Perhaps a little petty, but I dislike that about half of the readme, at the beginning no less, is an AI generated image. I dislike images in readmes in general, and this one doesn't even provide any value.
I guess there's maybe an argument for this out there for sufficiently large paranoid companies that would rather own something in house, but would also rather collaborate on an auth system than build one from scratch (something like if Google wanted to adopt a new auth system for some reason).
The other use case (other than people/companies with NIH), might be government or other similarly high risk systems, where they'd rather have a dedicated system rather than a sort of unknown risk of someone else running it (not that I think it would necessarily be more secure in practice).
That said, I feel like on premises deployment of something like auth0 might be closer to what those people would want, rather than something relatively untested.
They will charge you an arm and a leg, and to top it off, Okta (owned by Auth0) was hacked multiple times in the past couple of years.
These hosted solutions are also very tricky (not sure if even possible) if you need to ship your software for companies to host in their own cloud environment.
Perhaps a little petty, but I dislike that about half of the readme, at the beginning no less, is an AI generated image. I dislike images in readmes in general, and this one doesn't even provide any value.
not related: A map of torii around the world (6 days ago - 49 comments) https://news.ycombinator.com/item?id=43141966
I don't know that sovereignty is what a lot of apps want for this kind of hazmat data, which is why Cognito and Auth0 are so popular.
I guess there's maybe an argument for this out there for sufficiently large paranoid companies that would rather own something in house, but would also rather collaborate on an auth system than build one from scratch (something like if Google wanted to adopt a new auth system for some reason).
The other use case (other than people/companies with NIH), might be government or other similarly high risk systems, where they'd rather have a dedicated system rather than a sort of unknown risk of someone else running it (not that I think it would necessarily be more secure in practice).
That said, I feel like on premises deployment of something like auth0 might be closer to what those people would want, rather than something relatively untested.
They will charge you an arm and a leg, and to top it off, Okta (owned by Auth0) was hacked multiple times in the past couple of years.
These hosted solutions are also very tricky (not sure if even possible) if you need to ship your software for companies to host in their own cloud environment.
[dead]