Ya not where we can expect better interaction... M...
# generala
adventurous-battery-51816
11/05/2024, 7:20 PMYa not where we can expect better interaction... Maybe GitHub?
m
magnificent-energy-493
11/06/2024, 2:14 PM
Hello @adventurous-battery-51816
are you posting about the same issue as Gauthier above or is it related to something else?
a
adventurous-battery-51816
11/06/2024, 2:28 PMMy reply was the general lack of replies / activity... So a general issue. Slack might not be the right option if banners like this are loading right away in a chat about a paid product:
adventurous-battery-51816
11/06/2024, 2:29 PMMy original question was:
So multitenancy is how ory deals with multiple FQDNs on one ory instance? I'm trying to do SSO and if each FQDN corresponds to its own ory kratos instance, then how do we have one login (SSO) across 4 domain names?
[2:47 PM] Johnathan
https://www.ory.sh/docs/kratos/guides/multi-tenancy-multitenant
m
magnificent-energy-493
11/07/2024, 12:10 PM
Hello @adventurous-battery-51816
the main function of this Slack is the community chat - we offer a separate support ticketing system for Ory Network users.
But you are right that Slack recently really put on the nag-screens to get us on a paid plan - which is not feasible for this size of community. Other other I see would be to use something like Discord or a forum-like software like Discourse - both have their own set of tradeoffs and a migration is pretty involved.
But something we would definitely take a look at next year.
Are you using Ory Network or looking to self-host Ory?
In Ory Network you can use the so-called "Multi-brand" feature.
a
adventurous-battery-51816
11/07/2024, 12:30 PMOnly looking to self host. Just mentioned the paid user thing because I noticed several others who mentioned that they are... Zulip is a lot more in line with a company that is into FOSS that discord or slack. There are others as well.
adventurous-battery-51816
11/07/2024, 12:31 PMYour docs contradict what a lot of github posts say: "It is not possible to self-host Ory Kratos as a multi-tenant service as its data model does not support this due to data, scalability, and operational complexity."
adventurous-battery-51816
11/07/2024, 12:32 PMWhereas there are posts around the web about "one kratos instance per domain" in order to have a multitenant ory setup without ory network...
adventurous-battery-51816
11/07/2024, 12:34 PMhttps://www.ory.sh/ory-vs-auth0/
"Allow users to have different profiles per tenant" - not listed as paid... Still confused
adventurous-battery-51816
11/07/2024, 12:39 PMOr put differently, how would one achieve this using Ory's offerings - or can they?
"...With the hosted login page from ZITADEL developers will get the best support for multi-tenancy single-sign-on with third-party identity providers..."
https://zitadel.com/docs/guides/integrate/login/login-users
m
magnificent-energy-493
11/08/2024, 1:53 PM
See this for a more technical explanation why we say you cant do it self-hosted: https://github.com/ory/kratos/discussions/2403#discussioncomment-2575956
If we aren't explicit in the docs in our experience we get a lot of questions of people who run into issues attempting to do multi-tenancy themselves. So rather say its not supported than cause frustration.
As for the comparison page "Allow users to have different profiles per tenant" - this is a comparison of Ory Network and Auth0 - multi-tenancy is only really a feature of the managed service.
one kratos instance per domainthis works on small scale but if you want "real" multi-tenancy with many tenants its not trivial, see the github comment above. As for the Zitadel orgs, I am not sure how they work exactly, but the equivalent would be https://www.ory.sh/docs/kratos/organizations/ probably - this is not an OSS feature though.
6 Views