Readit News logoReadit News
fheisler commented on Okta's NextJS-0auth troubles   joshua.hu/ai-slop-okta-ne... · Posted by u/ramimac
dizhn · a month ago
https://goauthentik.io/#comparison

They have an enterprise version now (mostly for support and bleeding edge features that later make it into the open source product.)

It's pretty easy to self host. I have been doing it for a small site for years and I couldn't even get any other open source solution to work. They are mostly huge with less features.

fheisler · a month ago
Thanks for the mention! (Authentik Security CEO here.) We've become something of Okta migration experts at this point... Cloudflare moved to us a couple years back after they had to be the ones to let Okta know it'd been breached yet again. [1]

[1] https://blog.cloudflare.com/how-cloudflare-mitigated-yet-ano...

fheisler commented on AWS multiple services outage in us-east-1   health.aws.amazon.com/hea... · Posted by u/kondro
AndrewKemendo · 2 months ago
Correct. That does make it a centralized failure mode and everyone is in the same boat on that.

I’m unaware of any common and popular distributed IDAM that is reliable

fheisler · 2 months ago
Not sure if this counts fully as 'distributed' here, but we (Authentik Security) help many companies self-host authentik multi-region or in (private cloud + on-prem) to allow for quick IAM failover and more reliability than IAMaaS.

There's also "identity orchestration" tools like Strata that let you use multiple IdPs in multiple clouds, but then your new weakest link is the orchestration platform.

fheisler commented on Ask HN: Who is hiring? (June 2025)    · Posted by u/whoishiring
fheisler · 7 months ago
Authentik Security | Senior Engineer | US | REMOTE (anywhere) | Full-time

Authentik Security (https://goauthentik.io) is the company behind authentik (https://github.com/goauthentik/authentik), an open source identity provider with 1M+ unique installations. Help us replace Okta/Auth0, Ping Identity, and Microsoft Entra with modern, secure identity for all!

We are a small remote team, looking to scale up with experienced software engineers, primarily with a backend focus. Bonus points if you have significant experience with identity/SSO standards and/or Django/Python.

There is also the opportunity to be "forward deployed" spending 20%+ of time with enterprise customers (remotely) on configuration best practices and rollout strategies, _if_ that is of interest to the right candidate.

To apply, please use: https://forms.gle/NYXH4E19LUohbpmJA

fheisler commented on Evolving OpenAI's Structure   openai.com/index/evolving... · Posted by u/rohitpaulk
everybodyknows · 8 months ago
> transition to a Public Benefit Corporation

Can some business person give us a summary on PBCs vs. alternative registrations?

fheisler · 8 months ago
A PBC is just a for-profit company that has _some_ sort of specific mandate to benefit the "public good" - however it chooses to define that. It's generally meant to provide some balance toward societal good over the more common, strictly shareholder profit-maximizing alternative.

(IANAL but run a PBC that uses this charter[1] and have written about it here[2] as part of our biennial reporting process.)

[1] https://github.com/OpenCoreVentures/ocv-public-benefit-compa...

[2] https://goauthentik.io/blog/2024-09-25-our-biennial-pbc-repo...

fheisler commented on Why is Cloudflare Pages' bandwidth unlimited?   mattsayar.com/why-does-cl... · Posted by u/MattSayar
mdasen · a year ago
I think there are a few other benefits (even if that was the main benefit/driving force behind the decision).

When you have low-paying (or zero-paying) customers, you need to make your system easy. When you're enterprise-only, you can pay for stuff like dedicated support reps. A company is paying you $1M+/year and you hire someone at $75,000 who is dedicated to a few clients. Anything that's confusing is just "Oh, put in a chat to Joe." It isn't the typical support experience: it's someone that knows you and your usage of the system. By contrast, Cloudflare had to make sure that its system was easy enough to use that free customers would be able to easily (cheaply) make sense of it. Even if you're going to give enterprise customers white-glove service, it's always nice for them when systems are easy and pleasant to use.

When you're carrying so much free traffic, you have to be efficient. It pushes you to actually make systems that can handle scale and diverse situations without just throwing money at the problem. It's easy for companies to get bloated/lazy when they're fat off enterprise contracts - and that isn't a good recipe for long-term success.

Finally, it's a good way to get mindshare. I used Cloudflare for years just proxying my personal blog that got very little traffic. When my employer was thinking about switching CDNs, myself and others who had used Cloudflare personally kinda pushed the "we should really be looking at Cloudflare." Free customers may never give you a dollar - but they might know someone or work for someone who will give you millions. Software engineers love things that they can use for free and that has often paid dividends for companies behind those free things.

fheisler · a year ago
This is exactly our thinking with authentik (open source IdP), and it's played out in practice so far. Enterprise sales conversations are so much easier when they start with "we all use you in our homelabs already." We're much more focused on giving those individual users a positive early experience (in hopes that some small percentage will really pay off down the road) than in extracting a few dollars from each of them.
fheisler commented on PacCam: Pac-Man controlled with your face   eieio.games/paccam/... · Posted by u/bblcla
fheisler · a year ago
Love it! I think we'd get along - https://github.com/everythingishacked/CheekyKeys
fheisler commented on Ask HN: Who is hiring? (June 2024)    · Posted by u/whoishiring
pydeveloper22 · 2 years ago
Hello, is there an email address to reach out to you?
fheisler · 2 years ago
Sure, you can reach out to 'hello' at our domain to send a message to the team!
fheisler commented on Ask HN: Who is hiring? (June 2024)    · Posted by u/whoishiring
fheisler · 2 years ago
Authentik Security | Engineer | US | REMOTE (anywhere) | Full-time

Authentik Security (https://goauthentik.io) is the company behind authentik (https://github.com/goauthentik/authentik), an open source identity provider with over 250k+ unique installations and 12M+ downloads. Help us replace Okta/Auth0, Ping Identity, and Microsoft Entra with modern, secure identity for all!

We are a small remote team, looking to scale up with a couple experienced software engineers, primarily with a backend focus. Bonus points if you have significant experience with identity/SSO standards and/or Django/Python.

There is also the opportunity to be "forward deployed" spending 15-20% of time with enterprise customers (remotely) on configuration best practices and rollout strategies, _if_ that is of interest to the right candidate.

To apply, please use: https://forms.gle/TjRuTCec8M6UaN2Q8

fheisler commented on Bash.org is dead, long live newbash.org   newbash.org... · Posted by u/fheisler
fheisler · 2 years ago
I patched together a rough lookalike using quote data from https://gitlab.com/dwrodri/bash_irc_quotes and the archived pages. It's hosted on GitHub pages, using some simple JS since the entire database is 6MB.

All of the code and data, such as it is, is available at https://github.com/everythingishacked/newbash.org

Previous discussion: https://news.ycombinator.com/item?id=38950721

f

u/fheisler

KarmaCake day463December 10, 2013
About
CEO, Authentik Security

https://youtube.com/EverythingIsHacked

Hunter2, YC W18

View Original