zitadel
IdentityServer
zitadel | IdentityServer | |
---|---|---|
80 | 16 | |
7,471 | 1,377 | |
5.6% | 3.1% | |
9.8 | 9.3 | |
3 days ago | 3 days ago | |
Go | JavaScript | |
Apache License 2.0 | DUENDE™ SOFTWARE LICENSE AGREEMENT |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
zitadel
- Maintainers of Zitadel and Ory discuss their tradeoffs as identity platforms
- Show HN: Auth0 OSS alternative Ory Kratos now with passwordless and SMS support
-
A list of SaaS, PaaS and IaaS offerings that have free tiers of interest to devops and infradev
ZITADEL Cloud — A turnkey user and access management that works for you and supports multi-tenant (B2B) use cases. Free for up to 25,000 authenticated requests, with all security features (no paywall for OTP, Passwordless, Policies, and so on).
-
Ask HN: Technical Challenges in Building Multi-Tenant SaaS Products
One of the challenges we see is providing self-service for team management. That includes letting an admin assign roles to their users, manage user lifecycle (eg through sso), and setting up security policies. For sure you can build the basics, but it becomes complex later on if you manage a lot of tenants or or more enterprise customers. For Auth only there are many solutions out there that work great. There's only a few solutions with multi-tenancy at the core, though, like https://github.com/zitadel/zitadel
- B2B identity infrastructure written in Go
-
14 DevOps and SRE Tools for 2024: Your Ultimate Guide to Stay Ahead
ZITADEL
-
Okta Says Hackers Stole Data for All Customer Support Users
Check out ZITADEL! (full disclosure, I'm part of the team)
It's an open-source IAM solution. It offers a cloud-based SaaS option and can also be downloaded for self-hosting. You can try the hosted cloud version for free - https://zitadel.com/signin
It provides:
- authentication and authorization capabilities (including IdP Federation)
- auditing
- custom extensions
- support for standards such as OIDC/OAuth/SAML/LDAP
- full API support
- various authorization strategies, including Role-Based Access Control (RBAC) and Delegated Access, making it a great choice for both B2C and B2B scenarios.
It mostly aims to ensure ease of operation and scalability (users love the simplicity). The community and team actively contribute towards development and support.
You can download it and host it yourself - https://zitadel.com/docs/self-hosting/deploy/overview
Github- https://github.com/zitadel/zitadel
Case studies and testimonials - https://zitadel.com/blog/tags/successstory
-
Ask HN: Who's looking for contributors for OSS Projects
Check out ZITADEL, an open source identity and access management solution - https://github.com/zitadel/zitadel
A good starting place is the issues. You can also check our documentation and make PRs for improvements. And feel free to jump into discussions. We also give swag to our first-time contributors as a token of appreciation.
-
🚀 ZITADEL v2.40.0 is out!
Go on and try it ➡️ https://zitadel.cloud See what's new ➡️ https://github.com/zitadel/zitadel/releases/tag/v2.40.0
- Show HN: Obligator – An OpenID Connect server for self-hosters
IdentityServer
-
Identity server 4
Its deprecated in favor of Duende Identityserver which introduced a license model.
-
How does cookie based authentication work?
Tokens usually have a lifetime and they are separate from the user's authentication principals like username and password. Unless you are rolling your own form of token provider (not something that would be recommended) the token creation is handled for you. Take a look at https://identityserver4.readthedocs.io/en/latest/ or if your organization makes under 1M in income a year the free version of what Identity Server progressed into https://duendesoftware.com/products/identityserver
- Ask HN: Examples of Top C# Code?
-
ImageSharp leaving the .NET Foundation due to licensing change
I think Duende (Identity Server) handled the situation pretty well.
https://duendesoftware.com/products/identityserver
> Standard License Pricing
-
Seeking people for collaboration on open source projects I started. Also open to ideas. Preferably long-term. I can help you learn and you can help me with other things, such as coding, UI and more. Beginner friendly. Safe environment.
Thanks for your message. No, the idea was not to re-implement OAuth nor OpenID stuff. What I had in mind for the authentication thingy was something like this: https://laravel.com/docs/9.x/sanctum. If we want to go the OAuth/OpenID way, in .NET we have this one: https://github.com/DuendeSoftware/IdentityServer.
- If you were tasked with implementing Identity and Access Management today, what would you do?
-
Bytebase: 20-Person Startup, 30 SaaS Services, and $1,183 Monthly Bill
> As you said, there are plenty of local options that you only need to run.
I think managed databases are a good analogy here. While I might run my own PostgreSQL/MariaDB instance, many out there won't be overjoyed at the idea of actually needing to run and manage the damned thing, as well as set up some kind of alerting and handling the need to eventually scale it up.
> It also has the largest risk of compromise and data leaking from any service you may use...
PII is definitely a big concern, even if something like password hashes aren't too useful on their own (provided that they're salted), though in cases like that it might actually make a lot of sense to utilize a widely used and tested solution that's specialized for this particular use case.
In many cases, thousands of people across the globe will be able to develop something and squash any bugs in it better than you might be able to do individually or with your own team, though there might be a few exceptions out there. Auth is probably not one of the cases where you want to write code without a lot of eyes on it.
> ...the largest amount of potential lock-in...
This is debatable: standards like OAuth2 and OIDC technically make many of the solutions and libraries way more pluggable and make it easier to choose between various implementations, depending on your needs.
Of course, something like Keycloak also has its own API (as do many of the cloud offerings) so if you build too much automation around a particular implementation, then that advantage partially goes out the window.
> ...and the least need for integration.
I'm not sure about this, it probably depends on your architecture. If you have a monolithic web app, then you probably don't need a separate turnkey/SaaS solution, whereas if you have an ever growing number of services, whilst you want to manage authentication and accounts against all of them centrally, then something like Keycloak (or one of the cloud alternatives) become way more lucrative.
That said, I'd still opt for self-hostable options whenever possible, albeit I also don't trust cloud based password managers and such, preferring something like KeePass instead. I've probably just come to a different conclusion in regards to usability/responsibility/features/security than some other people.
Sadly, there aren't that many good options out there at the moment, apart from Keycloak. For example, IdentityServer is promising, but went in a commercial direction: https://duendesoftware.com/products/identityserver#pricing
-
Why is authentication such a sh*t show with .NET 6?
He's referring to IdentityServer 3/4, which was open sourced, and was not owned by Microsoft. That 3rd party is commercializing their work (and to be fair, it's a lot of work) as https://duendesoftware.com/products/identityserver , and has a different commercial licensing model.
-
Show HN: Open-Source Identity Server Written in Go (Ory Kratos)
https://github.com/DuendeSoftware/IdentityServer/blob/main/L... does not seem to square with any definition of "open source" I'm familiar with, and that goes double for having an in-repo file that just says "read this unversioned pdf on some other site"
-
Creating JWT token auth yourself - is it secure?
I would not recommend it. There is a server named Duende identity server which you can host locally.
What are some alternatives?
authentik - The authentication glue you need.
Keycloak - Open Source Identity and Access Management For Modern Applications and Services
openiddict-core - Flexible and versatile OAuth 2.0/OpenID Connect stack for .NET
Ory Kratos - Next-gen identity server replacing your Auth0, Okta, Firebase with hardened security and PassKeys, SMS, OIDC, Social Sign In, MFA, FIDO, TOTP and OTP, WebAuthn, passwordless and much more. Golang, headless, API-first. Available as a worry-free SaaS with the fairest pricing on the market!
Ory Hydra - OpenID Certified™ OpenID Connect and OAuth Provider written in Go - cloud native, security-first, open source API security for your infrastructure. SDKs for any language. Works with Hardware Security Modules. Compatible with MITREid.
casdoor - An open-source UI-first Identity and Access Management (IAM) / Single-Sign-On (SSO) platform with web UI supporting OAuth 2.0, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA and RADIUS [Moved to: https://github.com/casdoor/casdoor]
node-oidc-provider - OpenID Certified™ OAuth 2.0 Authorization Server implementation for Node.js
YARP - A toolkit for developing high-performance HTTP reverse proxy applications.
SuperTokens Community - Open source alternative to Auth0 / Firebase Auth / AWS Cognito
Hot Chocolate - Welcome to the home of the Hot Chocolate GraphQL server for .NET, the Strawberry Shake GraphQL client for .NET and Banana Cake Pop the awesome Monaco based GraphQL IDE.