Thanks for the mention! (Authentik Security CEO here.) We've become something of Okta migration experts at this point... Cloudflare moved to us a couple years back after they had to be the ones to let Okta know it'd been breached yet again. [1]
Cloudflare??? Damn. that is HUGE! Congratulations. You guys have a super solid product full of features and a decent founder. Maybe enterprises don't care about my favorite feature but it makes securing EVERYTHING a breeze. Embedded proxy! That is GOAT.
Not sure if this counts fully as 'distributed' here, but we (Authentik Security) help many companies self-host authentik multi-region or in (private cloud + on-prem) to allow for quick IAM failover and more reliability than IAMaaS.
There's also "identity orchestration" tools like Strata that let you use multiple IdPs in multiple clouds, but then your new weakest link is the orchestration platform.
Disclosure: I work for FusionAuth, a competitor of Authentik.
Curious. Is your solution active-active or active-passive? We've implemented multi-region active-passive CIAM/IAM in our hosted solution[0]. We've found that meets needs of many of our clients.
I'm only aware of one CIAM solution that seems to have active-active: Ory. And even then I think they shard the user data[1].
Ory’s setup is indeed true multi-region active-active; not just sharded or active-passive failover.
Each region runs a full stack capable of handling both read and write operations, with global data consistency and locality guarantees.
We’ll soon publish a case study with a customer that uses this setup that goes deeper into how Ory handles multi-region deployments in production (latency, data residency, and HA patterns). It’ll include some of the technical details missing from that earlier blog post you linked.
Keep an eye out!
Authentik Security (https://goauthentik.io) is the company behind authentik (https://github.com/goauthentik/authentik), an open source identity provider with 1M+ unique installations. Help us replace Okta/Auth0, Ping Identity, and Microsoft Entra with modern, secure identity for all!
We are a small remote team, looking to scale up with experienced software engineers, primarily with a backend focus. Bonus points if you have significant experience with identity/SSO standards and/or Django/Python.
There is also the opportunity to be "forward deployed" spending 20%+ of time with enterprise customers (remotely) on configuration best practices and rollout strategies, _if_ that is of interest to the right candidate.
A PBC is just a for-profit company that has _some_ sort of specific mandate to benefit the "public good" - however it chooses to define that. It's generally meant to provide some balance toward societal good over the more common, strictly shareholder profit-maximizing alternative.
(IANAL but run a PBC that uses this charter[1] and have written about it here[2] as part of our biennial reporting process.)
This is exactly our thinking with authentik (open source IdP), and it's played out in practice so far. Enterprise sales conversations are so much easier when they start with "we all use you in our homelabs already." We're much more focused on giving those individual users a positive early experience (in hopes that some small percentage will really pay off down the road) than in extracting a few dollars from each of them.
I had this exact conversation with a Cloudflare rep a year or two ago, after I told her how I user their free DNS service. She said, "that free service was the best thing we ever did". And we wound up buying their bot management and DDOS services.
Authentik Security (https://goauthentik.io) is the company behind authentik (https://github.com/goauthentik/authentik), an open source identity provider with over 250k+ unique installations and 12M+ downloads. Help us replace Okta/Auth0, Ping Identity, and Microsoft Entra with modern, secure identity for all!
We are a small remote team, looking to scale up with a couple experienced software engineers, primarily with a backend focus. Bonus points if you have significant experience with identity/SSO standards and/or Django/Python.
There is also the opportunity to be "forward deployed" spending 15-20% of time with enterprise customers (remotely) on configuration best practices and rollout strategies, _if_ that is of interest to the right candidate.
I patched together a rough lookalike using quote data from https://gitlab.com/dwrodri/bash_irc_quotes and the archived pages. It's hosted on GitHub pages, using some simple JS since the entire database is 6MB.
Banana For Scale | US | REMOTE (anywhere) | Founding Engineer
Seeking a developer with Three.js/WebGL experience to help build a new project from the ground up. Bonus points if you have played around with Gaussian splatting or other radiance field techniques, have experience in C/C++ or computer vision.
Banana For Scale (working title) allows anyone to record any space, then edit it in 3D. Think Matterport + Polycam for interactive space design.
I am currently looking for my first hire, initially as a paid contractor so that we can both test out working together. Ideally this would move to a much larger full-time role as part of the founding team. You don't have to be experienced or interested in management, but you should be comfortable with self-directed work.
I previously founded Hunter2 (YC18), scaled to $1M ARR in < 2 years with a team of three before acquisition. I would like to stay deeply involved in the tech development for this project, but someone with the right experience and 100% focus on coding could speed up our efforts 20x.
I don't have any of this experience you're looking for but just wanted to say that I love the working title of your company, hope it sticks around in some form.
I don't have Tree.js/webgl but is in computer vision program from SFU and did some rudimentary computer vision works. Aside from that experienced in js/d3/python/aws. coded a little C++ before for simulation.
I love the title and would like to a chance to try. Do you think that I might meet the need? Keep up with the "meme" spirit!
[1] https://blog.cloudflare.com/how-cloudflare-mitigated-yet-ano...