Alternatives to Devise logo

Alternatives to Devise

Active Admin, OmniAuth, Auth0, JSON Web Token, and Keycloak are the most popular alternatives and competitors to Devise.
412
231
+ 1
56

What is Devise and what are its top alternatives?

Devise is a flexible authentication solution for Rails based on Warden
Devise is a tool in the User Management and Authentication category of a tech stack.
Devise is an open source tool with GitHub stars and GitHub forks. Here’s a link to Devise's open source repository on GitHub

Top Alternatives to Devise

  • Active Admin
    Active Admin

    Active Admin is a Ruby on Rails framework for creating elegant backends for website administration. ...

  • OmniAuth
    OmniAuth

    OmniAuth is a Ruby authentication framework aimed to abstract away the difficulties of working with various types of authentication providers. It is meant to be hooked up to just about any system, from social networks to enterprise systems to simple username and password authentication. ...

  • Auth0
    Auth0

    A set of unified APIs and tools that instantly enables Single Sign On and user management to all your applications. ...

  • Keycloak
    Keycloak

    It is an Open Source Identity and Access Management For Modern Applications and Services. It adds authentication to applications and secure services with minimum fuss. No need to deal with storing users or authenticating users. It's all available out of the box. ...

  • JSON Web Token
    JSON Web Token

    JSON Web Token is an open standard that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. This information can be verified and trusted because it is digitally signed. ...

  • Amazon Cognito
    Amazon Cognito

    You can create unique identities for your users through a number of public login providers (Amazon, Facebook, and Google) and also support unauthenticated guests. You can save app data locally on users’ devices allowing your applications to work even when the devices are offline. ...

  • OAuth2
    OAuth2

    It is an authorization framework that enables a third-party application to obtain limited access to an HTTP service, either on behalf of a resource owner by orchestrating an approval interaction between the resource owner and the HTTP service, or by allowing the third-party application to obtain access on its own behalf. ...

  • Spring Security
    Spring Security

    It is a framework that focuses on providing both authentication and authorization to Java applications. The real power of Spring Security is found in how easily it can be extended to meet custom requirements. ...

Devise alternatives & related posts

Active Admin logo

Active Admin

70
74
11
The administration framework for Ruby on Rails applications
70
74
+ 1
11
PROS OF ACTIVE ADMIN
  • 6
    Customizable
  • 3
    Easy Integration
  • 2
    Powerful Admin Portal
CONS OF ACTIVE ADMIN
    Be the first to leave a con

    related Active Admin posts

    OmniAuth logo

    OmniAuth

    234
    150
    9
    OmniAuth is a flexible authentication system utilizing Rack middleware.
    234
    150
    + 1
    9
    PROS OF OMNIAUTH
    • 6
      Easy Social Login
    • 3
      Free
    CONS OF OMNIAUTH
      Be the first to leave a con

      related OmniAuth posts

      Jerome Dalbert
      Principal Backend Software Engineer at StackShare · | 5 upvotes · 385.8K views
      Shared insights
      on
      OmniAuthOmniAuthDeviseDeviseRubyRuby
      at

      We use OmniAuth with Devise to authenticate users via Twitter, GitHub, Bitbucket and Gitlab. Adding a new OmniAuth authentication provider is basically as easy as adding a new Ruby gem!

      The only drawback I could see is that your OmniAuth+Devise OmniauthCallbacksController redirection logic can easily get hairy over time. So you have to be vigilant to keep it in check.

      See more
      Auth0 logo

      Auth0

      1.3K
      2K
      214
      Token-based Single Sign On for your Apps and APIs with social, databases and enterprise identities
      1.3K
      2K
      + 1
      214
      PROS OF AUTH0
      • 69
        JSON web token
      • 31
        Integration with 20+ Social Providers
      • 20
        It's a universal solution
      • 20
        SDKs
      • 15
        Amazing Documentation
      • 11
        Heroku Add-on
      • 8
        Enterprise support
      • 7
        Great Sample Repos
      • 7
        Extend platform with "rules"
      • 4
        Azure Add-on
      • 3
        Easy integration, non-intrusive identity provider
      • 3
        Passwordless
      • 2
        It can integrate seamlessly with firebase
      • 2
        Great documentation, samples, UX and Angular support
      • 2
        Polished
      • 2
        On-premise deployment
      • 1
        Will sign BAA for HIPAA-compliance
      • 1
        MFA
      • 1
        Active Directory support
      • 1
        Springboot
      • 1
        SOC2
      • 1
        SAML Support
      • 1
        Great support
      • 1
        OpenID Connect (OIDC) Support
      CONS OF AUTH0
      • 15
        Pricing too high (Developer Pro)
      • 7
        Poor support
      • 4
        Rapidly changing API
      • 4
        Status page not reflect actual status

      related Auth0 posts

      Stephen Gheysens
      Lead Solutions Engineer at Inscribe · | 14 upvotes · 1.8M views

      Hi Otensia! I'd definitely recommend using the skills you've already got and building with JavaScript is a smart way to go these days. Most platform services have JavaScript/Node SDKs or NPM packages, many serverless platforms support Node in case you need to write any backend logic, and JavaScript is incredibly popular - meaning it will be easy to hire for, should you ever need to.

      My advice would be "don't reinvent the wheel". If you already have a skill set that will work well to solve the problem at hand, and you don't need it for any other projects, don't spend the time jumping into a new language. If you're looking for an excuse to learn something new, it would be better to invest that time in learning a new platform/tool that compliments your knowledge of JavaScript. For this project, I might recommend using Netlify, Vercel, or Google Firebase to quickly and easily deploy your web app. If you need to add user authentication, there are great examples out there for Firebase Authentication, Auth0, or even Magic (a newcomer on the Auth scene, but very user friendly). All of these services work very well with a JavaScript-based application.

      See more

      Hey all, We're currently weighing up the pros & cons of using Firebase Authentication vs something more OTB like Auth0 or Okta to manage end-user access management for a consumer digital content product. From what I understand so far, Something like Firebase Auth would require more dev effort but is likely to cost less overall, whereas OTB, you have a UI-based console which makes config by non-technical business users easier to manage. Does anyone else have any intuitions or experiences they could share on this, please? Thank you!

      See more
      Keycloak logo

      Keycloak

      689
      1.3K
      102
      An open source identity and access management solution
      689
      1.3K
      + 1
      102
      PROS OF KEYCLOAK
      • 33
        It's a open source solution
      • 24
        Supports multiple identity provider
      • 17
        OpenID and SAML support
      • 12
        Easy customisation
      • 10
        JSON web token
      • 6
        Maintained by devs at Redhat
      CONS OF KEYCLOAK
      • 7
        Okta
      • 6
        Poor client side documentation
      • 5
        Lack of Code examples for client side

      related Keycloak posts

      Shared insights
      on
      OktaOktaKeycloakKeycloakGitHubGitHub

      Hello,

      I'm trying to implement a solution for this situation:

      There is a restaurant in which users can access RestAPI, using Google, Facebook, GitHub. There is even the possibility to login inside using the SPID authentication. In the first case I was considering Keycloak as a better solution for this case, but then i've read about Okta and its pros.

      I cannot understand reading and searching on Google if SPID authentication is supported by OKTA. Looks like to be, because it should be using SAML, but I haven't found a clear solution.

      See more
      Joshua Dean Küpper
      CEO at Scrayos UG (haftungsbeschränkt) · | 7 upvotes · 792.1K views

      As the access to our global REST-API "Charon" is bound to OAuth2, we use Keycloak inside Quarkus to authenticate and authorize users of our API. It is not possible to perform any un-authenticated requests against this API, so we wanted to make really sure that the authentication/authorization component is absolutely reliable and tested. We found those attributes within Keycloak, so we used it.

      See more
      JSON Web Token logo

      JSON Web Token

      631
      352
      0
      A JSON-based open standard for creating access tokens
      631
      352
      + 1
      0
      PROS OF JSON WEB TOKEN
        Be the first to leave a pro
        CONS OF JSON WEB TOKEN
          Be the first to leave a con

          related JSON Web Token posts

          Repost

          Overview: To put it simply, we plan to use the MERN stack to build our web application. MongoDB will be used as our primary database. We will use ExpressJS alongside Node.js to set up our API endpoints. Additionally, we plan to use React to build our SPA on the client side and use Redis on the server side as our primary caching solution. Initially, while working on the project, we plan to deploy our server and client both on Heroku . However, Heroku is very limited and we will need the benefits of an Infrastructure as a Service so we will use Amazon EC2 to later deploy our final version of the application.

          Serverside: nodemon will allow us to automatically restart a running instance of our node app when files changes take place. We decided to use MongoDB because it is a non relational database which uses the Document Object Model. This allows a lot of flexibility as compared to a RDMS like SQL which requires a very structural model of data that does not change too much. Another strength of MongoDB is its ease in scalability. We will use Mongoose along side MongoDB to model our application data. Additionally, we will host our MongoDB cluster remotely on MongoDB Atlas. Bcrypt will be used to encrypt user passwords that will be stored in the DB. This is to avoid the risks of storing plain text passwords. Moreover, we will use Cloudinary to store images uploaded by the user. We will also use the Twilio SendGrid API to enable automated emails sent by our application. To protect private API endpoints, we will use JSON Web Token and Passport. Also, PayPal will be used as a payment gateway to accept payments from users.

          Client Side: As mentioned earlier, we will use React to build our SPA. React uses a virtual DOM which is very efficient in rendering a page. Also React will allow us to reuse components. Furthermore, it is very popular and there is a large community that uses React so it can be helpful if we run into issues. We also plan to make a cross platform mobile application later and using React will allow us to reuse a lot of our code with React Native. Redux will be used to manage state. Redux works great with React and will help us manage a global state in the app and avoid the complications of each component having its own state. Additionally, we will use Bootstrap components and custom CSS to style our app.

          Other: Git will be used for version control. During the later stages of our project, we will use Google Analytics to collect useful data regarding user interactions. Moreover, Slack will be our primary communication tool. Also, we will use Visual Studio Code as our primary code editor because it is very light weight and has a wide variety of extensions that will boost productivity. Postman will be used to interact with and debug our API endpoints.

          See more

          Overview: To put it simply, we plan to use the MERN stack to build our web application. MongoDB will be used as our primary database. We will use ExpressJS alongside Node.js to set up our API endpoints. Additionally, we plan to use React to build our SPA on the client side and use Redis on the server side as our primary caching solution. Initially, while working on the project, we plan to deploy our server and client both on Heroku. However, Heroku is very limited and we will need the benefits of an Infrastructure as a Service so we will use Amazon EC2 to later deploy our final version of the application.

          Serverside: nodemon will allow us to automatically restart a running instance of our node app when files changes take place. We decided to use MongoDB because it is a non relational database which uses the Document Object Model. This allows a lot of flexibility as compared to a RDMS like SQL which requires a very structural model of data that does not change too much. Another strength of MongoDB is its ease in scalability. We will use Mongoose along side MongoDB to model our application data. Additionally, we will host our MongoDB cluster remotely on MongoDB Atlas. Bcrypt will be used to encrypt user passwords that will be stored in the DB. This is to avoid the risks of storing plain text passwords. Moreover, we will use Cloudinary to store images uploaded by the user. We will also use the Twilio SendGrid API to enable automated emails sent by our application. To protect private API endpoints, we will use JSON Web Token and Passport. Also, PayPal will be used as a payment gateway to accept payments from users.

          Client Side: As mentioned earlier, we will use React to build our SPA. React uses a virtual DOM which is very efficient in rendering a page. Also React will allow us to reuse components. Furthermore, it is very popular and there is a large community that uses React so it can be helpful if we run into issues. We also plan to make a cross platform mobile application later and using React will allow us to reuse a lot of our code with React Native. Redux will be used to manage state. Redux works great with React and will help us manage a global state in the app and avoid the complications of each component having its own state. Additionally, we will use Bootstrap components and custom CSS to style our app.

          Other: Git will be used for version control. During the later stages of our project, we will use Google Analytics to collect useful data regarding user interactions. Moreover, Slack will be our primary communication tool. Also, we will use Visual Studio Code as our primary code editor because it is very light weight and has a wide variety of extensions that will boost productivity. Postman will be used to interact with and debug our API endpoints.

          See more
          Amazon Cognito logo

          Amazon Cognito

          590
          895
          34
          Securely manage and synchronize app data for your users across their mobile devices
          590
          895
          + 1
          34
          PROS OF AMAZON COGNITO
          • 14
            Backed by Amazon
          • 7
            Manage Unique Identities
          • 4
            Work Offline
          • 3
            MFA
          • 2
            Store and Sync
          • 1
            Free for first 50000 users
          • 1
            It works
          • 1
            Integrate with Google, Amazon, Twitter, Facebook, SAML
          • 1
            SDKs and code samples
          CONS OF AMAZON COGNITO
          • 4
            Massive Pain to get working
          • 3
            Documentation often out of date
          • 2
            Login-UI sparsely customizable (e.g. no translation)
          • 1
            Docs are vast but mostly useless
          • 1
            MFA: there is no "forget device" function
          • 1
            Difficult to customize (basic-pack is more than humble)
          • 1
            Lacks many basic features
          • 1
            There is no "Logout" method in the API
          • 1
            Different Language SDKs not compatible
          • 1
            No recovery codes for MFA
          • 1
            Hard to find expiration times for tokens/codes
          • 1
            Only paid support

          related Amazon Cognito posts

          I'm starting a new React Native project and trying to decide on an auth provider. Currently looking at Auth0 and Amazon Cognito. It will need to play nice with a Django Rest Framework backend.

          See more
          OAuth2 logo

          OAuth2

          588
          625
          0
          An open standard for access delegation
          588
          625
          + 1
          0
          PROS OF OAUTH2
            Be the first to leave a pro
            CONS OF OAUTH2
              Be the first to leave a con

              related OAuth2 posts

              Joshua Dean Küpper
              CEO at Scrayos UG (haftungsbeschränkt) · | 7 upvotes · 792.1K views

              As the access to our global REST-API "Charon" is bound to OAuth2, we use Keycloak inside Quarkus to authenticate and authorize users of our API. It is not possible to perform any un-authenticated requests against this API, so we wanted to make really sure that the authentication/authorization component is absolutely reliable and tested. We found those attributes within Keycloak, so we used it.

              See more
              Isaac Ogunleye
              Backend Developer at Coast research Institute · | 5 upvotes · 270.9K views
              Shared insights
              on
              PassportPassportOAuth2OAuth2

              My teammates and I are arguing on which library to use for our local and social authentication in our express app between OAuth2 and Passport. I went for Passport cause I personally like it, and it seems easier to implement with good docs, but some of my teammates think it's less secure than OAuth2. So any advice please would be appreciated. Thanks 🙏🏻

              See more
              Spring Security logo

              Spring Security

              537
              583
              6
              A powerful and highly customizable authentication and access-control framework
              537
              583
              + 1
              6
              PROS OF SPRING SECURITY
              • 3
                Easy to use
              • 3
                Java integration
              CONS OF SPRING SECURITY
                Be the first to leave a con

                related Spring Security posts