Hacker News new | ask | show | jobs
by grepfru_it 619 days ago
Keycloak or auth0. The app should support oauth2, if it does not it gets traefik-forward-auth (or whatever it’s called) to enforce mfa then you are in.

There are tons of open source projects to complete the self service experience, from sign up systems to self service password resets
2 comments
cpach 618 days ago
Is Keycloak really appropriate for a side-project? Seems quite complex AFAICT.
link
grepfru_it 618 days ago
you might be right. I also run freeipa on the backside to manage auth for all of my infra. Maybe I enjoy the flexibility.

For me the complexity only comes out when things malfunction. However, the MTBF outweighs the MTTR

link
hermanradtke 619 days ago
Keycloak has too many new major releases. It is a real pain to keep up with.
link
random_savv 618 days ago
Their version numbers are meaningless in that way. Most major up upgrades are non events
link
hermanradtke 618 days ago
They can, and do, introduce breaking changes in major releases. That is the issue.
link