Hey friends 👋 Auth0 and its parent company, Okta, are what developers think of when managing and authorization. Both do, , a great job at implementing secure access for our favorite apps! user authentication in general They are also the tools to help us work with the temperamental 0Auth2. 😅 Though this option deserves to be considered, many decent alternatives are on the market. In the open-source world, we are particularly excited about the below 5 alternatives! Let's dive straight into it 👇 Ory Ory is a big name in the industry. It maintains advanced open-source security software solving authentication, authorization, access control, application network security, and delegation. Ory Kratos is an open-source repository that is Auth0-like. It focuses on the identity, user management, and authentication system for the Cloud. The main features you can expect are: Registration, login, and account management flows for passkeys, biometric authentication, social sign-in, SSO, and multi-factor authentication Pre-built login, registration, and account management pages and components OAuth2 and OpenID Connect provider for single sign-on, API access, and machine-to-machine authorization Low-latency permission checks based on Google's Zanzibar model and with built-in support for the Ory Permission Language Hanko Hanko is an elegant project focused on an open-source authentication and user management solution. Their approach focuses on moving the login beyond passwords. Passkeys are the future, and this was well articulated in the blog post , an article written by Google. The Beginning of the End of the Password Since passkeys were announced only very recently, the ecosystem of devices, browsers, and operating systems is getting ready to move beyond passwords. Hanko has been preparing for this shift, and as of present, it provides: Fast integration with Hanko Elements web components (login box and user profile) API-first, small footprint, cloud-native Availability for self-hosting and on Hanko Cloud. The easiest way to get started with hank is with docker-compose: 1️⃣ Clone this repository: git clone https://github.com/teamhanko/hanko.git 2️⃣ In the newly created hanko folder, run: docker compose -f deploy/docker-compose/quickstart.yaml -p "hanko-quickstart" up --build 3️⃣ After the services are running, the login page can be viewed at . To receive emails without your own SMTP server, Hanko added mailslurper which will be available at . localhost:8888 localhost:8080 Cerbos Cerbos is an authorization layer. It enables you to define context-aware access control rules for your application resources in YAML policies, which are managed and deployed via your Git-ops infrastructure. You can set up a self-hosted Cerbos Policy Decision Point. With Cerbos you can: Define authorization logic in a collaborative IDE and testing environment Collaborate with colleagues to author and share policies in private playgrounds Deploy with a fully hosted CI/CD pipeline Build special policy bundles for client-side or in-browser authorization Here is how Cerbos works with your application (a more advanced explanation can also be found ): 👇 here To try out Cerbos, you can get started with their very fun . 😉 Cerbforce tutorial Zitadel Zitadel is an open-source user management tool that is quickly set up like Auth0. Zitadel is built with a complex multi-tenancy architecture in mind, and it provides solutions to handle B2B customers and partners. Zitadel is built with the following structure in mind: API-first approach Multi-tenancy authentication and access management Strong audit trail due to event sourcing as a storage pattern Actions to react to events with custom code Self-service for end-users, business customers, and administrators CockroachDB or a Postgres database as a storage option You should consider Zitadel if you are interested in leveraging the below features: Multi-tenancy with team management Secure Login Self-service OpenID Connect OAuth2.x SAML2 LDAP Passkeys / FIDO2 OTP If the information above makes you think Zitadel is a good fit for you, you can get started by checking out their guide . here SuperTokens SuperTokens is another open-source authentication solution. The main features you can find on the platform are the following: Various login types: Email/password, Passwordless (OTP or Magic link-based), Social / OAuth 2.0 Access control Session management User management Self-hosted/managed cloud Their architecture is unique because your backend API layer would sit in the middle of your front end and SuperTokens'. This enables easy customizations to the auth logic and allows for a secure session solution. To start with SuperTokens, you can use their practical guide to pick the login type you want and get started . here That's it for this one. ☝️ As you have learned in this article, there are many exciting alternatives to Auth0. You should look into each alternative and determine what service best suits your current or future needs. In the meantime, I invite you to consider supporting these projects by starring them. ⭐️ (We are not affiliated with them. We just think that great projects deserve great recognition.) See you next week, Your Hackernoon buddy 💚 Bap Also published . here

This story contains new, firsthand information uncovered by the writer.

Too Long; Didn't Read

Making security fun one episode at a time

5 Open Source Alternatives to Auth0 to be Excited About in 2024

Too Long; Didn't Read

Baptiste Fernandez

STORY’S CREDIBILITY

Original Reporting

About Author

TOPICS

THIS ARTICLE WAS FEATURED IN...

5 Open Source Alternatives to Auth0 to be Excited About in 2024

Too Long; Didn't Read

Baptiste Fernandez

STORY’S CREDIBILITY

Original Reporting

About Author

TOPICS

THIS ARTICLE WAS FEATURED IN...

RELATED STORIES