
Ask HN: Open-source auth0/octa alternative? - aloukissas
Hi HN community! Are you familiar with any OSS projects that aim to have somewhat parity with using an identity service like auth0 or octa? The idea is for this to have all the nice things about having a 3rd party service for identity, but being able to run in one&#x27;s infra. Something e.g. what https:&#x2F;&#x2F;github.com&#x2F;mikecao&#x2F;umami does for analytics.<p>What I&#x27;d like this to have: (a) .sql files to setup the DB, (b) Dockerfile for easy deployment, (c) admin panel for stuff like tracking&#x2F;revoking sessions, etc, (d) built on something battle-tested (e.g. devise).
======
ThePhysicist
Keycloak ([https://www.keycloak.org/](https://www.keycloak.org/)) seems to be
the most popular OS solution.

~~~
aloukissas
Thanks, this is pretty close to what I'm looking for!

------
verdverm
Check the CNCF Landscape. DEX used to be there but doesn't seem to be lately.
There ought to be something over there.

I don't think you will find something as mature as you want in OSS. I have yet
to find it, maybe someone else is aware...

~~~
dankohn1
Here's Dex:
[https://landscape.cncf.io/selected=dex](https://landscape.cncf.io/selected=dex)

------
matdehaast
Highly recommend the stuff from Ory. They have Kratos
([https://github.com/ory/kratos](https://github.com/ory/kratos)). Which I
haven’t used because it was still alpha but have used Hydra extensively and it
is an amazing piece of tech

------
notmyname9173
auth0 and Okta are basically private SAML (+OAuth +OIDC) federation
facilitators. The pieces to build what you describe are all out there, but
there aren’t a ton of pre-assembled packages.

Keycloak is a pretty competent all-in-one solution, but has weak support for
some standards that are critical for higher-Ed (who tend to drive most of the
new work in IAM).

FreeIPA is also worth a look. If you add Shibboleth or SimpleSAMLphp and a web
UI, you’d be close to Keycloak in terms of features (but maybe not
maintenance).

------
avenger123
I'm evaluating fusionauth.io myself. It seems it would fit your requirements.
It's not fully OSS though.

------
dylz
keycloak

hydra/kratos

fusionauth (not FOSS; not very good for a public internet application -
probably ok for internal apps)

gluu

~~~
brokenwren
NOTE: that I'm the founder of FusionAuth.

Just thought I would mention that FusionAuth is powering a bunch of huge
public internet applications with millions of MAU. Our largest customers have
10s of millions of total users as well.

We built it to scale to any size so don't worry about size.

Plus, it's free! :)

