- fusionauth-issues VS Ory Oathkeeper
- fusionauth-issues VS Ory Kratos
- fusionauth-issues VS openiddict-core
- fusionauth-issues VS ASP.NET Core
- fusionauth-issues VS Keycloak
- fusionauth-issues VS KrakenD
- fusionauth-issues VS Doorkeeper
- fusionauth-issues VS oauth2-proxy
- fusionauth-issues VS AppAuth-Android
- fusionauth-issues VS saml-idp
Fusionauth-issues Alternatives
Similar projects and alternatives to fusionauth-issues
-
Ory Oathkeeper
A cloud native Identity & Access Proxy / API (IAP) and Access Control Decision API that authenticates, authorizes, and mutates incoming HTTP(s) requests. Inspired by the BeyondCorp / Zero Trust white paper. Written in Go.
-
openiddict-core
Versatile OpenID Connect stack for ASP.NET Core and Microsoft.Owin (compatible with ASP.NET 4.6.1)
-
SonarQube
Static code analysis for 29 languages.. Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.
-
Ory Kratos
Next-gen identity server (think Auth0, Okta, Firebase) with Ory-hardened authentication, MFA, FIDO2, TOTP, WebAuthn, profile management, identity schemas, social sign in, registration, account recovery, passwordless. Golang, headless, API-only - without templating or theming headaches. Available as a cloud service. (by ory)
-
Keycloak
Open Source Identity and Access Management For Modern Applications and Services
-
ASP.NET Core
ASP.NET Core is a cross-platform .NET framework for building modern cloud-based web applications on Windows, Mac, or Linux.
-
KrakenD
Ultra performant API Gateway with middlewares. A project hosted at The Linux Foundation
-
oauth2-proxy
A reverse proxy that provides authentication with Google, Azure, OpenID Connect and many more identity providers.
-
Scout APM
Less time debugging, more time building. Scout APM allows you to find and fix performance issues with no hassle. Now with error monitoring and external services monitoring, Scout is a developer's best friend when it comes to application development.
-
Doorkeeper
Doorkeeper is an OAuth 2 provider for Ruby on Rails / Grape.
-
-
AppAuth-Android
Android client SDK for communicating with OAuth 2.0 and OpenID Connect providers.
-
-
hyperhyperspace-core
A library to create p2p applications, using the browser as a full peer.
-
-
terraform
Terraform enables you to safely and predictably create, change, and improve infrastructure. It is an open source tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.
-
examples
Serverless Examples – A collection of boilerplates and examples of serverless architectures built with the Serverless Framework on AWS Lambda, Microsoft Azure, Google Cloud Functions, and more. (by serverless)
-
aws-cdk
The AWS Cloud Development Kit is a framework for defining cloud infrastructure in code
-
AppAuth-iOS
iOS and macOS SDK for communicating with OAuth 2.0 and OpenID Connect providers.
-
craftsman
A .NET 6 scaffolding tool to help you stop worrying about boilerplate and focus on your business logic 🚀
-
serverless-wsgi
Serverless plugin to deploy WSGI applications (Flask/Django/Pyramid etc.) and bundle Python packages
-
glewlwyd
Experimental Single Sign On server, OAuth2, Openid Connect, multiple factor authentication with, HOTP/TOTP, FIDO2, TLS Certificates, etc. extensible via plugins
fusionauth-issues reviews and mentions
-
Are Magic Links Outdated?
Another issue that I don't see covered here is that some email clients (looking at you, Outlook) pre-fetch links to see if they are security risks. If you build a magic link system which handles plain old GETs, the one time code gets used up before the user can actually log in.
We ran into this at FusionAuth and had to do implement some workarounds, documented here: https://github.com/FusionAuth/fusionauth-issues/issues/629#i...
Edit: https://news.ycombinator.com/item?id=32081192 mentions some other issues.
-
Ask HN: Anyone use GitHub Issues at their company?
We do, extensively, both internally and externally. In fact, we don't have any other explicit way to order engineering work. (There's always the "inside the CTO's head" priority list, but we strive to get that into GH issues.)
https://github.com/fusionauth/fusionauth-issues/issues is our main external facing repo. We use it:
* to track issues. Every code change should tie back to an issue in this repo.
* to get feedback from the community. People can upvote issues that are important to them.
* to take input from the community. If someone wants a feature added or a bug fixed, we ask them to file an issue. This is a desired bit of friction (if you can't be bothered to file an issue, then you probably don't care that much).
* to expose the near term roadmap to customers and community members (we do this using milestones)
* to expose our decision making and prioritization process. We've had customers say they loved that about our product. The product is not open source, but the development process is as transparent as we can make it (see https://github.com/FusionAuth/fusionauth-issues/issues/1577 for example).
It's great for all those things. On to your concerns:
* bug reporting: yes, but make sure you use templates
* sprint/epic management: okay for that. Not easy to tie bugs together in any structured way (we use a 'related bugs' section of the issue description, but that depends on frail humans to keep it up to date)
* release management (from development, to code review, to QE verification, to release): less familiar with this, I know there is a kanban view that we've used. Milestones are useful here.
* integration with non-engineering teams (ie, letting customer support/customer success tag issues that customers have brought up): as long as they are GH knowledgeable, it'll work.
From my limited jira experience, it's much more powerful when you have teams of teams and need reporting and customization. But for a team our size (<10 engineers), GH issues has been great.
-
AWS is playing chess, Cloudflare is playing Go
This is our major need right now:
https://github.com/FusionAuth/fusionauth-issues/issues/1393
Basically, providing a static IP to some EC2 instance traffic so that folks can add an IP to their firewall.
-
Kanidm: A simple, secure and fast identity management platform
Interesting that they are choosing to provide an integrated solution including user management and OAuth IdP ( https://github.com/kanidm/kanidm/pull/485 ) rather than plug into existing open source or even commercial offerings.
Here's a design doc about their OAuth choices: https://github.com/kanidm/kanidm/blob/master/designs/oauth.r...
It would seem simpler to go with the Ory approach of "best in breed" for, say network management tooling (most of which they already have implemented), and then integrate with Keycloak, Okta, FusionAuth, the Ory suite, etc for user management. Maybe they didn't want to do that because there are synergies with integrated user management? I dunno, seems like there are a lot of user management tools out there.
I also find it interesting that they explicitly disallow a goal of building a better LDAP server. I think there's a lot of room to run in that. My employer has had users show a fair bit of interest in a modern experience with LDAP layered on top ( https://github.com/FusionAuth/fusionauth-issues/issues/954 ) and I talked to someone at a conference that had built a whole business out of virtual LDAP: https://www.radiantlogic.com . They were working with companies with multiple LDAP based auth systems, and providing a way to have apps see one view of the user.
Maybe kanidm isn't that project, but it seems like a modern OSS LDAP implementation would be welcomed by the software community.
Disclosure: I work at FusionAuth.
-
Paserk: Platform Agnostic SERialized Keys
I've looked at paseto (and even filed an issue in our repo about supporting them: https://github.com/FusionAuth/fusionauth-issues/issues/773 ) but the thing I keep running into is:
* JWT can be secure if you are careful
-
Is there a quicker way of setting up auth for apps and SPAs in .NET Core?
There's also FusionAuth
- Authentication in ASP.NET Core API without using third party solutions
-
Auth0 has been down for 2+ hours with the root cause still unidentified
Check out FusionAuth, https://fusionauth.io/
-
Never write a UserService again
as-a-service: Okta, Amazon Cognito, onelogin, PingIdentity, FusionAuth
- The Difficulties of SAML Single Logout
-
Authelia is an open-source authentication/authorization server with 2FA/SSO
These dimensions all matter to varying degrees depending on your team and needs.
Disclosure: I work for https://fusionauth.io/ which has open source supporting libraries and docs, but which is itself not open source.
-
IdentityServer is overkill for many Blazor apps. What else is better?
Look at https://fusionauth.io/ We too had the same problems with IdentityServer that you had as well as they switch to a fee. We ran across this and it works great. I think it is a lot easier to use as well and the interface that it comes with is good for setting up auth on a site.
-
The reason okta spent $6.5B Auth0
* documentation and developer experience
And that doesn't get into specific features that you might need. An example: if you want to modify a user object in the middle of a login flow, Auth0 has rules, we have Lambdas, Keycloak has plugins. How are you going to know what features you need without building out at least a sample app?
Oh, and pricing! Lots of the smaller operations (us included) have transparent pricing, but Okta/Auth0 don't.
I wrote out a list of 13 different use cases for FusionAuth ( https://github.com/fusionauth/fusionauth-issues/issues/1002 ) and I am still discovering new ways this coiuld be used. I'm sure that is the case with all these competitors.
It's the old elephant story: https://www.peacecorps.gov/educators/resources/story-blind-m...
That does clarify things. To be honest I thought "Editions" was a product alongside "Cloud".
So Fusionauth looks pretty good - it does a lot more than I need. Though the lack of a "public path" setting is the first roadblock: https://github.com/FusionAuth/fusionauth-issues/issues/88
-
Okta to Acquire Auth0 for $6.5 billion
We do have an open issue on the roadmap that I think is what you are looking for - no immediate plans to implement this feature. But if we get enough interest - we would build it. https://github.com/FusionAuth/fusionauth-issues/issues/954
Stats
Popular Comparisons
Are you hiring? Post a new remote job listing for free.