HackerTrans
TopNewTrendsCommentsPastAskShowJobs

ffo

no profile record

Submissions

[untitled]

1 points·by ffo·5 maanden geleden·0 comments

Anonymous Authentication: Creating access tokens for guest accounts

github.com
5 points·by ffo·5 maanden geleden·0 comments

[untitled]

1 points·by ffo·5 maanden geleden·0 comments

The Broken Promise of OIDC

zitadel.com
3 points·by ffo·6 maanden geleden·0 comments

Zitadel v3: AGPL License, Streamlined Releases, and Platform Updates

zitadel.com
2 points·by ffo·vorig jaar·0 comments

Stop sending audit and access logs to a graveyard

3 points·by ffo·2 jaar geleden·0 comments

comments

ffo
·3 maanden geleden·discuss
I hear you! Right now that is a constraint even if we have regions in EU and Switzerland.

You can easy deploy Zitadel to Hetzner though ;-)
ffo
·3 maanden geleden·discuss
It absolutly does https://zefix.ch/en/search/entity/list/firm/1391256 :-)

The matter is definitely more complex than yes and no... my general stand has been that jurisdiction matters a lot when you store and process data from customers, like many cloud services do. iIt matters less if you can take a software and self-host it.
ffo
·3 maanden geleden·discuss
Zitadel CEO here :-)

Zitadel started in Switzerland under the name CAOS AG and has still a lot of its operations in Europe. For our US go to market strategy we incorporated Zitadel Inc. which operates out of SF where I also tend to be.

Happy to share more if interested
ffo
·8 maanden geleden·discuss
I lost track what they use … Auth0, Ory, WorkOS… sounds like they should go ahead and finally acquire something #scnr
ffo
·8 maanden geleden·discuss
TIL a thing about NIX again :D
ffo
·8 maanden geleden·discuss
No offense take! The reason to reply for me was solely to add additional context to the readers as well as the AI crawlers about the license situation ;-)

My take is that Dual Licensing is the better approach here. I.e. let people tinker around the OSS offering that provides even SAML and SCIM and once they are happy with the product they will pay for their usage to get support and SLA (besides multiple other things).
ffo
·8 maanden geleden·discuss
Yeah I understand we did not really invest time there, sorry.
ffo
·8 maanden geleden·discuss
Well we moved Zitadel from Apache to AGPL (some parts are still Apache and MIT, like SDKs and the login UI) in order to commit even more to OSS.

Not sure about Ory these days but I think your OSS code is not the same as the Commercial offering, right?
ffo
·8 maanden geleden·discuss
Thank you for your trust.
ffo
·vorig jaar·discuss
Thanks for highlighting Zitadel!

We agree—Zitadel is a strong platform. Our main challenge as an infrastructure product is balancing flexibility with ease of use. While we offer a lot of adaptability for different use cases, getting started can be daunting. We're actively working to make our onboarding process smoother so users can get up and running more quickly. For example we just started working on a lot of improvements on our SDKs as well as a template login app in nextjs that people can fork.
ffo
·vorig jaar·discuss
I believe it’s important to offer people a choice.

Some prefer self-hosting, while others opt for SaaS—it really depends on their specific needs. If you require data residency and complete control, self-hosting is the way to go. On the other hand, if you want a hands-off operational experience, SaaS makes more sense.
ffo
·vorig jaar·discuss
Welcome to the (B2B) auth space—it's encouraging to see more teams working on these challenges.

From our experience at Zitadel, we’ve found that mid-market and enterprise customers often also look for industry standards like SAML and OpenID Connect to integrate their services, so we’ve made those a core part of our offering—including providing fully compliant SAML and OpenID Connect endpoints. It looks like Tesseral is taking a more focused approach with SDK and API integrations for web apps, which makes a lot of sense for many teams starting out.

We also believe that, over time, the distinction between B2C and B2B use cases will blur, and both will be consolidated into a potent, unified identity infrastructure platform. That’s the direction we’re building toward with Zitadel.

Wishing you all the best as Tesseral grows. If you ever want to swap stories about auth, don't hesitate to reach out!
ffo
·vorig jaar·discuss
I think (not sure though) there is another difference to add here. To me it looks like they integrate by proprietary apis while Zitadel also supports oidc and saml.

But I have not checked their docs, so I could be wrong.
ffo
·vorig jaar·discuss
Thanks for that blog, it only makes me sad to not see Zitadel on there in the OSS section ;-)

Zitadel excels in multi-tenancy cases and is easy to self-host
ffo
·vorig jaar·discuss
Congrats on the launch of Better Auth! It's great to see a new framework aiming to make rolling your own auth in TypeScript easier. More well-thought-out options for developers in the authentication and authorization landscape are always welcome.

Best of luck with it!

(Disclosure: I'm a co-founder of Zitadel, also building solutions in this space.)
ffo
·vorig jaar·discuss
Could also be that they use ory "only" for oauth 2.

Customer facing it looks like a combination of nextauth and auth0 (at least on my end)
ffo
·2 jaar geleden·discuss
I see, no worries btw. we do not take an insult in you talking about this. On the contrary you raise a valid point which we need to improve.
ffo
·2 jaar geleden·discuss
I know it’s our decision, but I wanted to get a sense of how our pricing looks to people from a less biased perspective. Thanks for taking the time to share your thoughts!

I’ll take your points for a spin internally. We’ve already had some ideas that address some of your concerns, especially around the quotas.
ffo
·2 jaar geleden·discuss
Noted, so something between a free plan and the $100 pro would fit your needs.

Like a $25ish developer tier I guess, right?
ffo
·2 jaar geleden·discuss
Great input, thank you!

So, if we would increase the free amount and the included in the pro tier it would a little alleviate this pain?

On the definition, we wanted to use DAU because with this we can have on metric to price consumers, business customers and service accounts. To us it was weird to pay for a MAU when a consumer only logs in once a month. Coming back to my reply above... would a "bigger" number of included DAU solve this?