Open Source Authentication Solutions

OAuth

Before I proceed, let’s have a short look how OAuth works:

  • OAuth Clients: That’s your typical web application which offers a login via 3rd parties like Google and Facebook
  • OAuth Servers / Providers: That is an identity provider like e.g. Google or Facebook

What OAuth means in my case

If I would just add OAuth client functionality to my apps, then users could use e.g. their Google Account for all my apps, but my apps wouldn’t be connected with each other. Every single app would be displayed as 3rd party on the Google website, and every single app would need to authenticate with Google.

Backend-as-a-Service (BaaS)

In the modern world, solutions like Supabase, PocketBase, Firebase, Appwrite or Parse Server are getting used more and more. One of the reasons is because they handle authentication for you.

OpenID Connect / OAuth2 Servers

Maybe you have already heard of applications like Keycloak, Ory Hydra, ZITADEL and SuperTokens. These are all auth providers which basically allow you to become some Identity provider like Google yourself.

  • You will never have to create a user table again
  • Login isn’t different for every app, but handled by one service only
  • If users are logged into your main provider, then all your client applications don’t need the user to enter username and password again
  • Modern auth servers support passwordless auth like FaceID, TouchID or Windows Hello

Keycloak

One of the oldest and most famous auth servers. Complicated and written in Java.

Ory Hydra

Modern, written in Go but still complicated in my opinion (Ory provides multiple packages for their auth solutions and it is hard to figure out which of them you need and how to configure them)

ZITADEL

Modern, written in GoLang and in my opinion the one which is easiest to understand.

SuperTokens

Another open source auth server written in Java.

Summary

When I began exploring open source authentication solutions, I was thinking maybe some BaaS platform would help me. After figuring out what I wanted, it was clear that Backend-as-a-Service providers aren’t a solution for me and I had to look at a completely different kind of software category.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Christoph Miksche

Christoph Miksche

Software Developer and Investor from Germany. Writing about Software, Tech and Investments.