Ask HN: What do you use to build auth? A library, a provider, writing your own?

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
Authentication Login Self-hosting Solutions Security SAML

WorkOS
Our great sponsors
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • Sandstorm

    Sandstorm is a self-hostable web productivity suite. It's implemented as a security-hardened web app package manager.

    • I build my apps on Sandstorm[1]_. Sandstorm provides authentication as a part of the platform. For Django applications, I wrote Django Loves Sandstorm[2]_.

    If your application fits into Sandstorm's model of grains[3], then the security benefits of Sandstorm are many.

    .. [1] https://sandstorm.io/

  • proof.im

    Zero-Trust Signature Based Proof of Identity

    • I'm exploring a signature-based authentication scheme here: https://github.com/jshawl/proof.im

    At a high level:

    1. Claim and prove ownership of a public key

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

    WorkOS logo

  • SuperTokens Community

    Open source alternative to Auth0 / Firebase Auth / AWS Cognito

    • I'm currently working on a project with the same stack: NextJS + Prisma + Postgresql and I started to implement this open source auth library:

    https://supertokens.com/

    Here is the documentation for implementing the library with NextJS:

    https://supertokens.com/docs/thirdpartyemailpassword/nextjs/...

  • django-sesame

    "Magic Links" - URLs with authentication tokens for one-click login

  • nextjs-hello

    Next.js SDK for signing in with Hellō

    • I built a Next.js library for this purpose using Hellō and iron-session. This lets me roll a new application with social login without needing to register with Google/Apple/other providers.

    https://github.com/irrelevelephant/nextjs-hello

    Its interface is essentially just a login button component, and functions to retrieve the user session state on both the client/server.

    If you're not using Next.js, you may want to use Hellō directly - it's a simple OIDC provider with some convenient benefits.

    https://www.hello.dev/

  • django-allauth

    Integrated set of Django applications addressing authentication, registration, account management as well as 3rd party (social) account authentication.

  • zitadel

    ZITADEL - The best of Auth0 and Keycloak combined. Built for the serverless era.

    • Disclaimer I work at ZITADEL and am one of the co-founders.

    We always recommend not building auth by yourself. In the first place it may look simple like its only two input fields and a button (username, password), but to get a really secure solution its a lot more to do. You might need some more authentication methods like passwordless, mfa or identity brokering with google, microsoft, etc.

    With ZITADEL we built a solution that combines best of Auth0 (great SaaS solution) and Keycloak (opensource). We believe that a cloud SaaS solution is great to go if its possible to use a cloud solution, but there are always lots of on-prem use cases, thats why we are opensource. https://github.com/zitadel/zitadel

    ZITADEL is also focused on B2B usecases, so you can have multi tenancy really easy.

    If you have any questions just let me know.

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts