Hey friends ๐
Auth0 and its parent company, Okta, are what developers think of when managing user authentication and authorisation. Both do, in general, a great job at implementing secure access for our favourite apps!
They are also the tools to help us work with the temperamental 0Auth2. ๐
Though this option deserves to be considered, many decent alternatives are on the market.
In the open-source world, we are particularly excited about the below 5 alternatives!
Let's dive straight into it ๐
Ory
Ory is a big name in the industry. It maintains advanced open-source security software solving authentication, authorisation, access control, application network security, and delegation. Ory Kratos is the open-source repository that is Auth0-like. It focuses on the identity, user management and authentication system for the Cloud.
The main features you can expect are:
- Registration, login, and account management flows for passkeys, biometric authentication, social sign-in, SSO, and multi-factor authentication
- Pre-built login, registration, and account management pages and components
- OAuth2 and OpenID Connect provider for single sign-on, API access, and machine-to-machine authorization
- Low-latency permission checks based on Google's Zanzibar model and with built-in support for the Ory Permission Language
Hanko
Hanko is an elegant project focused on an open-source authentication and user management solution. Their approach focuses on moving the login beyond passwords. Passkeys are the future, and this was well articulated in the blog post The Beginning of the End of the password, an article written by Google.
Since passkeys were announced only very recently, the ecosystem of devices, browsers, and operating systems is getting ready to move beyond passwords.
Hanko has been preparing for this shift, and as of present, it provides:
- Fast integration with Hanko Elements web components (login box and user profile)
- API-first, small footprint, cloud-native
- Availability for self-hosting and on Hanko Cloud.
The easiest way to get started with hank is with docker-compose:
1๏ธโฃ Clone this repository: git clone https://github.com/teamhanko/hanko.git
2๏ธโฃ In the newly created hanko folder, run:
docker compose -f deploy/docker-compose/quickstart.yaml -p "hanko-quickstart" up --build
3๏ธโฃ After the services are running, the login page can be viewed at localhost:8888. To receive emails without your own SMTP server, Hanko added mailslurper which will be available at localhost:8080.
Cerbos
Cerbos is an authorisation layer. It enables you to define context-aware access control rules for your application resources in YAML policies, which are managed and deployed via your Git-ops infrastructure. You can set up a self-hosted Cerbos Policy Decision Point.
With Cerbos you can:
- Define authorisation logic in a collaborative IDE and testing environment
- Collaborate with colleagues to author and share policies in private playgrounds
- Deploy with a fully hosted CI/CD pipeline
- Build special policy bundles for client-side or in-browser authorisation
Here is how Cerbos works with your application (a more advanced explanation can also be found here ) : ๐
To try out Cerbos, you can get started with their very fun Cerbforce tutorial. ๐
Zitadel
Zitadel is an open-source user management tool quickly set up like Auth0. Zitadel is built with a complex multi-tenancy architecture in mind, and it provides solutions to handle B2B customers and partners.
Zitadel is built with the following structure in mind:
- API-first approach
- Multi-tenancy authentication and access management
- Strong audit trail due to event sourcing as storage pattern
- Actions to react on events with custom code
- Self-service for end-users, business customers, and administrators
- CockroachDB or a Postgres database as storage option
You should consider Zitadel if you are interested in leveraging the below features:
- Multi-tenancy with team management
- Secure Login
- Self-service
- OpenID Connect
- OAuth2.x
- SAML2
- LDAP
- Passkeys / FIDO2
- OTP
If the information above makes you think Zitadel is a good fit for you, you can get started by checking out their guide here.
SuperTokens
SuperTokens is another open-source authentication solution.
The main features you can find on the platform are the following:
- Various login types: Email / password, Passwordless (OTP or Magic link based), Social / OAuth 2.0
- Access control
- Session management
- User management
- Self-hosted / managed cloud
Their architecture is unique because your backend API layer would sit in the middle of your front end and SuperTokens'. This enables easy customisations to the auth logic and allows for a secure session solution.
To start with SuperTokens, you can use their practical guide to pick the login type you want and get started here.
That's it for this one. โ๏ธ
As you have learned in this article, there are many exciting alternatives to Auth0.
You should look into each alternative and determine what service best suits your current or future needs.
In the meantime, I invite you to consider supporting these projects by starring them.
(We are not affiliated with them. We just think that great projects deserve great recognition.) โญ๏ธ
See you next week,
Your Dev.to buddy ๐
Bap
If you want to join the self-proclaimed "coolest" server in open source ๐, you should join our discord server. We are here to help you on your journey in open source. ๐ซถ
Top comments (19)
I'm actually surprised at this list, not too long ago we did our own competitor research at Authress, and came out with the list posted in this article: authress.io/knowledge-base/article...
You can also check out FusionAuth. The self hosted community version is free and has the core features most applications need. They do also have support plans if needed and hosted versions as well.
Check out AuthKit by WorkOS: authkit.com/
The hosted version is free up to 1,000,000 MAUs.
@grinich, I have to say, the authkit is pretty amazing!
It does look really slick indeed ๐
Thanks for sharing this Michael ๐
Okay, I might be a bit biased since I work at FusionAuth, but I truly believe it's worth considering. Our self-hosted community version is completely free and surprisingly robust for most applications. We also have support plans (fusionauth.io/pricing) and hosted versions if you want to hand off the management down the line.
Oh wow - thanks for sharing this, Alex. It's a Very interesting (and appealing!) pricing method; first time I've seen something like this. ๐ค
nice one! So is this mostly about authZ or authN?
Thanks for the comment Matija, this is mostly about authZ (though the services above do take care of authN too ๐).
clerk
kinde
lucia
Thanks for sharing these ๐คฉ
The ecosystem for Auth0 alternatives is vast!
Cerbos is one of my favorites!
๐ช
There are so many open-source alternatives!
I love it!
Indeed my friend ๐
You didn't check justpass.me
I didnโt know about justpass.me. Really cool project - thanks for sharing Mohamed ๐
If there are any other alternatives I forgot about, please share them in the comments section below ๐๐