Readit News logoReadit News
aeneas_ory commented on Cloudlflare builds OAuth with Claude and publishes all the prompts   github.com/cloudflare/wor... · Posted by u/gregorywegory
aeneas_ory · 3 months ago
Very impressive, and at the same time very scary because who knows what security issues are hidden beneath the surface. Not even Claude knows! There is very reliable tooling like https://github.com/ory/hydra readily available that has gone through years of iteration and pentests. There are also lots of libraries - even for NodeJS - that have gone through certification.

In my view this is an antipattern of AI usage and „roll your own crypto“ reborn.

aeneas_ory commented on Show HN: Tesseral – Open-Source Auth   github.com/tesseral-labs/... · Posted by u/ucarion
d0100 · 3 months ago
When Ory came out I was excited because they have a solid product that is made in Go, however their lack of multi-tenancy that didn't require setting up servers for each tenant made them a non-starter

I just had to implement 2FA on our homegrown auth, and I can't wait to replace it with Tesseral

aeneas_ory · 3 months ago
To put this into some context: Ory as a product has grown a lot since then, and while it‘s not possible to have „logical user-pool multi-tenancy“ (logical in the sense that it‘s not running multiple instances) on the open source core alone, it certainly is possible on any of the paid-for options!

And generally speaking , there are a couple of examples out there that use the OSS core for multi-tenancy with the deployment scenario, but usually for a finite amount of tenants.

Our thinking behind this is that mostly direct competitors would need true multi tenancy, where every tenant has their own user pools, configs, URLs and so on.

aeneas_ory commented on Show HN: Tesseral – Open-Source Auth   github.com/tesseral-labs/... · Posted by u/ucarion
aeneas_ory · 3 months ago
Congrats on the launch Ulysse - impressive what you have been able to spin up with limited resources! Greetings from Ory :)
aeneas_ory commented on OpenAI uses open source Ory to authenticate over 400M weekly active users   ory.sh/blog/openai-oauth2... · Posted by u/aeneas_ory
gtirloni · 5 months ago
Apparently Firefox is blocked `Failed to verify your browser - Vercel Security Checkpoint`.
aeneas_ory · 5 months ago
Resolved, Vercel thought we are being DDoS’ed!
aeneas_ory commented on OpenAI uses open source Ory to authenticate over 400M weekly active users   ory.sh/blog/openai-oauth2... · Posted by u/aeneas_ory
apitman · 5 months ago
From what I can tell, Ory is a high quality auth stack capable of scaling up.

If you're looking for something a bit simpler to work with for indiehosting use cases, I maintain a list here:

https://github.com/lastlogin-net/obligator?tab=readme-ov-fil...

aeneas_ory · 5 months ago
The list is really helpful for people to navigate, and here is additional context to the complexity topic :)

If you use our managed services (https://console.ory.sh), it is easy to set up and scale because we have a bunch of defaults, UIs, and the security stuff all set up already.

If you run it completely on your own, which does require some skill especially in terms of (security) incident response, it is more work because you have to figure out a few pieces yourself (the stack is agnostic to the environment).

We have an option for self hosting with all the stuff we have built for the SaaS, but it only makes sense for businesses of a certain size.

Complexity also depends on how many services you combine, some people try to use everything at once and it's overwhelming.

What’s making Ory complex for people who do it by themselves, is that Ory is 3 different API first products that work stand alone or in concert. To wire this up, one requires understanding of every service. Here it is easier to spin up a cloud account, or use an alternate project which is e.g. just one docker container.

aeneas_ory commented on OpenAI uses open source Ory to authenticate over 400M weekly active users   ory.sh/blog/openai-oauth2... · Posted by u/aeneas_ory
doctorpangloss · 5 months ago
Maybe you guys should make it possible to add passwords to any account, including a Google authed one.

Like I get Keycloak is complicated but it is also very useful.

aeneas_ory · 5 months ago
That is definitely possible when you use our identity product, which is also open source: https://github.com/ory/kratos

There you can combine all authentication methods in any shape or form you wish!

aeneas_ory commented on OpenAI uses open source Ory to authenticate over 400M weekly active users   ory.sh/blog/openai-oauth2... · Posted by u/aeneas_ory
mintplant · 5 months ago
Funny, OpenAI is one site where I've noticed that the login is kinda wonky. Every so often it just randomly fails, gets stuck, gets caught in a redirect loop... That may not be Ory's fault, but unfortunately this may not be the ringing endorsement they were hoping for.
aeneas_ory · 5 months ago
If you could share a HAR file (stripped of credentials of course) or a screenshot of your network tab when it happens, we'd love to take a look and figure out what's going on! If it's reproducible even better.

You can send it to aeneas at ory.sh. It may not be OAuth2 related, and I'd like to make sure.

a

u/aeneas_ory

KarmaCake day77April 19, 2023
About
Founder and CTO of Ory, an open source company. Visit us at https://github.com/ory

---

meet.hn/city/48.1371079,11.5753822/Munich

Socials: - github.com/aeneasr - linkedin.com/in/aeneasr

Interests: AI/ML, Cybersecurity, Entrepreneurship, Hacking, Open Source, Startups

---

View Original