casdoor
DISCONTINUED
zitadel
Our great sponsors
casdoor | zitadel | |
---|---|---|
37 | 79 | |
8,028 | 6,634 | |
- | 7.7% | |
0.0 | 9.8 | |
about 2 months ago | 1 day ago | |
Go | Go | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
casdoor
-
Keycloak open redirect: wildcard redirect URIs can be exploited to steal tokens
I'm using Casdoor: https://github.com/casbin/casdoor and glad to see it only has ~77,000 LOC according to the shared link.
Keycloak was good but has too much legacy for 10+ years. Casdoor is pretty new and has become a good replacement for Keycloak for me with more functionalities.
-
Help needed - is there a product that provides the auth functionality we need?
Access keys & secrets are supported: https://github.com/casdoor/casdoor/pull/1971
-
Keycloak – Open-Source Identity and Access Management Interview
Looking at your username, it would be nice to mention that you are one of the main developers behind the tool instead of making it sound like you are unrelated: https://github.com/casbin/casbin/graphs/contributors https://github.com/casdoor/casdoor/graphs/contributors
-
Casdoor: a new open source SSO/IAM written in Go, with beautiful web UI, OIDC, OAuth 2.0, SAML, CAS, LDAP, WebAuthn and 2FA
Apparently they even removed the Chinese Tracker to Baidu now.
Not sure why this is being advertised as "new"? It has been posted here by OP for at least 10 months. The releases on GitHub go back to 2021. This was also posted here just 7 days ago.
-
Keycloak vs. Authentik vs. Authelia, help choose SSO
Wow, that's really good! And they even finally removed the tracking script of the chinese provider Baidu!
-
Supertokens: Open-Source Alternative to Auth0 / Firebase Auth / AWS Cognito
Another open-source IAM solution called Casdoor looks better than supertokens, it's fully open-source https://github.com/casdoor/casdoor
-
Casdoor: an open-source Identity and Access Management (IAM) platform with beautiful web UI supporting OAuth 2.0, OIDC, SAML and CAS
Looks like they finally removed the baidu tracking script from the base template which was raised when posted in the sub here 6 months ago, here 4 months ago, and here 2 months ago
zitadel
- Show HN: Auth0 OSS alternative Ory Kratos now with passwordless and SMS support
-
A list of SaaS, PaaS and IaaS offerings that have free tiers of interest to devops and infradev
ZITADEL Cloud — A turnkey user and access management that works for you and supports multi-tenant (B2B) use cases. Free for up to 25,000 authenticated requests, with all security features (no paywall for OTP, Passwordless, Policies, and so on).
-
14 DevOps and SRE Tools for 2024: Your Ultimate Guide to Stay Ahead
ZITADEL
-
Okta Says Hackers Stole Data for All Customer Support Users
Check out ZITADEL! (full disclosure, I'm part of the team)
It's an open-source IAM solution. It offers a cloud-based SaaS option and can also be downloaded for self-hosting. You can try the hosted cloud version for free - https://zitadel.com/signin
It provides:
- authentication and authorization capabilities (including IdP Federation)
- auditing
- custom extensions
- support for standards such as OIDC/OAuth/SAML/LDAP
- full API support
- various authorization strategies, including Role-Based Access Control (RBAC) and Delegated Access, making it a great choice for both B2C and B2B scenarios.
It mostly aims to ensure ease of operation and scalability (users love the simplicity). The community and team actively contribute towards development and support.
You can download it and host it yourself - https://zitadel.com/docs/self-hosting/deploy/overview
Github- https://github.com/zitadel/zitadel
Case studies and testimonials - https://zitadel.com/blog/tags/successstory
-
Ask HN: Who's looking for contributors for OSS Projects
Check out ZITADEL, an open source identity and access management solution - https://github.com/zitadel/zitadel
A good starting place is the issues. You can also check our documentation and make PRs for improvements. And feel free to jump into discussions. We also give swag to our first-time contributors as a token of appreciation.
- Show HN: Obligator – An OpenID Connect server for self-hosters
-
Fly.io Postgres cluster went down for 3 days, no word from them about it
zitadel supports service users with rbac. maybe give it a look/try: https://github.com/zitadel/zitadel
-
Example: User Login, Authentication, and Accessing Protected API with React Frontend
Try out this simple web app with a ReactJS frontend and a Python API backend, and add a layer of security with ZITADEL, an open source and free identity provider. See how user login and authentication, and then accessing a protected API take place:
-
Keycloak – Open-Source Identity and Access Management Interview
https://zitadel.com/
Simplify Your SaaS: Multi-Tenancy and Delegated Access Management with ZITADEL Organizations https://www.youtube.com/watch?v=Cx_WgyY4TOo
ZITADEL Roadmap
Personal opinion, do not fight me for this ;-) I often think of what we do as GitLab vs. GitHub. Going with an open core/source product against a well established cloud only/closed source player. From Keycloak we took inspiration in the ability to self-host. We think it is important to allow people to control their critical user data.
[1] i.e https://github.com/zitadel/zitadel/tree/main/proto/zitadel/s...
What are some alternatives?
authentik - The authentication glue you need.
casbin - An authorization library that supports access control models like ACL, RBAC, ABAC in Golang: https://discord.gg/S5UjpzGZjN
Ory Hydra - OpenID Certified™ OpenID Connect and OAuth Provider written in Go - cloud native, security-first, open source API security for your infrastructure. SDKs for any language. Works with Hardware Security Modules. Compatible with MITREid.
Keycloak - Open Source Identity and Access Management For Modern Applications and Services
Ory Kratos - Next-gen identity server replacing your Auth0, Okta, Firebase with hardened security and PassKeys, SMS, OIDC, Social Sign In, MFA, FIDO, TOTP and OTP, WebAuthn, passwordless and much more. Golang, headless, API-first. Available as a worry-free SaaS with the fairest pricing on the market!
authelia - The Single Sign-On Multi-Factor portal for web apps
Grant - OAuth Proxy
pam-keycloak-oidc - PAM module connecting to Keycloak for user authentication using OpenID Connect/OAuth2, with MFA/2FA/TOTP support
SuperTokens Community - Open source alternative to Auth0 / Firebase Auth / AWS Cognito
external-auth-server - easy auth for reverse proxies