A turnkey solution…
In the Spring of 2020 I spent about a month and a half of my life searching for an auth solution that just made sense. I wanted a server that I could set up in 5 minutes, follow the documentation to the letter and have something working. I didn’t care about optimizations, or fancy extras. I didn’t need something with a thousand bells and whistles. I needed auth. I needed a clean, reliable, and well documented auth solution, so I could get back to doing what I love: programming.
Unfortunately auth is expensive, and as a lone developer, there was no chance of going with a hosted solution like Auth0 or Okta. In fact, migrating away from those solutions was why I was in the market in the first place. I simply couldn’t afford to pay anymore. Years ago, I developed an application using Auth0. At the time, you could integrate Auth0 with a SAML identity provider for free, so that’s exactly what I did. I created an application that made use of the oauth2 code grant schema for authenticating users. A user would visit my web app, contact Auth0, which would redirect them to my identity provider, and then the application would receive a code, that it could exchange with Auth0 for an access token. Now this process costs money.
For about 3 weeks I fought with Keycloak, then ORY Hydra, and a few other industry servers like miniOrange (which wasn’t all that bad but wasn’t within my budget either). After all of that fruitless labor, I was planning to give up and pay for an expensive solution that I might never be able to afford, and then I found FusionAuth. And let me tell you, it was like the sun had finally broken from the clouds. It had everything, including those bells and whistles I thought I’d never use. It could integrate with any identity provider. The interface was clean and uncluttered. They even had a fully customizable login page. The documentation was top notch, and I must say, I rather enjoyed the references to HBO’s, “Silicon Valley” (example below).
Get it? Key takeaways? Because it’s a post about authentication…. I think I’m funny. Here’s the highlights. FusionAuth is easy to use, it’s very actively being developed, and there’s an amalgamation of cool features to love. What’s more, the thing that really shines about this software is it’s team of developers. The devs are active on Slack, they’re responsive to emails and suggestions, and they very obviously started this project with a love of development in mind. It shows. At some point, big businesses stop caring about their end users unless there is a lump sum of money involved, but it is clear to this user that the decision makers at FusionAuth care about their customers… even the ones using the community edition of their product!
The FusionAuth team has server appliance binaries available for Windows, MacOS, and Linux, in addition to an official Docker container. They also have an impressive collection of client libraries for just about any modern language you’d expect to see used for a client/server or mobile application. The Community Edition allows for multi-tenant management (useful for multiple domains) albeit when I last experimented with it, it was not recommended or supported. I can confirm that it works just fine. If I had to find one fault in the application I would say that the
theming engine (based on server side templates) is a little confusing, but it is certainly not an insurmountable obstacle considering just how feature rich and intuitive this product is.
TLDR? I give FusionAuth a 9.5 out of 10. If you’re an application developer or a team in need of a user access management, authentication, or authorization solution, FusionAuth can get you where you need to be.