Alternatives to ORY Hydra logo

Alternatives to ORY Hydra

Keycloak, Dex, Auth0, Okta, and OpenSSL are the most popular alternatives and competitors to ORY Hydra.
18
121
+ 1
7

What is ORY Hydra and what are its top alternatives?

It is a self-managed server that secures access to your applications and APIs with OAuth 2.0 and OpenID Connect. It is OpenID Connect Certified and optimized for latency, high throughput, and low resource consumption.
ORY Hydra is a tool in the Security category of a tech stack.
ORY Hydra is an open source tool with 12.5K GitHub stars and 1.2K GitHub forks. Here’s a link to ORY Hydra's open source repository on GitHub

Top Alternatives to ORY Hydra

  • Keycloak
    Keycloak

    It is an Open Source Identity and Access Management For Modern Applications and Services. It adds authentication to applications and secure services with minimum fuss. No need to deal with storing users or authenticating users. It's all available out of the box. ...

  • Dex
    Dex

    Dex is a personal CRM that helps you build stronger relationships. Remember where you left off, keep in touch, and be more thoughtful -- all in one place. ...

  • Auth0
    Auth0

    A set of unified APIs and tools that instantly enables Single Sign On and user management to all your applications. ...

  • Okta
    Okta

    Connect all your apps in days, not months, with instant access to thousands of pre-built integrations - even add apps to the network yourself. Integrations are easy to set up, constantly monitored, proactively repaired and handle authentication and provisioning. ...

  • OpenSSL
    OpenSSL

    It is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It is also a general-purpose cryptography library. ...

  • Let's Encrypt
    Let's Encrypt

    It is a free, automated, and open certificate authority brought to you by the non-profit Internet Security Research Group (ISRG). ...

  • JSON Web Token
    JSON Web Token

    JSON Web Token is an open standard that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. This information can be verified and trusted because it is digitally signed. ...

  • Amazon Cognito
    Amazon Cognito

    You can create unique identities for your users through a number of public login providers (Amazon, Facebook, and Google) and also support unauthenticated guests. You can save app data locally on users’ devices allowing your applications to work even when the devices are offline. ...

ORY Hydra alternatives & related posts

Keycloak logo

Keycloak

509
975
71
An open source identity and access management solution
509
975
+ 1
71
PROS OF KEYCLOAK
  • 26
    It's a open source solution
  • 19
    Supports multiple identity provider
  • 12
    OpenID and SAML support
  • 7
    Easy customisation
  • 6
    JSON web token
  • 1
    Maintained by devs at Redhat
CONS OF KEYCLOAK
  • 4
    Okta
  • 3
    Poor client side documentation
  • 3
    Lack of Code examples for client side

related Keycloak posts

Joshua Dean Küpper
CEO at Scrayos UG (haftungsbeschränkt) · | 7 upvotes · 413K views

As the access to our global REST-API "Charon" is bound to OAuth2, we use Keycloak inside Quarkus to authenticate and authorize users of our API. It is not possible to perform any un-authenticated requests against this API, so we wanted to make really sure that the authentication/authorization component is absolutely reliable and tested. We found those attributes within Keycloak, so we used it.

See more
Shared insights
on
OktaOktaKeycloakKeycloak

I want some good advice on which one I should prefer. (Keycloak or Okta) Since Keycloak is open source, it will be our first preference, but do we face some limitations with this approach? And since our product is SAAS based and we support the following authentications at present. 1. AT DB level 2. 3rd part IDP providers 3. LDAP/AD...

See more
Dex logo

Dex

32
45
0
Integrated, modern rolodex that helps you make the most of your network
32
45
+ 1
0
PROS OF DEX
    Be the first to leave a pro
    CONS OF DEX
      Be the first to leave a con

      related Dex posts

      Auth0 logo

      Auth0

      1.1K
      1.8K
      213
      Token-based Single Sign On for your Apps and APIs with social, databases and enterprise identities
      1.1K
      1.8K
      + 1
      213
      PROS OF AUTH0
      • 67
        JSON web token
      • 31
        Integration with 20+ Social Providers
      • 20
        It's a universal solution
      • 20
        SDKs
      • 14
        Amazing Documentation
      • 11
        Heroku Add-on
      • 8
        Enterprise support
      • 7
        Great Sample Repos
      • 7
        Extend platform with "rules"
      • 4
        Azure Add-on
      • 3
        Easy integration, non-intrusive identity provider
      • 3
        Passwordless
      • 2
        It can integrate seamlessly with firebase
      • 2
        Ruby
      • 2
        Great documentation, samples, UX and Angular support
      • 2
        Polished
      • 2
        On-premise deployment
      • 1
        SAML Support
      • 1
        Will sign BAA for HIPAA-compliance
      • 1
        OpenID Connect (OIDC) Support
      • 1
        Active Directory support
      • 1
        MFA
      • 1
        SOC2
      • 1
        Great support
      • 1
        Springboot
      • 0
        A';P[];Æ`/
      CONS OF AUTH0
      • 14
        Pricing too high (Developer Pro)
      • 7
        Poor support
      • 4
        Status page not reflect actual status
      • 3
        Rapidly changing API

      related Auth0 posts

      Stephen Gheysens
      Senior Solutions Engineer at Twilio · | 14 upvotes · 623.4K views

      Hi Otensia! I'd definitely recommend using the skills you've already got and building with JavaScript is a smart way to go these days. Most platform services have JavaScript/Node SDKs or NPM packages, many serverless platforms support Node in case you need to write any backend logic, and JavaScript is incredibly popular - meaning it will be easy to hire for, should you ever need to.

      My advice would be "don't reinvent the wheel". If you already have a skill set that will work well to solve the problem at hand, and you don't need it for any other projects, don't spend the time jumping into a new language. If you're looking for an excuse to learn something new, it would be better to invest that time in learning a new platform/tool that compliments your knowledge of JavaScript. For this project, I might recommend using Netlify, Vercel, or Google Firebase to quickly and easily deploy your web app. If you need to add user authentication, there are great examples out there for Firebase Authentication, Auth0, or even Magic (a newcomer on the Auth scene, but very user friendly). All of these services work very well with a JavaScript-based application.

      See more

      Hey all, We're currently weighing up the pros & cons of using Firebase Authentication vs something more OTB like Auth0 or Okta to manage end-user access management for a consumer digital content product. From what I understand so far, Something like Firebase Auth would require more dev effort but is likely to cost less overall, whereas OTB, you have a UI-based console which makes config by non-technical business users easier to manage. Does anyone else have any intuitions or experiences they could share on this, please? Thank you!

      See more
      Okta logo

      Okta

      334
      713
      59
      Enterprise-grade identity management for all your apps, users & devices
      334
      713
      + 1
      59
      PROS OF OKTA
      • 12
        REST API
      • 9
        SAML
      • 5
        OIDC OpenID Connect
      • 5
        User Provisioning
      • 5
        Easy LDAP integration
      • 4
        API Access Management - oAuth2 as a service
      • 4
        Universal Directory
      • 4
        Protect B2E, B2B, B2C apps
      • 3
        SSO, MFA for cloud, on-prem, custom apps
      • 3
        Easy Active Directory integration
      • 3
        Tons of Identity Management features
      • 1
        SWA applications Integration
      • 1
        SOC2
      CONS OF OKTA
      • 4
        Pricing is too high
      • 1
        Okta verify (Multi-factor Authentication)

      related Okta posts

      Hey all, We're currently weighing up the pros & cons of using Firebase Authentication vs something more OTB like Auth0 or Okta to manage end-user access management for a consumer digital content product. From what I understand so far, Something like Firebase Auth would require more dev effort but is likely to cost less overall, whereas OTB, you have a UI-based console which makes config by non-technical business users easier to manage. Does anyone else have any intuitions or experiences they could share on this, please? Thank you!

      See more
      OpenSSL logo

      OpenSSL

      10.6K
      4.9K
      0
      Full-featured toolkit for the Transport Layer Security and Secure Sockets Layer protocols
      10.6K
      4.9K
      + 1
      0
      PROS OF OPENSSL
        Be the first to leave a pro
        CONS OF OPENSSL
          Be the first to leave a con

          related OpenSSL posts

          Simon Reymann
          Senior Fullstack Developer at QUANTUSflow Software GmbH · | 29 upvotes · 4.2M views

          Our whole DevOps stack consists of the following tools:

          • GitHub (incl. GitHub Pages/Markdown for Documentation, GettingStarted and HowTo's) for collaborative review and code management tool
          • Respectively Git as revision control system
          • SourceTree as Git GUI
          • Visual Studio Code as IDE
          • CircleCI for continuous integration (automatize development process)
          • Prettier / TSLint / ESLint as code linter
          • SonarQube as quality gate
          • Docker as container management (incl. Docker Compose for multi-container application management)
          • VirtualBox for operating system simulation tests
          • Kubernetes as cluster management for docker containers
          • Heroku for deploying in test environments
          • nginx as web server (preferably used as facade server in production environment)
          • SSLMate (using OpenSSL) for certificate management
          • Amazon EC2 (incl. Amazon S3) for deploying in stage (production-like) and production environments
          • PostgreSQL as preferred database system
          • Redis as preferred in-memory database/store (great for caching)

          The main reason we have chosen Kubernetes over Docker Swarm is related to the following artifacts:

          • Key features: Easy and flexible installation, Clear dashboard, Great scaling operations, Monitoring is an integral part, Great load balancing concepts, Monitors the condition and ensures compensation in the event of failure.
          • Applications: An application can be deployed using a combination of pods, deployments, and services (or micro-services).
          • Functionality: Kubernetes as a complex installation and setup process, but it not as limited as Docker Swarm.
          • Monitoring: It supports multiple versions of logging and monitoring when the services are deployed within the cluster (Elasticsearch/Kibana (ELK), Heapster/Grafana, Sysdig cloud integration).
          • Scalability: All-in-one framework for distributed systems.
          • Other Benefits: Kubernetes is backed by the Cloud Native Computing Foundation (CNCF), huge community among container orchestration tools, it is an open source and modular tool that works with any OS.
          See more
          Let's Encrypt logo

          Let's Encrypt

          1.6K
          955
          94
          A free, automated, and open Certificate Authority (CA)
          1.6K
          955
          + 1
          94
          PROS OF LET'S ENCRYPT
          • 46
            Open Source SSL
          • 30
            Simple setup
          • 9
            Free
          • 9
            Microservices
          • 0
            Easy ssl certificates
          CONS OF LET'S ENCRYPT
            Be the first to leave a con

            related Let's Encrypt posts

            JSON Web Token logo

            JSON Web Token

            866
            245
            0
            A JSON-based open standard for creating access tokens
            866
            245
            + 1
            0
            PROS OF JSON WEB TOKEN
              Be the first to leave a pro
              CONS OF JSON WEB TOKEN
                Be the first to leave a con

                related JSON Web Token posts

                Repost

                Overview: To put it simply, we plan to use the MERN stack to build our web application. MongoDB will be used as our primary database. We will use ExpressJS alongside Node.js to set up our API endpoints. Additionally, we plan to use React to build our SPA on the client side and use Redis on the server side as our primary caching solution. Initially, while working on the project, we plan to deploy our server and client both on Heroku . However, Heroku is very limited and we will need the benefits of an Infrastructure as a Service so we will use Amazon EC2 to later deploy our final version of the application.

                Serverside: nodemon will allow us to automatically restart a running instance of our node app when files changes take place. We decided to use MongoDB because it is a non relational database which uses the Document Object Model. This allows a lot of flexibility as compared to a RDMS like SQL which requires a very structural model of data that does not change too much. Another strength of MongoDB is its ease in scalability. We will use Mongoose along side MongoDB to model our application data. Additionally, we will host our MongoDB cluster remotely on MongoDB Atlas. Bcrypt will be used to encrypt user passwords that will be stored in the DB. This is to avoid the risks of storing plain text passwords. Moreover, we will use Cloudinary to store images uploaded by the user. We will also use the Twilio SendGrid API to enable automated emails sent by our application. To protect private API endpoints, we will use JSON Web Token and Passport. Also, PayPal will be used as a payment gateway to accept payments from users.

                Client Side: As mentioned earlier, we will use React to build our SPA. React uses a virtual DOM which is very efficient in rendering a page. Also React will allow us to reuse components. Furthermore, it is very popular and there is a large community that uses React so it can be helpful if we run into issues. We also plan to make a cross platform mobile application later and using React will allow us to reuse a lot of our code with React Native. Redux will be used to manage state. Redux works great with React and will help us manage a global state in the app and avoid the complications of each component having its own state. Additionally, we will use Bootstrap components and custom CSS to style our app.

                Other: Git will be used for version control. During the later stages of our project, we will use Google Analytics to collect useful data regarding user interactions. Moreover, Slack will be our primary communication tool. Also, we will use Visual Studio Code as our primary code editor because it is very light weight and has a wide variety of extensions that will boost productivity. Postman will be used to interact with and debug our API endpoints.

                See more

                Overview: To put it simply, we plan to use the MERN stack to build our web application. MongoDB will be used as our primary database. We will use ExpressJS alongside Node.js to set up our API endpoints. Additionally, we plan to use React to build our SPA on the client side and use Redis on the server side as our primary caching solution. Initially, while working on the project, we plan to deploy our server and client both on Heroku. However, Heroku is very limited and we will need the benefits of an Infrastructure as a Service so we will use Amazon EC2 to later deploy our final version of the application.

                Serverside: nodemon will allow us to automatically restart a running instance of our node app when files changes take place. We decided to use MongoDB because it is a non relational database which uses the Document Object Model. This allows a lot of flexibility as compared to a RDMS like SQL which requires a very structural model of data that does not change too much. Another strength of MongoDB is its ease in scalability. We will use Mongoose along side MongoDB to model our application data. Additionally, we will host our MongoDB cluster remotely on MongoDB Atlas. Bcrypt will be used to encrypt user passwords that will be stored in the DB. This is to avoid the risks of storing plain text passwords. Moreover, we will use Cloudinary to store images uploaded by the user. We will also use the Twilio SendGrid API to enable automated emails sent by our application. To protect private API endpoints, we will use JSON Web Token and Passport. Also, PayPal will be used as a payment gateway to accept payments from users.

                Client Side: As mentioned earlier, we will use React to build our SPA. React uses a virtual DOM which is very efficient in rendering a page. Also React will allow us to reuse components. Furthermore, it is very popular and there is a large community that uses React so it can be helpful if we run into issues. We also plan to make a cross platform mobile application later and using React will allow us to reuse a lot of our code with React Native. Redux will be used to manage state. Redux works great with React and will help us manage a global state in the app and avoid the complications of each component having its own state. Additionally, we will use Bootstrap components and custom CSS to style our app.

                Other: Git will be used for version control. During the later stages of our project, we will use Google Analytics to collect useful data regarding user interactions. Moreover, Slack will be our primary communication tool. Also, we will use Visual Studio Code as our primary code editor because it is very light weight and has a wide variety of extensions that will boost productivity. Postman will be used to interact with and debug our API endpoints.

                See more
                Amazon Cognito logo

                Amazon Cognito

                521
                782
                33
                Securely manage and synchronize app data for your users across their mobile devices
                521
                782
                + 1
                33
                PROS OF AMAZON COGNITO
                • 14
                  Backed by Amazon
                • 7
                  Manage Unique Identities
                • 3
                  Work Offline
                • 3
                  MFA
                • 2
                  Store and Sync
                • 1
                  It works
                • 1
                  Integrate with Google, Amazon, Twitter, Facebook, SAML
                • 1
                  SDKs and code samples
                • 1
                  Free for first 50000 users
                CONS OF AMAZON COGNITO
                • 3
                  Massive Pain to get working
                • 2
                  Login-UI sparsely customizable (e.g. no translation)
                • 2
                  Documentation often out of date
                • 1
                  MFA: there is no "forget device" function
                • 1
                  Hard to find expiration times for tokens/codes
                • 1
                  Lacks many basic features
                • 1
                  There is no "Logout" method in the API
                • 1
                  No recovery codes for MFA
                • 1
                  Difficult to customize (basic-pack is more than humble)
                • 1
                  Only paid support
                • 1
                  Docs are vast but mostly useless

                related Amazon Cognito posts

                I'm starting a new React Native project and trying to decide on an auth provider. Currently looking at Auth0 and Amazon Cognito. It will need to play nice with a Django Rest Framework backend.

                See more