HackerTrans
TopNewTrendsCommentsPastAskShowJobs

mffap

no profile record

Submissions

[untitled]

1 points·by mffap·5개월 전·0 comments

[untitled]

1 points·by mffap·11개월 전·0 comments

[untitled]

1 points·by mffap·11개월 전·0 comments

[untitled]

1 points·by mffap·12개월 전·0 comments

Zitadel's new login built with TypeScript

github.com
1 points·by mffap·작년·0 comments

Zitadel Supports SCIM

github.com
4 points·by mffap·작년·0 comments

[untitled]

1 points·by mffap·작년·0 comments

[untitled]

1 points·by mffap·2년 전·0 comments

Complete guide to identity federation with Google IDP [video]

youtube.com
2 points·by mffap·2년 전·0 comments

[untitled]

1 points·by mffap·2년 전·0 comments

Transforming Identity and Access Management with Event Sourcing

thenewstack.io
4 points·by mffap·2년 전·1 comments

Password Hashing Package for Go

github.com
15 points·by mffap·2년 전·2 comments

Authenticate with PHP Symfony Through OIDC

github.com
9 points·by mffap·2년 전·0 comments

Zitadel SDK and Client in Go

github.com
1 points·by mffap·3년 전·0 comments

B2B identity infrastructure written in Go

github.com
1 points·by mffap·3년 전·0 comments

Unified Go package for password hashing and swapping

github.com
4 points·by mffap·3년 전·0 comments

[untitled]

1 points·by mffap·3년 전·0 comments

Easy to use OpenID Connect client and server library written for Go

github.com
165 points·by mffap·3년 전·44 comments

comments

mffap
·2년 전·discuss
It's probably going to be vendor-specific or you will implement your own auth. At ZITADEL we decided to offer all the standards like OIDC and SAML, and offer a session API for more flexible auth scenarios. You will also be able to mix.
mffap
·2년 전·discuss
Hi HN, we're thrilled to announce that Zitadel just raised $9M in Series A funding! This will help us make Zitadel, our open source identity platform, even better for developers to build secure applications.

Zitadel simplifies user management, authentication, and authorization with built-in multi-tenancy, making it easy to manage users across different customers, departments, or organizations. This way, you can focus on what matters most: creating amazing products. We're also working on exciting new features like user activity monitoring, which will allow you to easily audit user behavior, build custom reports, and enhance security with tools to detect and react to threats.

We believe everyone deserves access to simple and secure identity solutions. Check out Zitadel and let us know what you think!
mffap
·2년 전·discuss
https://github.com/zitadel/zitadel
mffap
·2년 전·discuss
If you prefer an open source, and maybe more mature, alternative for multi tenant/b2b auth then have a look at https://zitadel.com (disclosure: work for zitadel)
mffap
·2년 전·discuss
Hey Adil. We're looking for a Go backend engineer and experience with cloud native architectures. Happy to connect. You can find the job here: https://zitadel.com/jobs
mffap
·2년 전·discuss
Depends on what you need. If you look for SSO or a turnkey solution for auth, then maybe have a look at https://github.com/zitadel/zitadel

Check out the community chat, there are many people having implemented auth for self hosted setups that can share some insights.
mffap
·2년 전·discuss
ZITADEL would be a good choice if you have multiple tenants and want delegate things like access management and configuring auth per tenant in self-service - that part comes out of the box with ZITADEL and could save you quite some development. I wanted to throw that in, because for the authentication part most solutions would match your requirements, but keep also authorization and auditability in mind.

That being said with ZITADEL you can also move between self-hosted and cloud: https://zitadel.com/docs/guides/migrate/sources/zitadel

ps: I'm biased (see bio).
mffap
·2년 전·discuss
Yes that's correct. Get a quote for your use case, if you are already running on higher numbers. Pricing might not fit all cases, that's why there's also an Enterprise tier.
mffap
·2년 전·discuss
All of these features are included. Main drivers for pricing in this case, I assume will be daily active users (sum over the month) and how many third-party identity providers you have configured. Unlimited tenants, users, permissions etc. are included. We use DAU instead of MAU, since there are many different use cases and that seems work quite well. Just take the MAU and multiply by how many times per month your users will sign-in. In the enterprise tier we offer more custom quotes for higher volumes, guarantee requirements, and support SLAs.
mffap
·2년 전·discuss
Have a look at ZITADEL (https://github.com/zitadel/zitadel or https://zitadel.com/), I think that does what you want. You can create multiple tenants (called Organizations) and you can setup security / login rules per organization such as enforcing MFA. Furthermore you can configure on each tenant a separate SSO and users are directly forwarded to their identity provider. When you first enter your username (could be an email) on the login screen, the policies of the user's organization will be applied. That allows you to route users based on their email domain etc. One additional thing to mention is that ZITADEL does not only handle authentication, but also authorization with self-service. Managers of an organization can, for example, assign users of their organization roles.
mffap
·2년 전·discuss
Nice to hear. Glad you like it. What was the winning thing for you?
mffap
·2년 전·discuss
That's true it requires its own db. Way forward will be postgres as db, which makes it hopefully easier to deploy alongside other tools.
mffap
·2년 전·discuss
If you look for 2FA with otp, email, sms and also passkeys foe self-hosting, then give zitadel a spin. All features are included in the open source version. Should also work nicely with docker compose + nginx. In case you have issues, join the chat. https://github.com/zitadel/zitadel
mffap
·2년 전·discuss
Between different algos or compared to other tools?
mffap
·2년 전·discuss
For RBAC, I see two main challenges. You need to make sure that you get all the roles for all client applications for a user to make a decision. That becomes a bit more complex if you go into scenarios where each tenant can also manage their own clients and roles. Secondly, complexity comes from the self-service to assign roles, ie. delegating access management to the tenants. You need to allow certain users to assign the roles to users in their organization, or in general manage their users. That authorization model has to be applied to the whole system, including APIs obviously.

Most solution solve the authentication part, so login with a local user or federated users via identity brokering (eg, OIDC/SAML via EntraID). The main selling point of ZITADEL is that it also solves the authorization, as mentioned above, across multiple tenants as well as the self-service aspect of delegating configuration of security policies and user management to "Managers" in the tenants. You get that out of the box, no development needed. You can read more here: https://zitadel.com/blog/multi-tenancy-with-organizations Also, you can self-host ZITADEL which is not available for all solutions, but is quite a selling point when talking to enterprise customers.

I think the b2b niche was already mentioned in this thread. But I don't think it is underserved, as many vendors jump onto that. Healthcare and Manufacturing are two sectors that are hard to crack with IAM for their special requirements. The tools I've seen are working but very expensive and customized. Yet also the two sectors are very traditional (read: on-prem AD) and need a lot of work if they want to move to more federated IAM systems.
mffap
·2년 전·discuss
One of the challenges we see is providing self-service for team management. That includes letting an admin assign roles to their users, manage user lifecycle (eg through sso), and setting up security policies. For sure you can build the basics, but it becomes complex later on if you manage a lot of tenants or or more enterprise customers. For Auth only there are many solutions out there that work great. There's only a few solutions with multi-tenancy at the core, though, like https://github.com/zitadel/zitadel
mffap
·3년 전·discuss
Thanks for sharing, interesting. But the named components in the article seem not to have received funding.
mffap
·3년 전·discuss
Is Germany funding the oss projects as well? Traditionally they have this mindset of free open source software, with a strong emphasis on free, while not factoring in the cost of maintaining a project. When the usage gets higher there should be a plan for sustainable progress and maintenance.