This is an automated archive made by the Lemmit Bot.
The original was posted on /r/selfhosted by /u/bojanmilevskii on 2025-02-28 10:30:19+00:00.
Hello. I know this question has been asked many times before, but I'm still having a hard time choosing between these two.
I'm new to ID providers, so I'm not really experienced in this field.
I'm looking for a self-hosted IDP solution that is flexible enough to provide anything that self hosted apps might require. Currently I'm running:
- docker-mailserver
- Nextcloud
- Firefly III
- Gitea
- nginx reverse proxy (thinking of switching over to traefik)
- Vaultwarden
My idea is to be ready and prepared for any other self hosted apps that I might deploy in the future, whatever they might be, so I want something that does it all, while also supporting the services I currently run.
I've read that Keycloak is an older and more mature project, backed-up by RedHat and focuses more on security than Authentik. They state they support a wide range of features not present in Authentik - user management, federation, brokerage, just to name a few.
On the other hand, Authentik has a detailed list of features comparing itself with the competition. For example - they state that Keycloak does not support LDAP, but the Keycloak documentation states that it does, leaving me in some sort of "purgatory" of what to believe.
I would avoid trying out both and then deciding, as my free time is more limited. My idea was to "set-and-forget" the service.
What are your thoughts and suggestions? Which one would be more tailored for my needs?
Thanks in advance!