What's the practical difference between Kratos and Authelia?

Hi. I’m trying to develop a B2B webapp that will need a decent identity provider. I’d love to use an open source solution, but get as close to “plug and play” as possible, while retaining the option to get into the weeds later if it proves necessary.

I’ve narrowed it down to these two services, but I can’t tell what the practical differences are at this point. Authelia doesn’t seem to be a platform you’ve made a direct comparison to before. Any advice is appreciated. :slight_smile:

Hey umrank,
Glad to have you here!

A direct comparison of ORY Kratos to other auth products is not yet available.
We have a stub in the documentation for this here. :point_left:

Since there is a good amount of changes coming to ORY Kratos in the near time, a direct comparison would require a lot of changes as well over time.
So this is probably something we would tackle when we have reached a release candidate for ORY Kratos (1.0).

Other than that, if ORY Kratos is a good fit for you depends on your use-case.
If you are just looking solve login, this would work well out of the box.
If you want something more complex or exotic, there is plenty of options in the ORY stack itself or possibilites to interface it with other auth products out there.

I recommend you try out the Quickstart and if you have further questions, hop in the chat. There you can directly interact with other developers, who are maybe trying to solve the same issues and the ORY team.

Thanks a lot!

Does “out of the box” mean that the API could directly be exposed to the internet and used from the frontend app, or does it still need a gateway like oathkeeper?

The public API can be used from the frontend app.

Here is a rough representation of the application architecture:

Just read the Quickstart, most of that is explained pretty well in there :slight_smile: .