top | item 45915868

(no title)

bitcrshr | 3 months ago

Kratos is awesome, especially alongside Hydra, OathKeeper, and Keto. Super powerful combo, if not a little intimidating at first. There’s a LOT of configuration involved, but that’s to be expected if you want to host your own Auth0 replacement.

Their dynamic forms stuff is really cool too, always liked how they chose to go about that. Only complaint I really ever had is that while their docs were overall serviceable, I remember some areas were pretty lacking and I had to dig really far to find answers to some fairly common issues.

discuss

throwaway894345|3 months ago

I've often wondered why there isn't a simpler identity provider service that does the thing that ~90% of applications need without all of the complex configuration.

skrtskrt|3 months ago

The world of Auth has been made miserable with everything having to support OAuth2/LDAP/SSO/SAML etc., plus a million versions of access control, session configs, yadda yadda. Each of these has their own (usually legitimate) purpose, but also each one has to integrate with other providers that each don't follow and/or extend the spec in their own special way. And the pain goes on and on.

Obviously you can make a product that only does really good username/password auth for example, but there's always more pressure to implement more things for another use case.

snowfield|3 months ago

You can host authentik with one click in docker. It's super easy to set up

ChristianJacobs|3 months ago

Have you tried Pocket-ID? I use it for my home server with LLDAP as the identity provider.

AlphaSite|3 months ago

Honestly. We used dex. It worked pretty well.