|
|
|
|
|
|
by xyst
1158 days ago
|
|
|
The value is always decreased costs in managing itself, “cleaning self of security breaches” but like you said the trade off is that it’s a single point of failure. If that company becomes defunct or a security issue arises (ie, poorly implemented specs or malicious employee) then your company is now racing to migrate off. Personally, I would rather manage it myself. I have found an open source system called Ory which allows you to fully customize the identity, federated identity support with other components (ie, act as your own IdP), highly scalable, offers ACLs, support for multi factor authentication, social login, and can fully customize the login experience to your liking. I manage the deployment, upgrades, and monitoring through a series of helm charts and k8s. Their system is so efficient it can run entirely on a single node k8s cluster (ie, dev machine with minikube). Not going to lie, it’s definitely a lot of work but worth the trade off. No longer have to burn $$$ while testing simple flows in my apps. |
|
|