Launch HN: Stack Auth (YC S24) – An Open-Source Auth0/Clerk Alternative

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com

InfluxDB - Purpose built for real-time analytics at any scale.
InfluxDB Platform is powered by columnar analytics, optimized for cost-efficient storage, and built with open data standards.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured
  • stack

    Open-source Clerk/Auth0 alternative (by stack-auth)

    Hi HN! We're Zai and Konsti, and we're building Stack Auth (https://stack-auth.com/), an open-source managed authentication and authorization platform. Basically, we build your login and signup pages, and everything that comes with that.

    Our GitHub repo is at https://github.com/stack-auth/stack, and there’s a zero-budget demo video here: https://www.youtube.com/watch?v=LTkjdPf2E2Q

    Stack Auth was born out of years of frustration with the incumbents. We wanted to build something that is developer-friendly and open-source at the same time.

    The dominant player in this space is Auth0, who appeals to enterprises but lags behind in developer-friendliness and has strong vendor lock-in. A newer one is Clerk, which markets directly to devs, but is still entirely proprietary. Open-source solutions like Supabase Auth or Auth.js/NextAuth are only authN, and don't provide the rest of the toolchain.

    On the other hand, building your own auth infrastructure is tedious work. Rolling your own crypto is already hard enough, but on top you'll have to deal with OAuth flows, access tokens, RBAC, permission syncing, API keys, and so on. Most OAuth or password-based applications in the wild are vulnerable in at least some of these areas.

    To us, the solution to this was obvious, so we decided to build it. Stack Auth is 100% open-source, licensed under MIT and AGPL. You can self-host, or choose to use our managed hosting. If you choose the latter, there's no lockin. You can export all your data and/or start self-hosting at any time.

    Also, we're more than just authentication — we have authorization (orgs, teams, permissions, RBAC) and user management (impersonation, user dashboard, webhooks).

    One interesting feature is what we call "connected accounts": we can manage and refresh your OAuth access tokens even for services that your users don't use for sign in, such as when accessing GMail or OneDrive APIs.

    We also have a bunch of components for sign in, password reset, and organizations. For now, we only support Next.js frontends and backends in any language with our API, though our REST API docs (https://docs.stack-auth.com/rest-api/auth) also contain the client endpoints, and some contributors have been building frontends for other languages.

    For more info, check out our GitHub repo above, or our documentation (https://docs.stack-auth.com).

    Would love to hear about your own stories and opinions on auth. Also really curious to hear from anyone who's using one of our competitors and what aspects it would take for you to switch. Thanks all!

  • InfluxDB

    Purpose built for real-time analytics at any scale. InfluxDB Platform is powered by columnar analytics, optimized for cost-efficient storage, and built with open data standards.

    InfluxDB logo
  • fusionauth-jwt

    A simple to use Java 8 JWT Library. Verify, Sign, Encode, Decode all day.

    As someone who came from Auth0 and god-awful Amazon Cognito, we've been using FusionAuth for years. Their APIs and SDKs have been amazing to work with.

    https://fusionauth.io

    It does what Auth0 does but significantly more cheaper and you can also self-host if you want.

    I built the Pulimi plugin for it which helps us easily configure it. If you don't use Terraform or Pulumi, they have this really cool kickstart feature where you can define a config file that will call their APIs on first time startup to set up the server. Really useful for local dev.

  • auth

    A JWT based API for managing users and issuing JWT tokens (by supabase)

    This is great. Competition is definitely needed in the Authentication/Authorization space.

    Quick question. How would this compare to supabase/gotrue [0] and permify [1]?

    [0]: https://github.com/supabase/auth

  • permify

    An open-source authorization as a service inspired by Google Zanzibar, designed to build and manage fine-grained and scalable authorization systems for any application.

  • temporal

    Temporal service

    Just for clarification, So you can't really host this without open-sourcing my product (since your server is AGPL). Isn't it a stretch to call this really open-source? I compare this to something like a temporal which I can self-host without worrying (and which I believe is MIT license [https://github.com/temporalio/temporal/blob/main/LICENSE])

  • logto

    🧑‍🚀 The better identity infrastructure for developers and the open-source alternative to Auth0.

    Have you seen this? https://github.com/logto-io/logto

    How does it compare?

  • SuperTokens Community

    Open source alternative to Auth0 / Firebase Auth / AWS Cognito

    How would you compare yourselves to SuperTokens (https://supertokens.com/)? I ask because they’re another open source, YC backed auth system, and one that I’ve quite enjoyed using on a side project.

  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
  • authgear-server

    Open source alternative to Auth0 / Firebase Auth

    Congrats for the launch! We also launched an open sources (Apache 2 licensed) auth0 alternatives with paid hosting / enterprise support as revenue few years ago. Glad to see more efforts to help make software more secure for consumers!

    https://github.com/authgear/authgear-server

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • Show HN: Logto – Token Exchange, OIDC, and multi-tenancy

    1 project | news.ycombinator.com | 1 Sep 2024
  • Ask HN: Simple Auth for Website

    2 projects | news.ycombinator.com | 23 Apr 2024
  • Ask HN: Microsoft crawls private links – how can this be legal?

    1 project | news.ycombinator.com | 6 Jan 2024
  • NextAuth.js+App Router+Prisma

    2 projects | dev.to | 9 Dec 2023
  • Logto v1.12.0 - Organizations, SSO, and MFA

    1 project | /r/selfhosted | 6 Dec 2023

Did you konow that Go is
the 4th most popular programming language
based on number of metions?