> Last but not least, cost. I’ll just come out and say it: IMHO, what most vendors charge for being IdP is outrageous. Charging by MAU in an IdP? Really? We all know that the marginal cost for me to have a user in your system is essentially 0. You really gonna charge me 10 cents a month for a row in your database?
I've been looking into adding OAuth2/OIDC IdP integrations to an app I'm making. The pricing for most auth-as-a-service is indeed outrageous, and I don't need (or want) JWT. oauth4webapi [1] fits the bill here, is free and certified. Took less than an afternoon to have sign in with Google and another IdP. There's obviously more work to be done, but it's not rocket science.
Don't know if there's an equivalent for SAML. But I've certainly considered going into the auth SaaS business a few times. Seems like there's good money to be made.
> the marginal cost for me to have a user in your system is essentially 0
This argument essentially reduces to the notion that most Web apps should be free. The marginal cost of a Salesforce/Canva/Outlook/Office/Github/Discord/any scaled SaaS user is a tiny epsilon. If that were not true, there would not be a viable software business there; that epsilon keeps everyone paid who keeps everything running.
> You really gonna charge me 10 cents a month for a row in your database?
Apologies for the analogy, but the 10 cents is not for the storage, but for knowing which row is yours.
It's fine to want to DIY, no shade to that at all. But not every application is a fit for DIY solutions for whatever reason.
I have setup Keycloak a bunch of times. I don't know if I would say it is a good solution (that would be ditching SAML), but it doesn't require you to pay outrages fees.
jansommer|1 year ago
I've been looking into adding OAuth2/OIDC IdP integrations to an app I'm making. The pricing for most auth-as-a-service is indeed outrageous, and I don't need (or want) JWT. oauth4webapi [1] fits the bill here, is free and certified. Took less than an afternoon to have sign in with Google and another IdP. There's obviously more work to be done, but it's not rocket science.
Don't know if there's an equivalent for SAML. But I've certainly considered going into the auth SaaS business a few times. Seems like there's good money to be made.
[1] https://github.com/panva/oauth4webapi (TypeScript)
runako|1 year ago
This argument essentially reduces to the notion that most Web apps should be free. The marginal cost of a Salesforce/Canva/Outlook/Office/Github/Discord/any scaled SaaS user is a tiny epsilon. If that were not true, there would not be a viable software business there; that epsilon keeps everyone paid who keeps everything running.
> You really gonna charge me 10 cents a month for a row in your database?
Apologies for the analogy, but the 10 cents is not for the storage, but for knowing which row is yours.
It's fine to want to DIY, no shade to that at all. But not every application is a fit for DIY solutions for whatever reason.
tomjen3|1 year ago