Show HN: Open-Source Identity Server Written in Go (Ory Kratos)

1. Ory Kratos

   1 47 11,873 9.7 Go

   Headless cloud-native authentication and identity management written in Go. Scales to a billion+ users. Replace Homegrown, Auth0, Okta, Firebase with better UX and DX. Passkeys, Social Sign In, OIDC, Magic Link, Multi-Factor Auth, SMS, SAML, TOTP, and more. Runs everywhere, runs best on Ory Network. (by ory)

   

   Congratulations on Kratos coming out of Beta.

   We evaluated Ory a few months ago. My understanding:

   1. Ory Kratos provides session-based authentication and user management.

   2. Ory Hydra is a self-managed server that secures access to your applications and APIs with OAuth 2.0 and OpenID Connect.

   Basically we want to replace AWS Cognito (which is pretty much abandonware) to secure our API so we needed both applications. Unfortunately we had to put our efforts on hold:

   1. Bugs around traits meant we had issues around password change, password recovery and email change/reverifications for our use-case

   2. Lack of documentation prevented us making progress on 2FA/WebAuthn

   3. Bearer token/Oauth consent flow wasn't available without a lot of work because Kratos and Hydra are not "integrated" [1]. Someone shows how they rolled their own integration [2].

   I'd love for someone to advise that we were wrong or misunderstood things or that things have moved on since then!

   [1] https://github.com/ory/kratos/issues/273

2. InfluxDB

   www.influxdata.com featured

   InfluxDB – Built for High-Performance Time Series Workloads. InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.

   

3. products

   2 16 1,543 9.8 C#

   The most flexible and standards-compliant OpenID Connect and OAuth 2.x framework for ASP.NET Core

   

   I think "Identity Provider" is more correct, no? "IdentityServer" is the name of a specific IdP implemented in .NET (formerly OSS as https://identityserver4.readthedocs.io/en/latest, and now as a more commercial form as Duende IdentityServer: https://duendesoftware.com/products/identityserver)

4. kratos-service

   3 1 9 0.0 Dockerfile

   Example single node kratos service

   

   I love the way Ory is set up and documented to be understandable and deployable as components. I played with Kratos a couple weeks ago and made a single vm deployment using sqlite on fly.io. The configuration documentation for Kratos was a bit dense, there's so much functionality in there already despite it being just out of beta so I pushed my config to github so you can get going on fly.io with it immediately:

   https://github.com/tinco/kratos-service

   (you can paypal me later tptacek ;))

5. Ory Keto

   4 36 5,015 8.8 Go

   The most scalable and customizable permission server on the market. Fix your slow or broken permission system with Google's proven "Zanzibar" approach. Supports ACL, RBAC, and more. Written in Go, cloud native, headless, API-first. Available as a service on Ory Network and for self-hosters.

   

6. node-oidc-provider

   5 15 3,401 8.5 JavaScript

   OpenID Certified™ OAuth 2.0 Authorization Server implementation for Node.js

   

   I'm passing familiar with this area, but not as familiar as I should be...

   How does this compare to something like this - https://github.com/panva/node-oidc-provider

   Are they addressing the same need? Is Ory looking to get certified in these area? (Is it already?)

7. kratos-selfservice-ui-node

   6 2 336 8.4 TypeScript

   

   We experienced issues with the settings API not updating traits. Will try again now that things have moved on.

   Regarding Kratos and Hydra is this[1] your PR?

   [1]https://github.com/ory/kratos-selfservice-ui-node/pull/149

Suggest a related project