S.S.Octopus
zitadel
S.S.Octopus | zitadel | |
---|---|---|
5 | 80 | |
3,059 | 7,102 | |
0.2% | 5.9% | |
0.0 | 9.8 | |
7 days ago | about 4 hours ago | |
Go | Go | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
S.S.Octopus
-
Use OpenZiti to secure your monitoring
2. An identity aware SSO proxy by Buzzfeed[0]
I really like Buzzfeed's SSO implementation, but it hasn't received updates in a while and doesn't seem to be maintained to me. I could absolutely see OpenZiti replacing this for me.
I really like Wireguard and have absolutely no complaints with it -- but if OpenZiti could replace this as well and match the performance I get on Wireguard I would consider implementing it at home (and would probably be a happy enough customer to push for it at work).
One non-typical use-case I use Wireguard for is being able to do remote game streaming to my Windows hosts via Moonlight+Nvidia Gamestream. Would anyone be able to (anecdotally or scientifically), share how well a use-case like this would work with OpenZiti?
[0] https://github.com/buzzfeed/sso
-
Libredirect – Redirect social media and websites to privacy friendly front ends
In addition to this suggestion, another viable route is to self-host those applications you rely on and don't expose them to the world (so as to reduce load/attack surface). Using a VPN can allow you to access the applications privately/remotely.
e.g. I self-host the applications I rely on such as Teddit, Nitter, Bibliogram and Cloudtube and then use Wireguard to always remain connected to the network they are accessible on. I have also implemented identity-aware SSO[1] so I can expose those applications remotely to specific individuals.
[1] https://github.com/buzzfeed/sso
-
Add Password Protection to Any Site with OAuth2 Proxy - Plus Social Logins
If oauth2-proxy doesn't suit your needs, there are some projects that have spun-off from oauth2-proxy like pomerium and BuzzFeed's sso. In addition to the open source library, Pomerium offers a paid service with a GUI to help IT staff more easily manage user permissions. BuzzFeed's sso builds upon oauth2-proxy by separating the domain used for auth from the domain used for the proxy (among several other changes).
-
Introduction to Zero Trust on AWS ECS Fargate
SSO to the rescue!
-
Web proxy (Bastion ?) to access Website in "private" network.
https://github.com/buzzfeed/sso - Google only
zitadel
- Maintainers of Zitadel and Ory discuss their tradeoffs as identity platforms
- Show HN: Auth0 OSS alternative Ory Kratos now with passwordless and SMS support
-
A list of SaaS, PaaS and IaaS offerings that have free tiers of interest to devops and infradev
ZITADEL Cloud — A turnkey user and access management that works for you and supports multi-tenant (B2B) use cases. Free for up to 25,000 authenticated requests, with all security features (no paywall for OTP, Passwordless, Policies, and so on).
-
Ask HN: Technical Challenges in Building Multi-Tenant SaaS Products
One of the challenges we see is providing self-service for team management. That includes letting an admin assign roles to their users, manage user lifecycle (eg through sso), and setting up security policies. For sure you can build the basics, but it becomes complex later on if you manage a lot of tenants or or more enterprise customers. For Auth only there are many solutions out there that work great. There's only a few solutions with multi-tenancy at the core, though, like https://github.com/zitadel/zitadel
- B2B identity infrastructure written in Go
-
14 DevOps and SRE Tools for 2024: Your Ultimate Guide to Stay Ahead
ZITADEL
-
Okta Says Hackers Stole Data for All Customer Support Users
Check out ZITADEL! (full disclosure, I'm part of the team)
It's an open-source IAM solution. It offers a cloud-based SaaS option and can also be downloaded for self-hosting. You can try the hosted cloud version for free - https://zitadel.com/signin
It provides:
- authentication and authorization capabilities (including IdP Federation)
- auditing
- custom extensions
- support for standards such as OIDC/OAuth/SAML/LDAP
- full API support
- various authorization strategies, including Role-Based Access Control (RBAC) and Delegated Access, making it a great choice for both B2C and B2B scenarios.
It mostly aims to ensure ease of operation and scalability (users love the simplicity). The community and team actively contribute towards development and support.
You can download it and host it yourself - https://zitadel.com/docs/self-hosting/deploy/overview
Github- https://github.com/zitadel/zitadel
Case studies and testimonials - https://zitadel.com/blog/tags/successstory
-
Ask HN: Who's looking for contributors for OSS Projects
Check out ZITADEL, an open source identity and access management solution - https://github.com/zitadel/zitadel
A good starting place is the issues. You can also check our documentation and make PRs for improvements. And feel free to jump into discussions. We also give swag to our first-time contributors as a token of appreciation.
-
🚀 ZITADEL v2.40.0 is out!
Go on and try it ➡️ https://zitadel.cloud See what's new ➡️ https://github.com/zitadel/zitadel/releases/tag/v2.40.0
- Show HN: Obligator – An OpenID Connect server for self-hosters
What are some alternatives?
vouch-proxy - an SSO and OAuth / OIDC login solution for Nginx using the auth_request module
authentik - The authentication glue you need.
Pomerium - Pomerium is an identity and context-aware reverse proxy for zero-trust access to web applications and services.
Keycloak - Open Source Identity and Access Management For Modern Applications and Services
zitadel - Cloud-native Identity & Access Management solution providing a platform for secure authentication, authorization and identity management.
Ory Kratos - Next-gen identity server replacing your Auth0, Okta, Firebase with hardened security and PassKeys, SMS, OIDC, Social Sign In, MFA, FIDO, TOTP and OTP, WebAuthn, passwordless and much more. Golang, headless, API-first. Available as a worry-free SaaS with the fairest pricing on the market!
Ory Hydra - OpenID Certified™ OpenID Connect and OAuth Provider written in Go - cloud native, security-first, open source API security for your infrastructure. SDKs for any language. Works with Hardware Security Modules. Compatible with MITREid.
casdoor - An open-source UI-first Identity and Access Management (IAM) / Single-Sign-On (SSO) platform with web UI supporting OAuth 2.0, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA and RADIUS [Moved to: https://github.com/casdoor/casdoor]
Nginx Proxy Manager - Docker container for managing Nginx proxy hosts with a simple, powerful interface
farside - A smart redirecting gateway for various frontend services
SuperTokens Community - Open source alternative to Auth0 / Firebase Auth / AWS Cognito