eclipse-apoapsis / ort-server

A scalable server implementation of the OSS Review Toolkit.
https://eclipse-apoapsis.github.io/ort-server/
Apache License 2.0
19 stars 8 forks source link

Add abstraction for auth provider (Keycloak) #504

Open mmurto opened 4 months ago

mmurto commented 4 months ago

There are many good alternatives to Keycloak that administrators may prefer - nice modern open source examples being ZITADEL and the Ory stack.

It would be great to have the auth provider abstracted to allow for different providers based on ogranization needs and preferences.

mnonnenmacher commented 4 months ago

@mmurto Would you actually prefer to switch to another provider or is this more a theoretical use case?

mmurto commented 4 months ago

@mmurto Would you actually prefer to switch to another provider or is this more a theoretical use case?

Personally I would prefer, as we have no previous ties to Keycloak. I've got good experience of ZITADEL, and it for example supports organizations much more natively than Keycloak. The built in UI is also quite a lot more modern (though that may be personal preference) and, most importantly, it supports user avatars out of the box. :D

Both ZITADEL and Ory also have cloud offerings directly from the developers, which can be a good options for smaller teams.