Ory

Ory is a German open-source identity and access management platform founded in 2016 in Munich that provides developers with modular, cloud-native tools for authentication, authorization, and user management. The platform is built around several battle-tested open-source projects: Ory Kratos for identity and credential management, Ory Hydra for OAuth 2.0 and OpenID Connect, Ory Oathkeeper for API gateway authentication, and Ory Keto for fine-grained permission management. Together, these components offer a complete replacement for proprietary identity providers like Auth0 and Okta.

Ory takes a headless, API-first approach that gives developers full control over the user experience while handling the complex security logic behind the scenes. The platform supports modern authentication methods including passkeys, social sign-in, multi-factor authentication (TOTP, WebAuthn), magic links, SMS verification, and SAML. Ory's permission system enables fine-grained access control with a Google Zanzibar-inspired architecture that scales to billions of permission checks. Session management, account recovery, and identity verification flows are all configurable through clean APIs.

The open-source components can be self-hosted on any infrastructure for complete data sovereignty, or teams can use Ory Network, the managed cloud service hosted in the EU. Ory Network holds SOC 2 certification and is fully GDPR compliant, with a pricing model based on active daily authenticated users that offers significant cost savings compared to competitors. Trusted by organizations including OpenAI for its OAuth infrastructure, Ory has established itself as the leading open-source identity platform for teams that need enterprise-grade security without vendor lock-in.