Skip to content

Release history

casdoor releases

An open-source AI-first Identity and Access Management (IAM) /AI MCP & agent gateway and auth server with web UI supporting MCP, A2A, OAuth 2.1, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD

Back to tool Latest release

All releases

58 shown

v2.395.0 Mixed
Notable features
  • Add local OpenClaw transcript sync for session logs
Full changelog

2.395.0 (2026-04-07)

Bug Fixes

  • fix authz permission for well-known OAuth endpoints (#5372) (e9c2ec0)

Features

  • add local OpenClaw transcript sync for session logs (#5370) (2a8ac57)
View release on GitHub
v2.394.0 New feature
Notable features
  • LoginPage captcha rule check now applied to SendCodeInput.js component
Full changelog

2.394.0 (2026-04-06)

Features

  • apply loginPage captcha rule check to SendCodeInput.js (#5369) (31ce151)
View release on GitHub
v2.393.0 Bug fix

Filter validation was tightened to prevent incorrect passes, improving reliability of access decisions.

View release on GitHub
v2.391.0 New feature
Notable features
  • Provider-based entry viewers for SELinux logs
Full changelog

2.391.0 (2026-04-05)

Features

  • add provider-based entry viewers for SELinux logs (#5364) (c7ad205)
View release on GitHub
v2.390.1 Bug fix

Fixed an XML canonicalization bug by adding the xs namespace to the exclusive prefix list, improving signature validation correctness.

View release on GitHub
v2.389.0 New feature
Notable features
  • Added redirectUriMatchesPattern() method for pattern-based redirect URI validation
Full changelog

2.389.0 (2026-04-05)

Features

  • add redirectUriMatchesPattern() (e8a0b26)
View release on GitHub
v2.388.1 Bug fix

The edit page for Managed Platform servers now includes a Clear button, letting users reset form fields quickly and reducing accidental data entry errors.

View release on GitHub
v2.387.1 Bug fix

SELinux log collection now uses a dedicated collector, improving reliability and reducing errors in security event logging.

View release on GitHub
v2.387.0 Bug fix
Notable features
  • Added parseAndValidateSubjectToken() function
Full changelog

2.387.0 (2026-04-05)

Bug Fixes

  • fix linter in saml_sp.go (e10706c)
  • improve buildSpCertificateStore logic (d14674e)

Features

  • add parseAndValidateSubjectToken() (d92b856)
View release on GitHub
v2.386.0 New feature
Notable features
  • Sync button to sync tools in MCP server edit page
Full changelog

2.386.0 (2026-04-05)

Features

  • add Sync button to sync tools in MCP server edit page (#5360) (284dde2)
View release on GitHub
v2.385.1 Bug fix

Fixed the redirect URI validation logic and refactored utility code to improve consistency and reduce potential runtime errors.

View release on GitHub
v2.385.0 New feature
Notable features
  • Application.EnableGuestSignin field for controlling guest signup
  • GetOAuthToken logic improvements
Full changelog

2.385.0 (2026-04-05)

Features

  • add Application.EnableGuestSignin field (56ac5cd)
  • improve GetOAuthToken logic (203a61c)
View release on GitHub
v2.384.1 Bug fix

Improved the buildAuthFilterString function to correctly handle edge cases, preventing malformed authentication filters and enhancing login reliability for custom configurations.

View release on GitHub
v2.384.0 Mixed
Notable features
  • Improved error handling in OLTP APIs
Full changelog

2.384.0 (2026-04-05)

Bug Fixes

  • add client IP and UA to entry (9030a06)
  • fix bug in responseOtlpError() (c979a05)
  • improve random handling (1e7a2d8)
  • refactor out log/agent_openclaw.go (fab5736)
  • remove entry's useless fields (fffb26d)

Features

  • improve error handling in OLTP APIs (f6a3fb9)
View release on GitHub
v2.383.0 Mixed
Notable features
  • SELinuxLogProvider for event logging
  • Support for OpenClaw /api/v1/metrics and /api/v1/logs APIs
Full changelog

2.383.0 (2026-04-04)

Bug Fixes

  • fix go linter issue (e73cfe8)
  • set empty providerUrl in new provider (f75cee7)

Features

  • add SELinuxLogProvider (6cb9978)
  • support "/api/v1/metrics" and "/api/v1/logs" APIs from OpenClaw (facc1ec)
View release on GitHub
v2.382.1 Bug fix

Fixed provider logging errors, corrected a field in system logs, and enhanced auto provider name resolution for subtypes.

View release on GitHub
v2.381.3 Bug fix

A bug in the Windows system log provider that caused event parsing and persistence failures has been fixed, improving reliability of log handling on Windows deployments.

View release on GitHub
v2.381.2 Bug fix

Refactored the system log provider to improve reliability and fix related bugs.

View release on GitHub
v2.381.1 Bug fix

Fixed the writePermissionLog hook placement and refined the entry list page UI to improve layout and user experience.

View release on GitHub
v2.381.0 Mixed
Notable features
  • Permission Log provider and frontend option for permission auditing
  • Auto-set name and display name for new providers
Full changelog

2.381.0 (2026-04-04)

Bug Fixes

  • add "Casdoor Permission Log" option to frontend (8ffca95)
  • add "Casdoor Permission Log" provider (5140053)
  • add Entry.Provider field (17a52da)
  • ignore claude config (84f289d)
  • rename to log package (9b86530)

Features

  • auto set name and display name for new provider (4f68432)
View release on GitHub
v2.379.0 New feature
Notable features
  • Permission command API improvements
Full changelog

2.379.0 (2026-04-03)

Features

  • improve permission command API (ea2408a)
View release on GitHub
v2.378.1 Bug fix

The GetSession function now returns a corrected value, ensuring session tokens are handled consistently and preventing potential authentication errors.

View release on GitHub
v2.378.0 New feature
Notable features
  • LogProvider interface for custom logging implementations
Full changelog

2.378.0 (2026-04-02)

Features

  • add LogProvider interface (1439031)
View release on GitHub
v2.376.0 New feature
Notable features
  • MCP store page
  • Enhanced webhook worker reliability and event pagination
View release on GitHub
v2.374.0 New feature
Notable features
  • Webhook delivery persistence
  • Automatic retry mechanism
  • Webhook replay UI
View release on GitHub
v2.372.0 Breaking risk
Breaking changes
  • defaultApplication and maxItemsForFlatMenu config moved to app.conf
View release on GitHub
v2.371.0 New feature
Notable features
  • Disk and network usage metrics in system info page
View release on GitHub
v2.369.0 Maintenance

Upgraded Go toolchain to version 1.25.8 for improved performance, security, and compatibility.

View release on GitHub
v2.368.1 Bug fix

Improved LDAP filter pattern handling to correctly process LDAP queries with uid filters.

View release on GitHub
v2.367.0 Maintenance

Upgraded gRPC dependency for improved reliability and security in gRPC-based integrations.

View release on GitHub
v2.366.0 Bug fix

Fixed System Info page to correctly display high CPU and memory usage instead of showing them as green success states.

View release on GitHub
v2.365.0 New feature
Notable features
  • MCP tool synchronization and permission configuration
View release on GitHub
v2.364.2 Maintenance

Removed obsolete use keys from codebase for cleanup and maintenance.

View release on GitHub
v2.360.0 Maintenance

Removed external Casvisor dependency and replaced with local Record struct reducing dependency footprint.

View release on GitHub
v2.358.0 Breaking risk
Breaking changes
  • Configuration now uses backend app.conf instead of frontend config
View release on GitHub
v2.356.0 Bug fix

Fixed UI issue where last element in Edit Application form tabs wasn't visible and fixed OAuth state parameter re-encoding causing OIDC mismatches.

View release on GitHub
v2.354.0 Maintenance

Optimized site map initialization to only occur when proxy server starts, reducing unnecessary startup overhead.

View release on GitHub
v2.353.1 Bug fix

Improved user interface for the Actions field in the permission list page for better usability and visibility.

View release on GitHub

Beta — feedback welcome: [email protected]