- It works and does the job. I appreciate that we got this piece of tech for free when we needed with quickly.
- The doc is clearly written in a way to steer you toward their cloud (fair enough everybody needs to eat). Setting things up is not straight forward even after years of using it.
- Backend driven UI is just weird.
- The founder used to be very opinionated on some things but let bigger issues "rot", better now that they have grown as a business.
- The fact that they wont do SAML in kratos cause its part of their cloud thing and they bought another business speaks volume to me. OSS for ory is a growth strategy, their enterprise version cloud is also not the same as the OSS one.
For OAuth2 we considered Hydra but decided to build it ourselves since we want to host on prem and want to reduce moving parts. We will also likely end up replacing kratos eventually.
TLDR it is a good tech to consider instead of building it yourself. It makes sense for B2C freemium products since all other providers charge per seat. But its not the easiest to setup.
Oh my. The list of supported things is so long I just assumed it would obviously support SAML. That’s a big blind spot and possibly a deal breaker if somebody is looking for a versatile option.
Ory Kratos itself doesn't support SAML that is correct.
However the newest addition to the Ory ecosystem, called Ory Polis (formerly known as BoxyHQ) does close that gap.
It is also Apache2 licensed, do check it out here: https://github.com/ory/polis
- It works and does the job. I appreciate that we got this piece of tech for free when we needed with quickly.
- The doc is clearly written in a way to steer you toward their cloud (fair enough everybody needs to eat). Setting things up is not straight forward even after years of using it.
- Backend driven UI is just weird.
- The founder used to be very opinionated on some things but let bigger issues "rot", better now that they have grown as a business.
- The fact that they wont do SAML in kratos cause its part of their cloud thing and they bought another business speaks volume to me. OSS for ory is a growth strategy, their enterprise version cloud is also not the same as the OSS one.
For OAuth2 we considered Hydra but decided to build it ourselves since we want to host on prem and want to reduce moving parts. We will also likely end up replacing kratos eventually.
TLDR it is a good tech to consider instead of building it yourself. It makes sense for B2C freemium products since all other providers charge per seat. But its not the easiest to setup.