Interesting. From reading the website briefly and the announcement above, this seems like a "super library".
If there's an auth spectrum, from:
roll your own -> use a language specific library -> use a full featured solution like Auth0, Firebase or FusionAuth
it seems like SuperTokens is in between the library and the full featured solution.
I guess I'd ask, if I don't want a full featured solution (the use case you've identified), why wouldn't I use a language specific library (devise for rails, passport for js, etc). Or is the value that you're providing a modular integration so I don't have to integrate authentication + authorization + user management + API auth myself?
Anyways, congrats on launching. We need more auth solutions and I'm glad to see an interesting approach in the open source world. The other major contender, KeyCloak, is, I've heard, a bear to run and extend.
So if you are aiming to be full featured, the modularity plus open source is your differentiator?
What are you going to do if AWS/GCP/Azure decides to offer a managed services version of your software? (I know, I know, that'd be a a great problem to have.)
AWS etc. already offer these services so the risk is low. I dislike the recent trend of companies changing licenses from a formerly FLOSS solution to "source available".
It prevents little in practice and makes it so that your original differentiator i.e. open source is no longer true.
> AWS etc. already offer these services so the risk is low.
I'm not sure about that. AWS had a NoSQL database, but replicated mongodb.
Anyway, I think that the risk doesn't occur until and unless supertokens hits a home run. I mean, if you're big enough for a hypercloud provider to copy, that means you've been pretty darn successful in distribution of your product.
If there's an auth spectrum, from:
roll your own -> use a language specific library -> use a full featured solution like Auth0, Firebase or FusionAuth
it seems like SuperTokens is in between the library and the full featured solution.
I guess I'd ask, if I don't want a full featured solution (the use case you've identified), why wouldn't I use a language specific library (devise for rails, passport for js, etc). Or is the value that you're providing a modular integration so I don't have to integrate authentication + authorization + user management + API auth myself?
Anyways, congrats on launching. We need more auth solutions and I'm glad to see an interesting approach in the open source world. The other major contender, KeyCloak, is, I've heard, a bear to run and extend.
Full disclosure, I'm an employee of FusionAuth.