Psono

Psono is a self‑hosted, open‑source password manager designed for teams and enterprises that require full control over their credential storage. At its core, the system provides a web‑based UI and a RESTful API that let users create, organize, and share encrypted secrets across a company. The data never leaves the client in plaintext; it is first encrypted with a client‑side key derived from the user’s password, then wrapped in an additional server‑side encryption layer before being persisted. This dual‑layer approach ensures that even if the database is compromised, an attacker cannot decrypt any credentials without the user‑specific key.

Architecture

• Backend – Written in Python 3.10+, the server is built on the FastAPI framework, which offers high performance, automatic OpenAPI generation, and dependency injection.
• Database – Psono uses a relational database (PostgreSQL 12+ by default) to store user accounts, groups, and encrypted payloads. The ORM layer is powered by SQLAlchemy.
• Encryption Engine – Client‑side encryption is performed in the browser using the Web Crypto API; server‑side storage encryption uses AES‑256 GCM via Python’s cryptography library.
• Auth & Identity – Authentication is handled by OAuth2/OpenID Connect, with support for LDAP/AD integration through a pluggable provider module.
• WebSocket Layer – Real‑time collaboration and notifications are delivered via websockets over HTTPS, enabling instant sharing of secrets without polling.
• Containerization – A Docker Compose bundle ships with separate services for the API, worker queue (Celery), and reverse proxy (Traefik). Kubernetes manifests are also available for production deployments.

Core Capabilities

• Secret Management – CRUD operations on credentials, folders, and user‑defined tags via REST endpoints.
• Fine‑Grained Access Control – Role‑based permissions (admin, editor, viewer) and group policies that can be applied per secret.
• Sharing & Collaboration – End‑to‑end encrypted sharing between users or groups, with audit logs for every access event.
• Audit & Compliance – Detailed activity logs, exportable in JSON/CSV, and support for SAML audit assertions.
• API Extensibility – A fully documented OpenAPI spec allows developers to build custom clients, CLI tools, or integrate with CI/CD pipelines.
• Webhooks – Trigger external services on events such as secret creation, update, or deletion.

Deployment & Infrastructure

Psono is engineered for high availability and scalability. The stateless API can be horizontally scaled behind a load balancer; the Celery workers process background tasks like email notifications or key rotation. PostgreSQL can be clustered with Patroni for HA, and the database credentials are stored in a separate vault (e.g., HashiCorp Vault) to avoid hard‑coding secrets. The Docker images are lightweight (~200 MB), and the Compose stack can be deployed on any Linux host with Docker Engine. For larger enterprises, Kubernetes deployment is recommended to leverage pod autoscaling and persistent volume claims.

Integration & Extensibility

Developers can extend Psono through its plugin architecture. Plugins are Python packages that register new endpoints, authentication backends, or UI components via a declarative psono_plugin entry point. The system also exposes WebSocket events and supports OAuth2 client registration, making it straightforward to integrate with existing identity providers or build custom single‑sign‑on flows. The API’s strict type hints and OpenAPI spec enable automated client generation in languages such as Go, JavaScript, or Rust.

Developer Experience

The project follows semantic versioning and maintains comprehensive documentation on ReadTheDocs, covering architecture diagrams, API usage, and developer guides. The community is active on GitHub Issues and Discord, with frequent releases that address security patches promptly. Configuration is driven by environment variables or a YAML file (psono.yml), and the Docker Compose stack includes example overrides for production settings. The codebase is well‑structured, with clear separation between the API, worker, and UI layers, facilitating contribution.

Use Cases

• Enterprise Credential Store – Centralized, auditable storage for developers’ API keys and SSH credentials.
• CI/CD Secrets Management – Inject secrets into pipelines via the REST API or webhook triggers.
• Team Collaboration – Securely share passwords between developers, designers, and QA teams with fine‑grained permissions.
• Compliance Auditing – Export logs for SOC 2 or ISO 27001 compliance reviews.
• Hybrid Cloud – Deploy on-premises while integrating with cloud IAM providers for single‑sign‑on.

Advantages

• True End‑to‑End Encryption – Client‑side keys mean the server never sees plaintext passwords.
• Open Source Transparency – Full code auditability reduces reliance on proprietary security models.
• Flexible Deployment – Works out‑of‑the‑box with Docker, Kubernetes, or bare‑metal installations.
• Rich API – Enables automation and integration with existing tooling without custom scrapers.
• Scalable Architecture – Designed for thousands of users with minimal latency.

In summary, Psono offers developers a robust, self‑hosted password management solution that balances security, flexibility, and operational control—making it an attractive choice for teams that need to keep secrets safe while maintaining full ownership of their infrastructure.