users can do
- Sign up, log in, recover accounts, verify email, and update settings.
- Request access to an org and accept org or tenant invites.
- Switch active org context from the dashboard.
- Use apps only where tenant membership and app role permissions allow it.
- Authorize third-party apps through OAuth consent.
Operator paths
/dashboard/orgs: create and manage organizations./dashboard/orgs/:orgId?tab=members: invite members and assign org roles./dashboard/orgs/:orgId?tab=identity-providers: configure SSO providers and email-domain routing./dashboard/orgs/:orgId/apps/:appId?tab=oauth: create OAuth clients./dashboard/orgs/:orgId/apps/:appId?tab=roles: define app roles and permissions./dashboard/orgs/:orgId/apps/:appId?tab=plansand?tab=meters: define billing catalog./dashboard/tenants/:tenantId: manage tenant members, app access, subscriptions, and service accounts.