Open Source Authentication and Authorization

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
SAML Oauth2 Authentication Authorization Oidc

WorkOS
Our great sponsors
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • the-usher-server

    Authorization server. The Usher looks at your ticket and tells you where you're authorized to go.

    • In my experience, businesses are especially concerned with authorization — enabling product sales to customers.

    They would rather not deal with identity and authentication — usernames and passwords — at all. These are already quite nicely handled to various degrees by Cogntio, Auth0, Azure Active Directory, and others.

    To address minimalist authorization needs, the portfolio of companies I worked with collaborated to create The Usher[1]. The Usher is an open source authorization server in NodeJS. Worth a peek if you, too, want to focus on authorization separate from authentication.

    Disclosure: I am a contributor to The Usher.

    [1] https://github.com/DMGT-TECH/the-usher-server

  • authentik

    The authentication glue you need.

    • That it is, but is a bit convoluted. I ended up settling on Authentik. [0]

    [0] https://goauthentik.io/

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

    WorkOS logo

  • free-for-dev

    A list of SaaS, PaaS and IaaS offerings that have free tiers of interest to devops and infradev

    • I'm just starting a new project, and having only rolled our own ghetto authentication and authorization in the past the number of options out there is quite overwhelming!

    https://free-for.dev/#/?id=authentication-authorization-and-...

    ...any advice on a cheap + easy self-hosted solution?

  • zitadel

    ZITADEL - The best of Auth0 and Keycloak combined. Built for the serverless era.

    • The software is open source under Apache 2.0 (https://github.com/zitadel/zitadel). No open core or similar, we run the same version on our Cloud Service and for Enterprises. Thanks for the feedback, we need to make that more obvious then.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts