Everything you need to know about Phaset.
Backstage is powerful but requires significant operational and organizational overhead—infrastructure, plugins, maintenance. Phaset delivers the core value (catalog, documentation, metrics) as a self-contained application you install once. No Kubernetes required, no plugin ecosystem to manage. We focus on knowledge consolidation rather than infrastructure provisioning. Take a moment to check out the comparison page for more information.
Organizations let you create separate, isolated workspaces within a single Phaset instance. Each organization has its own users, catalog entries, and data—completely independent from others. Since users can belong to multiple organizations, you can flexibly structure Phaset to match your company's needs—whether that's separating departments, business units, or client projects.
Phaset integrates via GitHub Actions and similar automation-first approaches. Or over a plain, documented API supporting any use case you might need! If you have integration needs, open a discussion or reach out and we'll look at what Phaset should support next.
No, Phaset does not natively support distributed setups. It is single-node only.
Phaset requires running two components: A static web app and a packaged Node.js API. Phaset itself includes all moving parts, including databases, authentication, and more. After that, the only thing you need to do is write a configuration file and point it to an email provider that supports SMTP usage with a password, for sending out sign-in emails from the Phaset installation.
Minimal: The web app is a set of static files (~1 MB) and the API is ultra-lightweight (less than 0.5 MB). Storage depends on your catalog size—but even for bigger needs will be measured in megabytes. Network usage is primarily the traffic between the API and web application. A basic VM with 1 GB RAM and 10 GB storage is more than sufficient to start.
Phaset uses MikroDB for authentication data and PikoDB for operational persisted data, such as the catalog and metamodel entities. PikoDB-persisted data is plaintext, while MikroDB data is converted to binary. Because both databases are file-based, backups are very easy to perform in whatever way suits you.
Yes. You can migrate your Phaset installation to different servers, cloud providers, or infrastructure as needed. Just move your data files and configuration.
Updates are manual—you download the new version and restart the service. Typical update time of the API is a few seconds. Since Phaset is self-hosted, you control the maintenance window. For zero-downtime updates, you'd need to set up your own load balancer or blue-green deployment, as Phaset itself is single-node. For the web application, many providers offer zero-downtime deployments for static pages.
Yes. Phaset supports Single Sign-On (SSO) via OIDC, with verified support for Google Workspace and Microsoft Azure AD. This allows your teams to authenticate using your existing identity provider. Additionally, Phaset supports SCIM 2.0 for automated user provisioning and deprovisioning, tested with Azure Entra ID but compatible with any SCIM-compliant identity provider. Available in Phaset 1.3.0 and later.
Phaset offers two authentication methods: email-based authentication (magic links) for simple deployments, and Single Sign-On (SSO) via OIDC for enterprise environments. You can configure SSO to work with Google Workspace, Microsoft Azure AD, or other OIDC-compatible identity providers. For automated user lifecycle management, Phaset also supports SCIM 2.0 provisioning.
Yes. During your integration stage, simply run the integration toward Phaset for each manifest (i.e. record).
Yes. The main Phaset codebase is MIT open source, so you can inspect, use, modify, and run it yourself.
No. Phaset runs without activation or external validation.
Yes. You can run as many instances as your deployment model needs.
No. Phaset is self-hosted—all your operational data stays in your infrastructure. We never see it. We do not perform external activation checks or collect deployment telemetry. The website uses privacy-friendly analytics, but your Phaset instance does not send operational data to us.
Yes. Phaset is MIT open source, and release artifacts include supply-chain metadata such as dependency notices and SBOMs where applicable.
Every Phaset download includes a Software Bill of Materials (SBOM) file that lists all dependencies, their versions, and security information. This allows you to audit what's in the software and track any potential vulnerabilities in the supply chain.
Since Phaset is self-hosted and all data remains in your infrastructure, you are the data controller. Phaset itself doesn't transmit user data to external services (except for the optional SMTP provider you configure for authentication emails). This architecture makes GDPR compliance much simpler—you control where data lives, how it's processed, and who has access. You should still perform your own compliance assessment based on how you deploy and use Phaset.
Because Phaset is self-hosted with no external data transmission (beyond your chosen SMTP provider for emails), it simplifies compliance with regulations like GDPR, CCPA, HIPAA, and similar privacy laws. Your data never crosses borders unless you choose to deploy it that way. However, Phaset is not certified for specific compliance frameworks—you should evaluate your deployment against your specific regulatory requirements.
Support happens through email and community channels. Security issues get priority attention. Reality check: Phaset is currently a focused side project, so there is no 24/7 enterprise SLA.
Updates are delivered through the release channels. Security patches are prioritized and released as soon as possible. You control when to apply updates—there are no forced upgrades. We recommend subscribing to release notifications to stay informed about updates.
We're here to help. Reach out and we'll get back to you as soon as possible.