Software Alternatives, Accelerators & Startups
Register | Login

IdentityServer VS IndieAuth

Compare IdentityServer VS IndieAuth and see what are their differences

ComplyCube
Verify your customers in under 15 seconds anywhere in the world with a cutting-edge SaaS & API platform for Identity Verification and AML/KYC compliance. featured
Contents:
  1. » Base Details
  2. » Videos
  3. » Reviews
  4. » Alternatives

IdentityServer logo IdentityServer

An open-source, standards-compliant, and flexible OpenID Connect and OAuth 2.x framework for ASP.NET Core

IndieAuth logo IndieAuth

IndieAuth is a way to use your own domain name to sign in to websites.
  • IdentityServer Landing page
    Landing page //
    2023-02-03
  • IndieAuth Landing page
    Landing page //
    2019-04-19

IdentityServer features and specs

  • Open Source Foundation
    IdentityServer is built on an open-source foundation. It has been widely used and developed by a community, ensuring transparency, reliability, and continuous improvements.
  • Comprehensive Protocol Support
    It supports industry standards such as OpenID Connect and OAuth 2.0, which are essential for authentication and authorization processes.
  • Customizability
    IdentityServer offers high levels of customizability, allowing developers to tailor authentication and authorization features to specific application needs.
  • Enterprise-Ready
    Designed to handle complex enterprise scenarios with robust performance and scalability options suitable for large-scale applications.
  • Strong Security Features
    Includes several security mechanisms to protect sensitive data, such as secure token storage and advanced encryption options.
  • Comprehensive Documentation
    Provides extensive documentation and resources, helping developers to implement and troubleshoot the server effectively in their systems.

Possible disadvantages of IdentityServer

  • Licensing Cost
    Since its transition from IdentityServer4 to a non-OSS model under Duende Software, organizations need to purchase a license for commercial use, impacting budget-conscious projects.
  • Complexity
    Can be complex to set up and configure properly, especially for teams that are new to security protocols like OAuth and OpenID Connect.
  • Maintenance Overhead
    Requires ongoing maintenance and updates to ensure security and compatibility with evolving protocols, which can be resource-intensive.
  • Potential Overhead for Small Projects
    May be overkill for smaller projects or teams that do not require robust authentication systems, where simpler solutions might suffice.
  • Community vs. Commercial Transition
    The switch from a community-driven open-source project to a commercial product may alienate previous users who relied on its open-source nature.

IndieAuth features and specs

  • Decentralization
    IndieAuth is built on open web standards, allowing users to maintain control over their identity. It doesn't rely on centralized identity providers, reducing dependence on major tech companies and avoiding their potential limitations or policies.
  • User Control
    Users authenticate by using their own domain, preserving their autonomy and ownership over their online identity. This personal control aligns with the principles of the IndieWeb movement, promoting self-hosted identity solutions.
  • Interoperability
    IndieAuth is compatible with existing OAuth 2.0 standards, enabling seamless integration with various applications and services while supporting new, decentralized protocols.
  • Simplicity
    It simplifies the authentication process for both users and developers by using straightforward standards and protocols, making the implementation relatively user-friendly and less complex.

Possible disadvantages of IndieAuth

  • Limited Adoption
    Despite its advantages, IndieAuth has not been widely adopted compared to major authentication providers, which can limit its utility and presence in mainstream applications.
  • Technical Complexity for End Users
    For users without technical expertise, setting up and managing an IndieAuth-enabled identity can be challenging, as it may require domain ownership and configuration knowledge.
  • Lack of Ecosystem Features
    Compared to large identity providers like Google or Facebook, IndieAuth does not offer an extensive network or additional services (e.g., user analytics, security features), which some developers might find limiting.
  • Security Reliance on User Setup
    The security of an IndieAuth identity is often dependent on the user's domain and server configuration, which can vary widely in quality and robustness, potentially introducing vulnerabilities.

IdentityServer videos

+ Add

Federated Identity: An intro to OAuth2, Open Id Connect & Duende IdentityServer 5 | Anthony Nguyen

More videos:

  • Review - There's an IdentityServer in my API project - Anders Abel

IndieAuth videos

+ Add

OSB2014 - Aaron Parecki - OAuth, IndieAuth, and the Future of Authorization APIs

Category Popularity

0-100% (relative to IdentityServer and IndieAuth)

IdentityServer

IndieAuth

Identity Provider
80 80%
Identity Provider
20% 20
Identity And Access Management
70 70%
Identity And Access Management
30% 30
Security & Privacy
0 0%
Security & Privacy
100% 100
SSO
100 100%
SSO
0% 0

User comments

Share your experience with using IdentityServer and IndieAuth. For example, how are they different and which one is better?
Log in or Post with

Reviews

These are some of the external sources and on-site user reviews we've used to compare IdentityServer and IndieAuth

IdentityServer Reviews

10+ Open-source Single-Sign On (SSO) Solutions
If you are looking for a certified and complaint system to OpenID Foundation, with .Net technologies, then IdentityServer is your answer.
Source: medevel.com
Top 5 Open Source Single Sign-On Software In the Year 2021
IdentityServer is an open source free single sign-on software. It is a cross-platform framework based on OpenID Connect and OAuth 2. Further, this open source software provides central authentication and authorization capabilities for multiple applications. It supports federated identities, multiple flows, and API authorization. Moreover, this self hosting software enables...
Source: blog.containerize.com

IndieAuth Reviews

We have no reviews of IndieAuth yet.
Be the first one to post

Social recommendations and mentions

Based on our record, IdentityServer should be more popular than IndieAuth. It has been mentiond 7 times since March 2021. We are tracking product recommendations and mentions on various public social media platforms and blogs. They can help you identify which product is more popular and what people think of it.

IdentityServer mentions (7)

  • Identity server 4
    Its deprecated in favor of Duende Identityserver which introduced a license model. Source: over 1 year ago
  • How does cookie based authentication work?
    Tokens usually have a lifetime and they are separate from the user's authentication principals like username and password. Unless you are rolling your own form of token provider (not something that would be recommended) the token creation is handled for you. Take a look at https://identityserver4.readthedocs.io/en/latest/ or if your organization makes under 1M in income a year the free version of what Identity... Source: over 2 years ago
  • ImageSharp leaving the .NET Foundation due to licensing change
    I think Duende (Identity Server) handled the situation pretty well. https://duendesoftware.com/products/identityserver > Standard License Pricing. - Source: Hacker News / over 2 years ago
  • Why is authentication such a sh*t show with .NET 6?
    He's referring to IdentityServer 3/4, which was open sourced, and was not owned by Microsoft. That 3rd party is commercializing their work (and to be fair, it's a lot of work) as https://duendesoftware.com/products/identityserver , and has a different commercial licensing model. Source: almost 3 years ago
  • Show HN: Open-Source Identity Server Written in Go (Ory Kratos)
    I think "Identity Provider" is more correct, no? "IdentityServer" is the name of a specific IdP implemented in .NET (formerly OSS as https://identityserver4.readthedocs.io/en/latest, and now as a more commercial form as Duende IdentityServer: https://duendesoftware.com/products/identityserver). - Source: Hacker News / almost 3 years ago
View more

IndieAuth mentions (2)

  • Democratizing social media, with the freedom of moving around platforms freely
    IndieAuth[1] is a slick DNS-based approach. Maybe offering that as a service would be a nice alternative. I point my DNS to you, and you handle authentication for everything that uses IndieAuth. If you go away or I don't like what you're doing then I can point my DNS to someone else offering that service and I retain the same DNS identity, and ability to use it to login anywhere I've set it up as my identity.... - Source: Hacker News / over 2 years ago
  • Show HN: Login with HN (Unofficially)
    This is interesting but doing it the other way around - HN using something like IndieAuth[0] to verify user account identities without holding PII on the site itself - might be even more useful. [0]https://indieauth.com/. - Source: Hacker News / over 3 years ago

What are some alternatives?

When comparing IdentityServer and IndieAuth, you can also consider the following products

Keycloak - Open Source Identity and Access Management for modern Applications and Services.

OAuth - OAuth is an open standard for authorization. It allows users to share their private resources (e.g.

ASP.NET Identity - ASP.NET Identity is a membership-based software system designed for the authentication and authorization of the users via building an ASP.NET application.

OpenID - OpenID is a safe, faster and easier way to log in to web sites.

DotNetOpenAuth - DotNetOpenAuth is a free-to-use compiled library that comes with the real support to your site visitor to login with the help of openIDs via getting control of the ASP.NET control onto the page.

Portier - An email-based, passwordless authentication service that you can host yourself.

Loading...