11
27 Comments

What authentication platform do you use?

I am researching multiple authentication platforms for an upcoming project, and was wondering what everyone is using for their projects and businesses?

  1. 8

    I have built my own twice in the past, and it's a lot of efforts not spent on the core business. I would advice against and try to find a service you like instead.
    I have been pleasantly surprised by Google Firebase Auth recently. So far I have only used it along other Firebase tools, but I think it's worth giving it a try even with your own backend.

    1. 1

      That's why I love using boring technology. I just use Devise with Rails and I'm done in 5 minutes.

    2. 1

      Absolutely this. You wouldn't write your own payment service, so why write your own authentication service? I'm actually going a step further and writing a whole SaaS starter kit that handles authentication, user admin, subscriptions & billing, etc. because I feel strongly that you should be spending as much time as possible on your core business, and writing yet another auth system (and having to handle all those edge cases yourself) is just a massive waste of your time and a slowdown of your business.

      1. 1

        This comment was deleted 3 years ago.

        1. 1

          I saw your product actually just the other day! I have you on my list of competitors. =) You might not be doing exactly the same thing, but it's definitely an option people can consider when trying to solve the problem.

          I'm happy to be in the same space with a lot of smart competition! I think there's a lot of room for a lot of different solutions here, and it reinforces the fact that there is a definite need for this kind of thing.

          I'm wishing you the best of luck, and I hope we both can help a whole bunch of people!

  2. 2

    I use django-allauth. It's the go-to auth package for the Django framework.

  3. 2

    Django's built in authentication features.

  4. 1

    We use HYPR Passwordless MFA. It removes passwords from the authentication flow entirely. It uses your biometric or security key (Yubikey) to authenticate us to the workstation, web apps & virtual desktops/private networks.

  5. 1

    Thanks everyone for your feedback! I will continue working through all the suggestions.

  6. 1

    Hi @Spdydve I am building an IAM platform, and I am thinking if it could match your needs. But first of, what do mean by authentication? Let me give few things to consider:

    • Which type of a project? For example, webapp (backend/frontend), mobile, ect.
    • Are login and registration needed?
    • Is multi-factor authentication required?
    • For how many users?
    • And are users consumers or business users?
    • Are users within some protected network or should it work in internet?
    • Do you plan to have user management (e.g. admin UI) or users self-managing their account?
    • Should users have account? (stretching the scope with authz)
    • Is there need for role-based access control?
    • Are you looking for a commercial (including freemium) hosted service or open-source self-hosted one?
    • How much you are willing to invest money or time authentication e.g. learning how Identity servers works and how to operate them?

    I think you might get better candidates if giving some more details.

  7. 1

    Google Firebase Auth is a way to go.

  8. 1

    Using SuperTokens for session management. Initially planned to used express sessions but then ended up discovering SuperTokens library through a blog post. You can check it here: https://medium.com/hackernoon/the-best-way-to-securely-manage-user-sessions-91f27eeef460

    You can check their website also if you interested: https://supertokens.io/

  9. 1

    We just tried Okta and found it to be weirdly complicated for even simple tasks. Ended up just stripping it out and building it myself. Takes little time once you've done it a couple times and was way faster than dealing with Okta.

  10. 1

    For the project I'm working on (a mobile app) I'm using Amazon Cognito. But I'm just going full aws stack for the backend, so that made the most sense.

  11. 1

    IdentityServer4. I love it.

  12. 1

    If you are deploying your own, I have used Keycloak. It’s quite big but it does everything out of the box, and is OIDC and SAML compliant. The default templates are pretty awful though. I’m now considering https://github.com/ory/hydra, as well as online services. Hydra looks good because it implements the challenging bits (OIDC) but not the user management bits, and is Apache licensed.

  13. 1

    +1 for Firebase Auth

    Been using it for multiple apps for some time now and it works great. Not only the authorization by the user but also things like passing and verifying ID token, etc.

  14. 1

    I am currently using Firebase and even though it works well and it's easy to integrate, I've became aware of the fact that they don't seem to provide a straight forward way of migrating your users somewhere else. It feels like all of these auth services simplify your dev flow at the cost of locking you in.

  15. 1

    I'm using Google Firebase Auth - it has plenty of docs, community, and tutorials on how to get up-to-speed and rolling really quickly. It usually takes a day or two, if not a few hours to set it up.

  16. 1

    I use Alpas built-in authentication scaffolding. Alpas also has a module for social authentication via Google, Twiiter, and such. Quick and easy.

  17. 1

    Google Firebase Auth works great for my app's needs.

  18. 1

    In the past I also built my own authentication but it can be very complicated, tricky and error prone. For my current project I decided to go with auth0.com and I am loving it so far! However, as indiepanda already said their UI and documentation is a bit overwhelming in the first place.

  19. 1

    I'm currently building a niche dating website, and this is one of the things I'm researching for. I'm using passportJS to start with and I'll probably build my own later.

  20. 1

    I have a startup that uses auth0, but to be honest i'm not very happy with it. Mainly because of poor documentation and their art of explaining simple things in a complex manner.
    If I had to choose again I would use my own, either with passport.js or custom built.
    In that control is very important.

  21. 1

    This comment was deleted 4 years ago.

  22. 2

    This comment was deleted 3 years ago.

    1. 1

      This boilerplate code looks great! About to check it out.

      1. 1

        This comment was deleted 3 years ago.

Trending on Indie Hackers
How I grew a side project to 100k Unique Visitors in 7 days with 0 audience 49 comments Competing with Product Hunt: a month later 33 comments Why do you hate marketing? 29 comments My Top 20 Free Tools That I Use Everyday as an Indie Hacker 17 comments $15k revenues in <4 months as a solopreneur 14 comments Use Your Product 13 comments