Doorkeeper VS zitadel

The doorkeeper gem.

Take a look at doorkeeper.

Disclosure: I work for FusionAuth.

Depends on what you are looking for.

If you want a standalone auth server, you can use FusionAuth in docker/docker-compose: https://fusionauth.io/docs/v1/tech/installation-guide/docker

You can also package up a library; most major languages have one or more OAuth/OIDC libraries: https://github.com/doorkeeper-gem/doorkeeper for Ruby, https://spring.io/projects/spring-security for Spring/Java, https://oauth2.thephpleague.com/ for PHP, https://pypi.org/project/oauthlib/ for Python.

https://oauth.net/code/ has a further selection of libraries in a variety of languages.

Are there any code examples to implement the PKCE flow in Doorkeeper? I am a bit confused on how to implement it here: https://github.com/doorkeeper-gem/doorkeeper/wiki/Using-PKCE-flow

For authorization we use Doorkeeper gem with PKCE flow.

One thing that is missing from this list is open source language specific libraries. Projects such as https://oauthlib.readthedocs.io/en/latest/oauth2/server.html and https://github.com/doorkeeper-gem/doorkeeper

Depending on your use case, for example if you only have one application, you might be better off running something embedded in your app, or independent but using the same runtime/deployment environment. Then, when you are ready to add another app or integration, you should be able to introduce a standalone auth system more easily if appropriate (because all your auth interactions should be relatively standardized). I'm a big fan of standalone auth systems as a way to simplify access control and give a single view of a user/customer, but you can also succeed using open source embedded libraries.

When the moment comes to introduce a standalone system, you should consider a few dimensions (this list pulled from a previous comment of mine: https://news.ycombinator.com/item?id=26360048 ):

   * open source or not

ZITADEL Cloud — A turnkey user and access management that works for you and supports multi-tenant (B2B) use cases. Free for up to 25,000 authenticated requests, with all security features (no paywall for OTP, Passwordless, Policies, and so on).

One of the challenges we see is providing self-service for team management. That includes letting an admin assign roles to their users, manage user lifecycle (eg through sso), and setting up security policies. For sure you can build the basics, but it becomes complex later on if you manage a lot of tenants or or more enterprise customers. For Auth only there are many solutions out there that work great. There's only a few solutions with multi-tenancy at the core, though, like https://github.com/zitadel/zitadel

ZITADEL

Check out ZITADEL! (full disclosure, I'm part of the team)

It's an open-source IAM solution. It offers a cloud-based SaaS option and can also be downloaded for self-hosting. You can try the hosted cloud version for free - https://zitadel.com/signin

It provides:

- authentication and authorization capabilities (including IdP Federation)

- auditing

- custom extensions

- support for standards such as OIDC/OAuth/SAML/LDAP

- full API support

- various authorization strategies, including Role-Based Access Control (RBAC) and Delegated Access, making it a great choice for both B2C and B2B scenarios.

It mostly aims to ensure ease of operation and scalability (users love the simplicity). The community and team actively contribute towards development and support.

You can download it and host it yourself - https://zitadel.com/docs/self-hosting/deploy/overview

Github- https://github.com/zitadel/zitadel

Case studies and testimonials - https://zitadel.com/blog/tags/successstory

Check out ZITADEL, an open source identity and access management solution - https://github.com/zitadel/zitadel

A good starting place is the issues. You can also check our documentation and make PRs for improvements. And feel free to jump into discussions. We also give swag to our first-time contributors as a token of appreciation.

Go on and try it ➡️ https://zitadel.cloud See what's new ➡️ https://github.com/zitadel/zitadel/releases/tag/v2.40.0