What is your opinion on ORY, specifically ORY Kratos? We have been building on Kratos for some time now and find that it is not super well documented, but it is still a very pleasant experience and their ORY Cloud project is backed by support from their team.
How does Zitadel differ/compare? Do you have similar goals as an organization?
Well to keep it brief, we see it the following way. Use:
- ZITADEL: If you want turnkey solution built for the cloud with a great support for B2B, a strong audit trail and self-hosting, but also the option for SaaS
- Ory: If you want flexibility to customize all the stuff but are aware that it is not as turnkey as ZITADEL and Keycloak
- Keycloak: If you want turnkey with a high maturity and a lot of features but some lack in regard to B2B, cloud native and support
This more or less reflects my opinion about Ory. I like the way they built their suite because its totally flexible. But it dislike the fact that it does not feel like a turnkey solution and needs some more work than plugin in a OIDC client.
So what we think and aim for is that ZITADEL combines the best of Auth0 and Keycloak [1] while bringing some unique features to the table. For example an unlimited audit trail (built with event sourcing), great self-service capabilities for B2B and B2C cases (customers can manage their own org, user, federation, access) and the possibility to soon run "serverless" (well at least as serverless container). With our cloud service we also allow customer soon to move their data around (see data location [2]). And all of this while being totally open source.
Looks nice, but the CockroachDB dependency is kinda a pain for people not already using that. Any plans for alternative db support, like Maria or Postgres?
If CockroachDB supports the PG wire protocol and appears to be a functional subset of PG then in theory we might be able to just point it at a PG database and it might work :)
I too would prefer to use PG than Cockroach, if only because I have ops experience with PG. But Cockroach is certainly intriguing.
Thank, we hear you! Currently we are discussing two things for this subject.
1) We think providing an embedded DB of some kind for easy to use cases with ZITADEL might be favourable to some of you (think Sqlite or an embedded CockroachDB )
2) To allow plain Postgresql besides CockroachDB should be an easy thing to do since we already make use of PG wire protocol. We plan to address this in a 2.X release
What do you think of this? Or what DB would on your Wishlist?
Thanks for taking the time to answer everyone's questions, and for asking me this one.
My own personal preference would be if you could please support PG, because in that case I could be confident of going into production with what I configure, even if it's less scaleable than CockroachDB. I'd really prefer to be learning about how Zitadel works, rather than learning CDB or trying to remember sqlite cli commands.
I'm happy to give CDB a spin once Zitadel 2.0 comes out, but it will add to the burden of onboarding it into my stack, and I'd think that's something you'd like to avoid going forward :)
I would love to have the embedded db option as well.
Reason: for demos on conferences but more importantly in a training/workshop or Tutorial scenario it should be easy to get it running and let students replicate the setup. I assume that this can be a nice multiplier and is underrated by many „modern“ projects. (Elastic apm 8.x: I am looking at you)
Make sense, thank you for the answer! I do think the turnkey solution middleground is badly needed and I'm excited to see where ZITADEL goes. We've already committed heavily to Ory on this project, but maybe on the next one we'll be able to explore ZITADEL!
That's really surprising to me. I've been building some things with Ory Kratos myself and I find the documentation pretty good. There's definitely room for improvement but I'm typically able to find what I need pretty easily. I certainly find it much more usable than the Keycloak docs.
How does Zitadel differ/compare? Do you have similar goals as an organization?