logoalt Hacker News

kommunicatetoday at 4:45 PM1 replyview on HN

Is keycloak still the only real game in town for open source authorization (not authentication; that part is totally fungible)?


Replies

vaishnavsmtoday at 4:51 PM

If you're willing to take the pain of setting up an actual authz model, I've found OpenFGA^ to be really nice. We used it to set up some pretty complex authz involving cross-agent/user/org creation and sharing of data. It's not _simple_, but it is effective.

It's Apache 2.0 and a CNCF incubating project.

[^] https://openfga.dev/

show 1 reply