sso-wall-of-shame
budibase
Our great sponsors
sso-wall-of-shame | budibase | |
---|---|---|
200 | 332 | |
574 | 20,552 | |
- | 2.8% | |
8.5 | 10.0 | |
8 days ago | 6 days ago | |
JavaScript | TypeScript | |
Apache License 2.0 | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
sso-wall-of-shame
-
Software Company HashiCorp Is Weighing a Potential Sale
I'm not the person you've asked, but I'm somebody who has been purchasing SaaS/software for businesses large and small for years. My take:
1. If SSO and other basic modern security features are locked into "Enterprise" pricing tiers then the service is at the bottom of the list (see: https://sso.tax). I'd love to say instant disqualification but too many SaaS companies have it in their head that only wealthy enterprises use SSO, despite SSO platforms being widely available and some quite cheap to acquire and start using.
2. If I need to request a quote to start any kind of service to see what the product is about then I'm not likely to pursue it. Don't make me jump through hoops when I'm just trying to see if a product can fit my needs.
3. If license terms are too complex or easy to violate that's a hard pass. Infrastructure monitoring tools are a great example. The licensing is often per "device" or per monitored metric, and some vendors are very loose with their definition of "device". (Don't use LogicMonitor with k8s unless you like throwing money in the garbage can). Hard lessons learned.
4. If the only details I can find regarding how you secure your product are claims of SOC2 and ISO27001 certification then that's a very likely pass. Those controls are great to have, necessary even, but anyone who has had to work to meet those compliance objectives knows that they're much more about organization controls than they are product security. Give me an idea about how you protect data and whatnot on a security page somewhere, not an attestation that dev and prod are separate and you have logs.
On the side of the positives, outside of not hitting the negative marks, I value ease to work with, responsive and competent support, strong pre and post-sales solutions architecture and support/training (if the product is complex enough to warrant that), and supports SSO. I bring up SSO again because it's a hard requirement for SaaS purchases everywhere I go -- no SSO, no go. Social login is not a substitute and is highly undesired.
Hope this helps.
-
Multi – Multiplayer Collaboration for macOS
Don’t be shy, here’s the link: https://github.com/robchahin/sso-wall-of-shame/issues.
Should be added to https://sso.tax.
-
We built the fastest CI in the world. It failed
I know these are examples, so I don't want to pick on you too much, but I have one nitpick: Reserving SSO for enterprise customers is awful. Please don't do it.
See https://sso.tax/ for details but I'll quote this from it "SSO is a core security requirement for any company with more than five employees"
It sounds like you're unaware of why SSO is considered a security feature at all them, but it's covered right on the site: https://sso.tax/
It's to allow centralized access management. Stuff like firing someone and revoking their access from one platform instantly, instead running around and changing permissions in every tool manually. Or ensuring people in department A can't be invited to some platform for people in department B in order to limit information access.
SSO tax is predicated on the idea that the moment you outgrow the informal arrangements and liberal access, you're really a business. Seems pretty fair?
-
eSignature for Google Docs and Google Drive (Beta)
Last time I had to implement Okta integration for DocuSign at my employer it was absurdly expensive. If Google does this right then I’d be ever so happy.
DocuSign on the SSO Tax site: https://sso.tax/
-
Show HN: Infisical – open-source secret management platform
There’s a strong, widespread objection to hiding security features behind a paywall: https://sso.tax/
If 2fa is the only way you can differentiate in order to force enterprises to pay, it’s better to have a fee for security than to die because you can’t make money… but broadly, as a security company, you should aim for maximum security for every user.
-
Keygen: a software licensing and distribution API
I totally understand. I'm aware of the SSO tax. It's just honestly a complex feature, with a significant maintenance and support burden, and I leaned making it EE so that it'd be worth all the effort to implement and maintain (i.e. I want it to be a new-positive feature for revenue). But if I could get help from other contributors, I'd be fine with SSO being a CE feature too.
-
Anyone else a little disappointed by the Syncro Team announcement?
https://sso.tax/ for giggles
-
SSO “Wall of Shame” vs. “Wall of Fame”
I agree with you about tier pricing but as https://sso.tax mentions in their examples, the large enterprises that control that market have increased their prices considerably and some by 6300%.
budibase
- Show HN: Teable – Open-Source No-Code Database Fusion of Postgres and Airtable
-
Ask HN: What is the easiest way to create a CRUD web app in 2024?
Budibase is great at generating CRUD apps based on a model.
-
Airplane acquired by Airtable and is shutting down
Congratulations to the Airplane team.
Is this Airtable moving in the direction of low-code rather than no code? Puts them up against tools like Budibase [https://github.com/Budibase/budibase] and Retool [Https://retool.com]
- Why I'm skeptical of low-code
-
Pipe Dreams: The life and times of Yahoo Pipes
I skipped to chapter 9 in the article ("Clogged"), and it looked like Pipes failed because it didn't have a large enough team or a well-defined mission. As a result they couldn't offer a super robust product that would lure in enterprise users. "You could not purchase some number of guaranteed-to-work Pipes calls per month" is the quote from the article.
The reason I think that interesting is because that's the model these days for everything from AI tokens to Monday.com seats. It makes me feel like Pipes was before its time.
That said I've been collecting different "business glue" products that are similar to Pipes. To me, like you say, they aren't as interesting, exciting and intuitive as Pipes was, but maybe it just takes a little more digging. I tried to focus on open source tools but some aren't.
- n8n io: https://n8n.io/integrations/mondaycom/
- Node-RED: https://nodered.org/ (just read about this one in this thread)
- trigger dev: trigger.dev
- automatisch.io: https://automatisch.io/docs/
- Activepieces: https://www.activepieces.com/docs/getting-started/introducti...
- Huginn: https://github.com/huginn/huginn
- budibase: https://budibase.com/
- windmill: https://www.windmill.dev/
- tooljet: https://www.tooljet.com/workflows
- Bracket: https://www.usebracket.com/pricing (just SalesForce <-> PostgreSQL)
- Zapier: zapier.com/
Anyway I hope some of these are fun!
-
Automate complicated manual business processes
Budibase is open-source, including the workflow platform which has helped accelerate thousands of workflows already:
- Launch HN: Refine (YC S23) – Open-Source Retool for Enterprise
-
Exploring Top 9 Retool Alternatives for Enterprise Applications in 2023
(4) Budibase | Build internal tools in minutes, the easy way. https://budibase.com/.
-
Launch HN: Twenty.com (YC S23) – open-source CRM
Also missing these app builders, both of which are open source but offer managed hosting:
* Budibase https://budibase.com
-
Small app using a DB?
Buildbase
What are some alternatives?
appsmith - Platform to build admin panels, internal tools, and dashboards. Integrates with 25+ databases and any API.
ToolJet - Low-code platform for building business applications. Connect to databases, cloud storages, GraphQL, API endpoints, Airtable, Google sheets, OpenAI, etc and build apps using drag and drop application builder. Built using JavaScript/TypeScript. 🚀
nocodb - 🔥 🔥 🔥 Open Source Airtable Alternative
Directus - The Modern Data Stack 🐰 — Directus is an instant REST+GraphQL API and intuitive no-code data collaboration app for any SQL database.
n8n - Free and source-available fair-code licensed workflow automation tool. Easily automate tasks across different services.
saltcorn - Free and open source no-code application builder
vaultwarden - Unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs
Javinizer - (NSFW) Organize your local Japanese Adult Video (JAV) library
DockSTARTer - DockSTARTer helps you get started with running apps in Docker.
authentik - The authentication glue you need.
Node RED - Low-code programming for event-driven applications
Kanboard - Kanban project management software