ory.html

Ory

Cloud-native open-source identity stack — Kratos (auth), Hydra (OAuth2), Keto (authorisation).

VISIT ORY

Quick facts

  • CategorySelf-hosted
  • LanguageGo
  • PricingOpen source
  • LicenseApache-2.0
  • Created2015
  • GitHub stars4.4k
  • HIPAA-eligibleNo
  • SSO / SAMLOut of box

What it is

Ory is a suite of cloud-native identity tools. Kratos for auth, Hydra for OAuth2 / OIDC, Keto for authorisation. Go-based, Kubernetes-friendly, OSS with a paid Ory Network cloud option. Composable — pick the parts you need.

Best for

  • Cloud-native / Kubernetes-first teams
  • Apps that want composable identity primitives over a monolithic IDP
  • Go-aligned engineering teams

When not to pick it

Skip Ory if you want a monolithic auth product — it is intentionally split into pieces. Skip if your team is not comfortable composing the suite.

My take

Ory is the right pick for cloud-native engineering teams that want composable identity. For small teams the assembly cost is real.

Links

Similar tools you should also consider

Keycloak

Open-source Java-based IDP. Enterprise-grade self-hosted SSO + SAML, heavy to operate.

Read the take →

Authentik

Modern open-source self-hosted IDP. Python-based, lighter than Keycloak.

Read the take →

If Ory is your pick — the next conversation is short

The 30-min call is where your auth choice becomes a real architecture, a migration plan if you are switching, and a price range you can take to your stakeholders. Describe your stack, your scale, your compliance constraints. I tell you whether Ory is genuinely your fit.