https://www.ory.sh/ logo
f

fresh-ocean-48477

12/09/2021, 2:39 PM
Hello, everybody. I’m evaluating Ory Kratos/Hydra as an alternative to Auth0. Was going to get started by installing from Kratos from Helm and I’m not making a lot of progress. Hoping that I’m missing something obvious. Would appreciate any feedback you could give me.
The two pods from the StatefulSet and Deployment are coming up, but neither of them are happy with the database.
At this point I believe I need to run a migration as a separate step.
m

magnificent-energy-493

12/09/2021, 3:28 PM
Hey Alan, glad to hear that! Also check out the #self-hosted channel for questions/answers around selfdeploying Ory!
m

microscopic-forest-58980

12/09/2021, 4:23 PM
We're also using Auth0 (and AD B2C a bit) and I'm always keeping an eye out for people's experiences migrating. Love to hear more as you get more experience with ory.
f

fresh-ocean-48477

12/09/2021, 4:24 PM
Actually, I’m wondering if you have a sales representative at this point.
Or, rather, if Ory has one.
m

microscopic-forest-58980

12/09/2021, 4:29 PM
So that's interesting to me also - if I were migrating and was on slack with the core devs I'd consider that superior to speaking to a salesperson. What are you hitting?
(If you don't mind me asking)
f

fresh-ocean-48477

12/09/2021, 4:34 PM
Had a conversation with the team that produced a short list of features that a solution ought to have… 1. Email verification blocks registration. 2. Invitations. 3. RBAC. 4. JWT with custom claims pulled (as opposed to set through an API.) 5. Google sign-on (which I know Kratos has.)
We’re using Auth0 and Firebase and moving to Auth0 to for a new project where we tried Firebase and saw that we had to write a lot of UI/UX code.
m

microscopic-forest-58980

12/09/2021, 5:25 PM
f

fresh-ocean-48477

12/09/2021, 5:27 PM
Robert, these guys might owe you a comission.
😂 1
Thanks that is very helpful. I take it from what I’ve read, that Kratos doesn’t do any email templating. It give you the links you the links you need and provides a flow.
m

microscopic-forest-58980

12/09/2021, 5:28 PM
I imagine so
Personally I'd use Sendgrid or similar and keep templates there
f

fresh-ocean-48477

12/09/2021, 5:29 PM
I’m okay with that.
m

microscopic-forest-58980

12/09/2021, 5:29 PM
And just have Ory orchestrate
f

fresh-ocean-48477

12/09/2021, 5:29 PM
Yeah. The login flow was copy-and-paste react. We’d have to CSS Auth0 anyway.
m

microscopic-forest-58980

12/09/2021, 5:30 PM
Yep.
m

magnificent-energy-493

12/09/2021, 5:41 PM
Thanks Robert 🙌 This is all correct! We also have a managed offering called Ory Cloud, if you dont want to forgo all the set up& deployment. Currently offering Ory Kratos self-service APIs and we are working on integrating Keto & Hydra soon, which would cover the rest of your requirements. Currently you can run Keto & Hydra as sidecar to Ory Cloud or go full self-hosted. Check out Ory Cloud, we want to build it as a convenient and price efficient way to run Ory software. https://console.ory.sh/registration You can also speak to @orange-needle-13244 he is taking care of the business side of things 🙂
👍 1
m

microscopic-forest-58980

12/09/2021, 5:46 PM
One day I will come knocking for a discount 😄
🥰 2
f

fresh-ocean-48477

12/09/2021, 5:47 PM
@magnificent-energy-493 Thank you. I’d be happy to talk or Slack with Tobias.
I’m US central time. What timezone is your team?
o

orange-needle-13244

12/09/2021, 6:03 PM
Hi Alan, good to meet you
f

fresh-ocean-48477

12/09/2021, 6:04 PM
Hello.
o

orange-needle-13244

12/09/2021, 6:04 PM
when would be a good time for you to catch up? We are CET
i can offer next week Monday or Tuesday at 6.30 pm CET
f

fresh-ocean-48477

12/09/2021, 6:06 PM
Monday’s great.
I have you on my calendar for 6:30 PM CST and, uh, 1:30 AM CET?
Whoa. Is that right?
Oh, wait.
Wrong.
👍 1
11:30 AM CST and 6:30 PM CET.
o

orange-needle-13244

12/09/2021, 6:09 PM
excellent, is there anyone else from your team joining? Just want to make sure i get the right people on the call
f

fresh-ocean-48477

12/09/2021, 6:10 PM
Probably just me.
o

orange-needle-13244

12/09/2021, 6:10 PM
ok, feel free to forward it in case you need to
f

fresh-ocean-48477

12/09/2021, 6:11 PM
I will.
Also, you’ll see that Robert and I have been ticking off a list up there, so that’s what I’ll be asking about.
And wait a minute, @microscopic-forest-58980, where did you find the RBAC? 😬
Guess I should add a user to my cloud account and see if it appears.
m

microscopic-forest-58980

12/09/2021, 6:13 PM
Oh - I am just extremely confident it does that. But I wasn't clear whether you meant RBAC on the users who it governs (ie your app's users), or the users of Ory who administrate it
Your number 4 is a great one - I assume you use Auth0's custom database connections (we do)
f

fresh-ocean-48477

12/09/2021, 6:14 PM
Users it governs.
👍 1
m

microscopic-forest-58980

12/09/2021, 6:15 PM
Yeah, for me in a modern, JWT claims sort of setting that's a given; your app just decides how to interpret the claims, which can be grouped into roles
I think that's Ory Keto
f

fresh-ocean-48477

12/09/2021, 6:17 PM
Kind of a demystification process. What you just said is what I believe to be true. The team seems to feel that Auth0 does something magical.
It’s like, “Yeah, but Apache does cookies!” “Uh, that’s not an Apache thing, that’s an HTTP thing.”
m

microscopic-forest-58980

12/09/2021, 6:22 PM
Auth0 does have roles and permissions built in these days (back when we set it up you had to use a hideous external plugin, so we need to migrate one day) so it does make it simple
f

fresh-ocean-48477

12/09/2021, 6:23 PM
Yeah, but if that’s all that’s missing, I might volunteer to patch it up. It strikes me as the part that people believe is application specific.
This bit is fuzzy, but all this stuff is fuzzy. I don’t know that my organization is using Auth0 for anything else than authorization.
👍 1
New product team wants to go big, though.