authentik is an open source Identity Provider that unifies your identity needs into a single platform, replacing Okta, Active Directory, and Auth0. Authentik Security is a public benefit company building on top of the open source project.

Being the first security hire is a lot of responsibility. It’s rare to find a security engineer among the first 10 employees at a startup, so when you join, it’s likely that you are joining a larger company. In this situation, you’re inheriting some established security practices (or lack thereof) and have more people to corral than in a small, tight-knit company. (This article even suggests onboarding the first, full-time security hire between 30-100 employees.) And the stakes are high—the SolarWinds story is an extreme, but cautionary tale that companies can be held accountable, even when they are victims of a hack.

It’s not all gloomy though! There is lots to enjoy about being a founding security engineer.

You get the chance to wear many hats: one day you’re investigating infrastructure alerts, another day you’re pen testing, or on another you might be urgently researching whether you’re vulnerable to a new breach. You might also get to pick your security stack! You’re constantly building your skills and learning new things.

authentik is an open source Identity Provider that unifies your identity needs into a single platform, replacing Okta, Active Directory, and auth0. Authentik Security is a public benefit company building on top of the open source project.

“How to be great? Just be good, repeatably.”

Consistency is often credited as more important to success than bursts of inspiration. However when we’re talking about startups, standardization and innovation are often presented as conflicting mindsets. Standardization is for scaleups and enterprises, introduced around the same time as red tape and bureaucracy. Innovation is for scrappy startups, along with “move fast and break things” and “do things that don’t scale”.

Authentik Security is just over a year old, you can still count our team members on your hands, and we do a bit of both. Here are some things we’ve standardized that have helped us be more efficient (and where we’ve kept things fluid).

authentik is an open source Identity Provider that unifies your identity needs into a single platform, replacing Okta, Active Directory, and auth0. Authentik Security is a public benefit company building on top of the open source project.

We are happy to announce that 2024 is going great, with our second release of the year adding important new functionality for Admins, developers, and end users. Take a look at the new features included in the release, check out the Release Notes for more details and upgrade instructions, and enjoy the new features!

We are excited that this release, like our 2024.2 one, continues to add more functionality across the board for all users. For Admins, we added new abilities to verify user credentials and provision users and groups via external IdP sources, additional powerful configuration options, and performance improvements for important API endpoints (User, Groups, Events). For developers, we added an API Client for Python. We also made further UX/usability and customization enhancements, with a revamped UI for log messages and converting several multi-select boxes into dual-select. Using dual-select components across the interface is the goal; they provide a much cleaner UX for our users.

Let’s take a look at some of the highlights of this release.

authentik is an open source Identity Provider that unifies your identity needs into a single platform, replacing Okta, Active Directory, and auth0. Authentik Security is a public benefit company building on top of the open source project.

We’ve already seen high-profile migrations away from microservices (for example Amazon, Uber, and Google), and just recently The Pragmatic Engineer shared how teams at some companies have suffered in the wake of mass layoffs, as there simply aren’t enough staff to operate the thousands of services built by what used to be much larger engineering organizations. The tide has turned against microservices.

We’re happy to see a shift away from architecture inspired by buzzwords. In many cases (especially if you’re a small startup), you really don’t need microservices, you just need well-demarcated code. There are some good use cases for microservices however—when they address a genuine technical challenge—and this article is about one of them.

authentik is an open source Identity Provider that unifies your identity needs into a single platform, replacing Okta, Active Directory, and auth0. Authentik Security is a public benefit company building on top of the open source project.

Since November 2022, authentik has gone from an open source project with one maintainer writing most of the code (me), to having a real business built on top of it—with six full-time team members across the globe. We celebrated the company’s first birthday last year, but I wanted to share some personal reflections from my own journey from maintainer to CTO.

What’s worked​

Standardizing and templatizing (on some things)​

One of the advantages of a greenfield environment is being able to choose my own constellation of tools and workflows to make things as easy and efficient as possible.

You might think that standardizing of any sort is the remit of scale-ups and big corporations with compliance requirements, but the business efficiency and simplicity that comes with it is also a huge bonus for lean startups.

authentik is an open source Identity Provider that unifies your identity needs into a single platform, replacing Okta, Active Directory, and auth0. Authentik Security is a public benefit company building on top of the open source project.

In January of 2024, a well-known open-source maintainer wrote the following message to a contributor: “You copied that function without understanding why it does what it does, and as a result your code IS GARBAGE. AGAIN.”

If you’ve been in open source long enough, you might recognize the tone of Linus Torvalds, creator and lead developer of the Linux kernel. Torvalds’ sometimes cruel messages aren’t rare (there’s a whole subreddit for these rants, after all). But in this case, the target – Google engineer Steven Rostedtstands – stands out.

If we put aside the substance of the disagreement, we can acknowledge that the tone can be intimidating – not so much to Rostedtstands, who can likely handle himself, but to onlookers who are curious about contributing. Not all of open source is like this, of course, but enough of it is like this (or close to this) that exchanges like these can make contributing to open source scarier than it needs to be.

How can a brand new contributor, much less a Google engineer, feel brave enough to contribute?

The initial temptation, for me and probably many open-source fans, is to tell new contributors it’ll all be fine. There are bad parts, we might say, but there are good parts, too. But this approach risks invalidating their fears.

In this article, I’m going to lay out five real reasons why contributing to open source can be scary for new contributors. Alongside those reasons, though, I’m going to provide five practical ways to face the fears and contribute anyway.

authentik is an open source Identity Provider that unifies your identity needs into a single platform, replacing Okta, Active Directory, and auth0. Authentik Security is a public benefit company building on top of the open source project.

Hello world! I'm excited to be joining Authentik Security as CEO. I wanted to take this opportunity to share the experience of my first week with the community and a bit about my background.

At the start of my very first "official" day on the job, I got an overview of the various applications we use from Jens, our founder and CTO. If you have ever been through a company onboarding process, you know that it might take a few days up to a couple weeks to get access to everything, sometimes even longer. In a small and agile startup, that might be as little as a day if you're lucky.

authentik is an open source Identity Provider that unifies your identity needs into a single platform, replacing Okta, Active Directory, and auth0. Authentik Security is a public benefit company building on top of the open source project.

We are happy to announce that 2024 is starting off great, with our first release of the year chock full of new features. Take a look at the new features and functionality included in the release, check out the Release Notes for more details and upgrade instructions, and enjoy the new features!

We confess we are possibly the most excited about this release than any in a while, with some new Admin-level capabilities, enhanced functionality for developers (our DX game is heating up!), and some great UX/usability and customization enhancements.

Let’s start with some of the big features, the ones that kept us busy over the holidays and into the new year.

authentik is an open source Identity Provider that unifies your identity needs into a single platform, replacing Okta, Active Directory, and auth0. Authentik Security is a public benefit company building on top of the open source project.

In 2024, Tom Scott and Jynn Nelson, otherwise different people in different worlds, faced very similar problems.

• Tom Scott is a YouTuber who, as of this writing, has gotten nearly 2 billion views across over 700 videos. Nearly 6.5 million people subscribe to Tom Scott’s YouTube channel.
• Jynn Nelson, a senior engineer, is a major maintainer of Rust, an open-source project that 2023 StackOverflow research showed was the most admired language among developers. About 2.2 million people are Rust developers.

In a goodbye video, Scott announced an extended break from his channel, saying, "I am so tired. There's nothing in my life right now except work.”

In a post called the rust project has a burnout problem, Nelson wrote, articulating sentiments across the Rust community, “you want a break, but you have a voice in the back of your head: ‘the project would be worse without you.’”

It’s unfortunate that this comparison makes the best opening to the point of this post: open source developers are much more like content creators than most people tend to assume.

If anything, when you look at the history of the Internet and the history of distributing content online, open source developers might be the original content creators.

By looking at the paths they have both paved and recontextualizing their work within a broader view of the creator economy, we can come to a better understanding of the shared futures of content creators and open source developers.

authentik is an open source Identity Provider that unifies your identity needs into a single platform, replacing Okta, Active Directory, and auth0. Authentik Security is a public benefit company building on top of the open source project.

At the time of writing this post, the downfalls of using YAML as a templating language are being debated on Hacker News. The headache of trying to customize Helm charts is a gripe we share at Authentik, which we’ll get into below.

This post is about how we test and deploy authentik using containers, some gotchas we’ve encountered, and lessons we’ve picked up along the way.

When the company founder is from an Infrastructure background, and the first person he decides to hire (that's me!) is also from Infra, you can imagine that we end up with some pretty strong opinions about tools and processes.

This is part of an ongoing series about the tools and products that make up authentik’s stack (you can also read about our infrastructure tooling choices and what’s in our security stack).