https://www.ory.sh/ logo
Join Slack
Powered by
Hello, everybody. I’m evaluating Ory Kratos/Hydra ...
# general
f
Hello, everybody. I’m evaluating Ory Kratos/Hydra as an alternative to Auth0. Was going to get started by installing from Kratos from Helm and I’m not making a lot of progress. Hoping that I’m missing something obvious. Would appreciate any feedback you could give me.
The two pods from the StatefulSet and Deployment are coming up, but neither of them are happy with the database.
At this point I believe I need to run a migration as a separate step.
m
Hey Alan, glad to hear that! Also check out the #self-hosted channel for questions/answers around selfdeploying Ory!
m
We're also using Auth0 (and AD B2C a bit) and I'm always keeping an eye out for people's experiences migrating. Love to hear more as you get more experience with ory.
f
Actually, I’m wondering if you have a sales representative at this point.
Or, rather, if Ory has one.
m
So that's interesting to me also - if I were migrating and was on slack with the core devs I'd consider that superior to speaking to a salesperson. What are you hitting?
(If you don't mind me asking)
f
Had a conversation with the team that produced a short list of features that a solution ought to have… 1. Email verification blocks registration. 2. Invitations. 3. RBAC. 4. JWT with custom claims pulled (as opposed to set through an API.) 5. Google sign-on (which I know Kratos has.)
We’re using Auth0 and Firebase and moving to Auth0 to for a new project where we tried Firebase and saw that we had to write a lot of UI/UX code.
m
f
Robert, these guys might owe you a comission.
😂 1
Thanks that is very helpful. I take it from what I’ve read, that Kratos doesn’t do any email templating. It give you the links you the links you need and provides a flow.
m
I imagine so
Personally I'd use Sendgrid or similar and keep templates there
f
I’m okay with that.
m
And just have Ory orchestrate
f
Yeah. The login flow was copy-and-paste react. We’d have to CSS Auth0 anyway.
m
Yep.
m
Thanks Robert 🙌 This is all correct! We also have a managed offering called Ory Cloud, if you dont want to forgo all the set up& deployment. Currently offering Ory Kratos self-service APIs and we are working on integrating Keto & Hydra soon, which would cover the rest of your requirements. Currently you can run Keto & Hydra as sidecar to Ory Cloud or go full self-hosted. Check out Ory Cloud, we want to build it as a convenient and price efficient way to run Ory software. https://console.ory.sh/registration You can also speak to @orange-needle-13244 he is taking care of the business side of things 🙂
👍 1
m
One day I will come knocking for a discount 😄
🥰 2
f
@magnificent-energy-493 Thank you. I’d be happy to talk or Slack with Tobias.
I’m US central time. What timezone is your team?
o
Hi Alan, good to meet you
f
Hello.
o
when would be a good time for you to catch up? We are CET
i can offer next week Monday or Tuesday at 6.30 pm CET
f
Monday’s great.
I have you on my calendar for 6:30 PM CST and, uh, 1:30 AM CET?
Whoa. Is that right?
Oh, wait.
Wrong.
👍 1
11:30 AM CST and 6:30 PM CET.
o
excellent, is there anyone else from your team joining? Just want to make sure i get the right people on the call
f
Probably just me.
o
ok, feel free to forward it in case you need to
f
I will.
Also, you’ll see that Robert and I have been ticking off a list up there, so that’s what I’ll be asking about.
And wait a minute, @microscopic-forest-58980, where did you find the RBAC? 😬
Guess I should add a user to my cloud account and see if it appears.
m
Oh - I am just extremely confident it does that. But I wasn't clear whether you meant RBAC on the users who it governs (ie your app's users), or the users of Ory who administrate it
Your number 4 is a great one - I assume you use Auth0's custom database connections (we do)
f
Users it governs.
👍 1
m
Yeah, for me in a modern, JWT claims sort of setting that's a given; your app just decides how to interpret the claims, which can be grouped into roles
I think that's Ory Keto
f
Kind of a demystification process. What you just said is what I believe to be true. The team seems to feel that Auth0 does something magical.
It’s like, “Yeah, but Apache does cookies!” “Uh, that’s not an Apache thing, that’s an HTTP thing.”
m
Auth0 does have roles and permissions built in these days (back when we set it up you had to use a hideous external plugin, so we need to migrate one day) so it does make it simple
f
Yeah, but if that’s all that’s missing, I might volunteer to patch it up. It strikes me as the part that people believe is application specific.
This bit is fuzzy, but all this stuff is fuzzy. I don’t know that my organization is using Auth0 for anything else than authorization.
👍 1
New product team wants to go big, though.
Open in Slack
PreviousNext
Powered by