Is this library the way to go when I have the following needs?
1. Login to SaaS via website and later use an access token to authorize against a graphql api?
2. Login programmatically so an access token can be retrieved and used for REST queries.
3. Does (2) work if the client is a pure oauth2 client (not an oidc client)?
4. Is the library recommended in a tenant based SaaS (like MS Azure)?
Does Hydra integrate with nginx or envoy external authorization? If so, is there a good example you could share?
I’ve relied on oauth2proxy with Dex as an oidc issuer for this purpose for years. This works but I’m trying to understand if Ory is an advancement in functionality.
Awesome set of release notes, thanks for all the hard work!
Excited to find time to dig into v2 changes, feels like Hydra has corrected a lot of long standing issues and made it much easier to use (I haven't run Kratos yet but having the integration be tighter makes so much sense).
Is there a good description of oathkeeper vs keto? It seems like oathkeeper would use keto but I'm not sure if they're similarly tightly integrated.
Ory Keto and Ory Oathkeeper can play together! Ory Keto implements Google Zanzibar, it's basically a service where you can check if "x is allowed to do y". Ory Oathkeeper on the other hand is something which can check for any given HTTP request: who is the user making the request? is the user allowed to make the request? and finally convert all this information into a common format. However, Ory Oathkeeper does itself not make the decision, it uses e.g. Ory Keto to check the permission itself. Hope this makes sense
This has been a long time in the making, many kudos for all the hard work by the maintainers and contributors!
Really excited about the integration with the ory kratos idp, should make building SSO much easier.
Bringing this to v2 was a big one year effort with lots of community contributions and we are excited to finally be able to show it to the world!