Aserto helps you build secure applications. It makes it easy to add fine-grained, policy-based, real-time access control to your applications and APIs.
Aserto handles all the heavy lifting required to achieve secure, scalable, high-performance access management. It offers blazing-fast authorization of a local library coupled with a centralized control plane for managing policies, user attributes, resource and relationship data, and decision logs. And it comes with everything you need to implement RBAC, ABAC, and ReBACm or any other authorization model.
Take a look at our open-source projects: - Topaz.sh: a standalone authorizer you can deploy in your environment to add fine-grained access control to your applications. Topaz lets you combine OPA policies with Zanzibar’s data model for complete flexibility. - OpenPolicyContainers.com (OPCR) secures OPA policies across the lifecycle by adding the ability to tag, version, sign, and test these policies.
No features have been listed yet.
Based on our record, Keycloak seems to be more popular. It has been mentiond 4 times since March 2021. We are tracking product recommendations and mentions on various public social media platforms and blogs. They can help you identify which product is more popular and what people think of it.
Most of the time nowadays, I prefer offloading this to an identity provider, using OpenID Connect or soon Federated Credential Management (FedCM), even if that means shipping an identity provider as part of the deliverables (I generally go with Keycloak, with keycloak-config-cli to provision its configuration). I'm obviously biased though as I work in IT services, developping software mainly for... - Source: dev.to / 7 months ago
Yet another breach of Okta... Why are companies not running something like keycloak [1] themselves? Are administrative/maintenance costs too high or is it plausible deniability? [1] https://keycloak.org. - Source: Hacker News / 7 months ago
I'd stick with a solution like https://keycloak.org in that instance. Source: about 1 year ago
A few more projects in this space: - Keycloak (you won't get fired for picking this)[0] - CloudFoundry's UAA[1] - Gluu [2] - Keratin [3] - OpenUnison [4] - Dex[5] - Netlify's GoTrue[6] All of these solutions are a bit different but here are some of the axes: - Whether or not they function as an OAuth provider - Whether they're centered around application-user-login (email + password) or application auth (OAuth) or... - Source: Hacker News / over 3 years ago
Auth0 - Auth0 is a program for people to get authentication and authorization services for their own business use.
authzed - The platform to store, compute, and validate app permissions
Okta - Enterprise-grade identity management for all your apps, users & devices
Cerbos - Cerbos helps teams separate their authorization process from their core application code, making their authorization system more scalable, more secure and easier to change as the application evolves.
OneLogin - On-demand SSO, directory integration, user provisioning and more
Oso - A batteries-included system for authorization.