Hacker News new | past | comments | ask | show | jobs | submit login
Ask HN: What are the major open source alternatives to Auth0?
14 points by eatonphil on Nov 30, 2021 | hide | past | favorite | 16 comments
I'm trying to get more familiar with the options that exist for open source auth providers that provide similar service to Auth0 or Google Accounts (so, more focused on OIDC than older protocols like LDAP). I'm aware of Keycloak, Kanidm, SuperTokens, Ory, FusionAuth.

Are there any other open source auth providers I should look into?




CAS?

https://www.apereo.org/projects/cas

https://github.com/apereo/cas

https://apereo.github.io/cas/6.4.x/index.html

Also, floating around out there, somewhere, on the 'net, should be whatever became of the old Sun Identity Manager product. During the Jonathon Schwartz era, Sun made a TON of their products Open Source, but after the Oracle acquisition a lot of that stuff was left to more or less die on the vine. But in some cases, other firms picked up the code and continued the project(s). I think that happened for their Idm product, but don't quote me on that.


ForgeRock picked up a bunch of it and did just as objectionable things with the licensing - for all intents and purposes the the Sun identity stuff is dead unless you enjoy dealing with ghouls.

I’d say better alternatives to Auth0 today are things like KeyCloak.


Aah, yeah, I remember now, Sun did make a lot of stuff Open Source, but they used a slightly controversial license (the CDDL[1]) for a lot of it. As I recall, it caused a lot of grief for people who wanted to pick up their stuff and do anything downstream with it.

I do remember the name ForgeRock now, but I never used any of their stuff. By the time all that happened, I wasn't doing much in the IdM space anymore.

The whole episode is kind sad, really. Schwartz did some good things at Sun, and while their embrace of Open Source wasn't perfect, they released a lot of code and put a lot of weight behind F/OSS. If they had been able to continue as an independent company a bit longer, and not get borg'd by Oracle, it would have been interesting to see what might have happened.

[1]: https://en.wikipedia.org/wiki/Common_Development_and_Distrib...


I disagree. Oracle just continued the flawed open source strategy that Sun was already carrying out for many years. If Sun had continued, I think we wouldn't be much different than we are today. The OpenSolaris project was a great example. It was already dead way before Oracle bought Sun.


Thank you!


https://supabase.com/ is a new popular option.


I don't think that's an alternative to auth0 but an alternative to an entire backend. You don't just use supabase as your auth service AFAIK.


{supabase ceo}

You can! A lot of people do. Or you can use the Auth server directly: https://github.com/supabase/gotrue


Thanks for clarifying! Is your fork meaningfully different than Netlify's original repo?


If you use MySQL you should go with Netlify’s and our fork for Postgres. We have a few extra OAuth/SMS providers too, but hope to upstream them shortly


Shibboleth? It does OIDC and SAML, etc.

https://shibboleth.atlassian.net/wiki/spaces/IDPPLUGINS/page...


https://www.ory.sh/login-spa-react-nextjs-authentication-exa...


I mentioned Ory already, thanks!


Sorry I can't read.


passportjs if you're using node <http://www.passportjs.org/>


That's not an auth server AFAIK, that's just a library for connecting to auth servers.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: