I’m currently using Authelia to authenticate for some of my self hosted services. It works fine, but the limited user backends (ldap or… yaml??) make me want to look for an alternative.
Authentik seems good, but after looking at their website I get the feeling of imminent enshitification, where they’re going to either pull the rug on the open source version, or basically gatekeep essential features behind an enterprise license.
So, for those using Authentik, how has your experience been so far?
You can try VoidAuth, it is kinda similar to Authelia+lldap. I am the developer and I created it because I wasn’t satisfied with Authelia’s user management. If you decide you want to try it and run into any issues or questions I will try to help :)
I like the motivation behind this, but have a allergy to running critical infrastructure like authentication on node.
To each their own, though, and good luck with the project. Diversity is life.
Thanks! I’ll check it out
I just switched from Authelia to PocketID No good reason. Mainly because Authelia was a bit convoluted and I needed something very basic.
Authentik has done the opposite of enshittification. As they’ve gotten more successful, they’ve taken enterprise features and moved them into the community edition. I’ve been extremely happy with Authentik so far and the dev has been nothing short of fantastic every time I’ve seen them interacting with the community.
Why don’t you like LDAP? OpenLDAP is a PITA (necessarily, I guess, to be considered “enterprise”), but lldap has been pretty nice to me. I mean, it’s the identity protocol, it’s just that the server software has been complex until relatively recently.
What would you use instead? A SQL DB with some custom schema, that just re-invents LDAP?
Take this with a grain of salt because I haven’t started using this yet, but I am planning on using pocket id on my personal server
https://github.com/pocket-id/pocket-id
Seems to do what I want it to do
There’s also Zitadel: https://zitadel.com/
I tried it before authelia, and it felt like an unfinished product. Nice looking, but there were weird issues, like you could create projects (or apps? i don’t remember) through the UI, but then if you wanted to delete them you had to use the API. The hierarchy of resources also didn’t really feel intuitive to me. But that’s just personal preference. I’ve been testing out authentik today and I really like it. I like that the UI works great, but there’s also a terraform provider to manage things declaratively.
I very much enjoy authentik. Great tool. Lots of great documentation.
I am using authelia as well for some time. At some point I was looking into kanidm. It looked promising, but never got into actually using it. I never figured out though, whether they support forward header auth.
On paper I should love Authelia, I’m a sucker for y’all configured services, I can write a couple of files on my Ansible and boom, everything works… However I never had much luck setting Authelia up, Authentik on the other hand was very painless (albeit) manual (via UI) configuration. I don’t do anything crazy, so any of them would work for me though, I just failed on setting Authelia and tried Authentik and had had no reason to change.
Authentik can be configured through terraform
Authelia + lldap(lightweight ldap) has been a really nice and powerful setup that negates the need for authentik for me. Authelia and authentik have diffrent goals tho, authelia is by design less powerfull and has a much smaller code base so that independent teams can audit the code themselves and a “set and forget” type configuration. Authentik is targeted at being an enterprise solution with all the bells and whistles. If you need those bells and whistles and dont want to use authentik try looking at keycloak (which also needs an ldap backend)
How about zitadel as an option?
