daptin
Daptin is an open-source backend-as-a-service platform written in Go that auto-generates REST, GraphQL, and OpenAPI interfaces from YAML schema definitions. It bundles data modeling, user authentication, permissions, file storage, workflows, integrations, and operational features into a single deployable server.
Key facts
Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.
| Field | Value |
|---|---|
| Repository | daptin/daptin |
| Owner | daptin |
| Primary language | Go |
| License | LGPL-3.0 — OSI-approved |
| Stars | 1.9k |
| Forks | 119 |
| Open issues | 37 |
| Latest release | v0.12.25 (2026-06-24) |
| Last updated | 2026-07-05 |
| Source | https://github.com/daptin/daptin |
What daptin is
Built in Go, Daptin exposes schema-defined entities through JSON:API and GraphQL endpoints, with support for SQLite/PostgreSQL/MySQL backends. It provides row-level permissions, OAuth/OIDC flows, action chains, state machines, rclone-backed storage, LLM routing, and clustered operations via Olric.
Get the daptin source
Clone the repository and explore it locally.
git clone https://github.com/daptin/daptin.gitcd daptin# follow the project's README for install & configurationNeed it deployed, integrated, or customized instead? DEV.co ships production installs.
Best use cases
Implementation considerations
- Schema-first model requires upfront data modeling discipline; YAML schema becomes the source of truth for APIs, auth, and validation.
- Database choice (SQLite/PostgreSQL/MySQL) impacts clustering, HA, and backup strategy—Olric is used for distributed caching and PubSub, not data.
- Action chains and state machines are powerful but require understanding of Daptin's workflow DSL; business logic lives in configuration, not code.
- File storage integrates rclone providers; verify cloud credentials, encryption-at-rest, and compliance for your storage backend.
- Multi-tenancy model relies on usergroups, ownership columns, and row permissions; careful schema design is essential to prevent data leaks.
When to avoid it — and what to weigh
- High-Scale, Mission-Critical Production — 1.8k stars and v0.12.x versioning indicate early-stage maturity. Limited adoption signals and no known enterprise production deployments cited. Requires thorough vetting before critical use.
- Strict Commercial License Compliance Required — LGPL-3.0 allows commercial use but mandates disclosure of any LGPL code modifications and library linking. Proprietary code using Daptin as a sidecar is likely permissible, but requires legal review for your use case.
- Existing Monolithic Backend Investment — Best as primary backend or parallel service, not as retrofit to large existing systems. Migration complexity and operational divergence may outweigh incremental benefits.
- Need for Guaranteed, Vendor-Backed Support — Community-driven project. No SLA, support contract, or committed vendor backing. Suitable for in-house teams willing to debug and maintain independently.
License & commercial use
Daptin is licensed under LGPL-3.0 (GNU Lesser General Public License v3.0). LGPL permits commercial use, modification, and distribution, but requires disclosure of modifications to LGPL code and must allow users to re-link against modified versions of the library.
LGPL-3.0 allows commercial use, but imposes copyleft obligations on modifications to Daptin itself. Using Daptin as a sidecar service (separate process) and deploying unmodified binaries typically avoids LGPL restrictions. However, if you modify Daptin code or statically link it, you must disclose source and allow re-linking. Legal review is recommended for your specific deployment model and jurisdiction.
DEV.co evaluation signals
Editorial assessment — not user reviews. Directional, with an explicit confidence level.
| Signal | Assessment |
|---|---|
| Maintenance | Active |
| Documentation | Adequate |
| License clarity | Clear |
| Deployment complexity | Moderate |
| DEV.co fit | Good |
| Assessment confidence | Medium |
LGPL source is auditable. Row-level permissions and multi-tenancy rely on correct schema and configuration; misconfiguration can leak data. Credential storage uses encryption but requires verification of key derivation and rotation. OAuth/OIDC provider implementation should be reviewed for spec compliance and token validation rigor. WebSocket realtime events must enforce authorization per row to prevent unintended event leakage. No third-party security audit results are publicly visible.
Alternatives to consider
Strapi
Mature headless CMS with plugin ecosystem and stronger commercial backing (Strapi SAS). More production references but heavier on CMS features, lighter on API metering and multi-tenancy.
Hasura
Instant GraphQL and REST APIs from existing databases. Faster for schema-to-API if you already have a database; weaker on built-in auth, workflows, and file storage than Daptin.
Firebase / Supabase
Managed backend-as-a-service with hosted databases, auth, and realtime. Trade infrastructure management overhead for vendor lock-in and higher operational costs; more production-hardened.
Build on daptin with DEV.co software developers
Start with a schema.yaml prototype on your local machine or Docker. For SaaS or multi-tenant projects, conduct a security and scalability assessment before production commitment.
Talk to DEV.coRelated open-source tools
Surfaced by semantic similarity across the DEV.co open-source index.
Related on DEV.co
Explore the category and the services that help you build with it.
daptin FAQ
Can I use Daptin for commercial SaaS?
What databases does Daptin support?
Does Daptin scale to millions of users?
How do I deploy Daptin?
Work with a software development agency
DEV.co is a software development agency delivering custom software development services to companies building on open source. Our software developers and web developers design, integrate, and ship production systems — spanning web development, APIs, AI, data, and cloud. If daptin is part of your open-source cms roadmap, our team can implement, customize, migrate, and maintain it.
Ready to evaluate Daptin for your backend?
Start with a schema.yaml prototype on your local machine or Docker. For SaaS or multi-tenant projects, conduct a security and scalability assessment before production commitment.