Use cases¶
Canaille is a lightweight IAM for simple needs. Here are a few use cases you might recognize in, where Canaille would fit your needs.
OpenID Connect provider on top of a LDAP directory¶
Your organization has an historic LDAP directory and you want to add a OpenID Connect SSO layer on top of it, so users can use all your application while signin-in only once, without any data migration.
Profile edition of LDAP users¶
Your organization has a LDAP directory and you want to provide a way to your users to edit their personal information by themselves, without requiring any administrator intervention.
Password recovery with a LDAP directory¶
Your organization has an historic LDAP directory and you want to provide a way to your users to recover their password when they cannot remember it, without any administrator intervention.
A lightweight IAM for unit testing¶
You are developing an application relying on OAuth2 or OpenID Connect to authenticate the users. You don’t want to mock the calls to the identity provider in your unit tests, but you want to perform real OAuth2/OIDC requests, and test your application against different identity provider tunings.
A lightweight IAM for developing¶
You are developing an application relying on OAuth2 or OpenID Connect to authenticate the users. You need a IAM server to develop locally, but your old computer cannot bear launching a full Keycloak in a Docker container.
A lightweight IAM for CIs¶
You are developing an application relying on OAuth2 or OpenID Connect to authenticate the users. You need a IAM server that could can populate with custom data, and integrate in your continuous integration environment.
A CLI to quickly edit LDAP directory users¶
Your organization has an historic LDAP directory. You are tired to deal with ldif syntax to manage your users and group and would prefer a simple human-readable CLI.