Ory is a software infrastructure provider building a global zero-trust network for humans, robots, devices, and software services. Ory develops open-source software on GitHub and publishes open standards such as the Ory Permission Language. The Ory Network uses cloud-native open-source technologies (Kubernetes, Crossplane, Cockroach, Linux, Ory) and standards (OAuth 2.0/2.1, OpenID Connect, MITREid, WebAuthn, TOTP, FIDO3) to deliver a low-latency, planet-scale zero-trust infrastructure. Ory combines centuries of open source, security, operational, and industry expertise with a user-centric and security-first mindset.
Core infrastructure components of Ory Network are open source to foster collaboration, reduce supply chain risk, broaden access to secure services, and introduce the open standard for internet security. Being open source Ory improves the safety of everyone:
- Ory Identities offers a secure and modern central identity management solution with MFA, passwordless, WebAuthn, and more. It's based on the open-source Ory Kratos Identity Server.
- Ory OAuth2 & OpenID Connect implements 15+ IETF and OpenID standards to facilitate single sign-on (SSO), delegation, and API access authorization. It's based on the open-source Ory Hydra Federation Server.
- Ory Permissions is a low-latency, high-performance, relationship-based authorization system that enables fine-grained access control (incl. RBAC and ABAC models) in any application. It's based on the open-source Ory Keto Permission Server, which implements Zanzibar: Google’s Consistent, Global Authorization System.
Ory develops and maintains many additional open-source projects. From an Ory Zero Trust Identity & Access Proxy Ory Oathkeeper to developer tooling Ory Dockertest to language-specific libraries Ory Ladon. Ory has 170+ open source repositories and over 35.000 GitHub stars.
Ory secures billions of requests each month, runs in over 50,000 live deployments, and improves hourly.
Why Ory is different
Ory differentiates from other vendors in the following key areas:
- Ory core services and APIs are developed and licensed under Apache 2.0, allowing you to participate, collaborate, and understand the inner workings of Ory.
- You can bring your UI, in the programming language of your choosing, with the user experience that you like.
- From designing Identity Schemas using JSON Schema, to webhooks, to advanced configuration options - Ory is the most customizable platform out there.
- Ory spans the whole authentication and authorization universe with well-designed products and APIs:
- Identity Management with session management, flows for login, registration, account recovery & verification, MFA, and many more.
- Permission and Role Management.
- Delegation via OAuth2 and OpenID Connect.
- Zero Trust Networking.
- Modern API design with partial support for gRPC.
The Ory Network is the commercial offering of Ory and is built on top of Ory Open Source software. The goal with Ory Network is to offer a planet-scale, low-latency, resilient, and secure service that's easy to use and set up.
In short: Ory Network is the most convenient way to run Ory. Sign up and create a free developer project.
Each project in Ory Network is an isolated tenant and uses many components providing functionality, user interfaces, and APIs around identities, sessions, login, OAuth2, permissions, and more. The core components of projects in Ory Network are Ory Open Source servers.
Identities and sessions
Ory Network incorporates the open-source Ory Kratos Identity Server and offers:
- Self-service flows are everything users do on their own / without the help of others:
- Registration with passwords, social sign-in, OpenID Connect, ...
- Login with passwords, social sign-in, OpenID Connect, ...
- Updating the profile, email, changing the password, un/linking with social sign-in providers, ...
- Recovering the account by resetting the password.
- Verifying email addresses, phone numbers,...
- Multi-factor authentication flows and recovery processes.
- Administrative identity management to get, create, update, and delete identities (users) and their data.
- Headless APIs and data models allow you to fully customize Identity Schemas (for example adding fields like first name, accept tos, shipping address, gender, ...) and create your login, registration, profile settings, recovery, and verification screen using SDKs and REST APIs.
Permissions and relationships
Ory Network incorporates the open-source Ory Keto Permission Server and offers:
- Permission management to get, create, update, and delete permissions.
- Permission checking to check if a user has a permission.
OAuth2 and OIDC
Ory Network incorporates the open-source Ory Hydra OAuth2 & OpenID Server and offers:
- Fully featured OAuth2 & OpenID Certified® OIDC Provider
Ory Console is the management UI of Ory Network.
Ory Account Experience
Ory Account Experience implements screens such as login, registration, account recovery, account setting, and account verification for fast adoption of Ory.
Contrary to other vendors, Ory allows you to implement your own (login, registration, ...) UI by offering simple, headless APIs. Use the open-source Ory Elements components library for fast integration with frameworks like ExpressJS, React, or Preact.
Ory Open Source
Ory is the largest open-source ecosystem in the area of authentication, authorization, access control, and zero-trust networking in the world. Ory is not another company "greenwashing" with open source by publishing SDKs under open-source licenses. Instead, all Ory core systems are available as Apache 2.0 licensed software without enterprise or open-core models.
Head over to the Ory Open Source Overview for an introduction to the different projects.
Is open source taking a back seat?
Ory Network is the commercial offering which generates revenue to sustain high quality development and add more features to Ory Open Source. The value proposition and vision for Ory Network is to incorporate and advance the open-source ecosystem and add additional services which aren't possible to open source (for example analytics, SLAs, SRE, low-latency).
The Ory Network and Ory Open Source software are interlinked. Ory Network is using the Ory Open Source code base, APIs, features, and configurations to provide services. Ory Network features modifications to better support the custom multi-tenant environment and operational (SRE) mode.
In the future, Ory will continue to increase its open-source footprint. and make the projects easier to modify, use, access, and distribute. The biggest impact Ory Network will have is that it will accelerate and sustain the development of Ory Open Source.