top | item 37853187

(no title)

hatf0 | 2 years ago

The comparison with simply just Hydra is rather unfair too as the strength with Ory products is when they work in tandem (e.g. oathkeeper & hydra). Hydra is as barebones as you can get for a OAuth2 provider - that’s all it does & is meant to do. Stack it with Oathkeeper and you have a dynamic way of enforcing endpoint authentication that can entirely be managed using Kubernetes custom resources. Nothing I’ve found comes even close to touching the Ory stack in that regard.

discuss

apitman|2 years ago

The Ory stack looks to be very high quality for sure. But so far in this thread there's been mentioned Hydra, Kratos, and Oathkeeper in order to run an OIDC server. You say Hydra is as barebones as you can get, but by itself it has 58 direct dependencies. I'm sorry, it just seems to be targeted at a completely different demographic.

hatf0|2 years ago

When has the number of dependencies ever directly correlated with the feature set of an application? Have you ever looked at a node_modules folder? More over, how is that relevant in any way? This argument against dependencies has always felt like weird NIH-ism spawned out of the same crowd who still thinks that C is a good programming language. Have fun reinventing the wheel, but I’ll take my dependencies to go.

Additionally, you’re conflating an OIDC server with a full IdP, which Hydra explicitly is not. I don’t need a full identity provider with support for user profile pictures and a pretty UI if all I’m doing is controlling access to API endpoints via OAuth2 client credentials. I already have an identity provider, and I’m not foolish enough to think that I should host one myself.

You’re completely correct in that you are not the intended demographic if you don’t understand the utility of the Ory stack, and that’s okay.