Ory is a software infrastructure provider building a global zero-trust network for humans, robots, devices, and software services. Ory develops open-source software on GitHub and publishes open standards such as the Ory Permission Language. The Ory Network uses cloud-native open-source technologies (Kubernetes, Crossplane, Cockroach, Linux, Ory) and standards (OAuth 2.0/2.1, OpenID Connect, MITREid, WebAuthn, TOTP, FIDO3) to deliver a low-latency, planet-scale zero-trust infrastructure. Ory combines centuries of open-source, security, operational, and industry expertise with a user-centric and security-first mindset.
Core infrastructure components of The Ory Network are open source to foster collaboration, reduce supply chain risk, broaden access to secure services, and introduce the open standard for internet security. Being open source Ory improves the safety of everyone:
- Ory Identities offers a secure and modern central identity management solution with MFA, paswordless, WebAuthn, and more. It is based on the open-source Ory Kratos Identity Server.
- Ory OAuth2 & OpenID Connect implements 15+ IETF and OpenID standards to facilitate single-sign on, delegation and API access authorization. It is based on the open-source Ory Hydra Federation Server. implementing 15+ IETF and OpenID standards.
- Ory Permissions is a low-latency, high-performance, relationship-based authorization system that enables fine-grained access control (incl. RBAC and ABAC models) in any application. It is based on the open-source Ory Keto Permission Server, which implements Zanzibar: Google’s Consistent, Global Authorization System.
Ory develops and maintains many additional open-source projects. From an Ory Zero Trust Identity & Access Proxy Ory Oathkeeper to developer tooling Ory Dockertest to language-specific libraries Ory Ladon. Ory has 170+ open-source repositories and over 35.000 GitHub stars.
Ory is production ready, on track to secure 1,000,000,000,000 API requests in 2022, running in over 50.000 live deployments, and improved hourly.
Why Ory is different
Ory differentiates from other vendors in the following key areas:
- Our core services and APIs are developed and licensed under Apache 2.0, allowing you to participate, collaborate, and understand the inner workings of Ory.
- You can bring your own UI, in the programming language of your choosing, with the user experience that you like.
- From designing Identity Schemas using JSON Schema, to webhooks, to advanced configuration options - Ory is the most customizable platform out there.
- Ory spans the whole authentication and authorization universe with well-designed products and APIs:
- Identity Management with session management, flows for login, registration, account recovery & verification, mfa, and many more.
- Permission and Role Management.
- Delegation via OAuth2 and OpenID Connect.
- Zero Trust Networking.
- Modern API design with partial support for gRPC.
The Ory Network
The Ory Network is the commercial offering of Ory and is built on top of our popular open-source software. Our goal with The Ory Network is to offer a planet-scale, low-latency, resilient, and secure service that's easy to use and set up.
In short: The Ory Network is the most convenient and straightforward way to run Ory. Sign up at console.ory.sh for an account and create a free developer project.
The Ory Network uses a variety of components - some are based on open-source projects and others are closed source.
Ory Console is the management UI of The Ory Network. It offers capabilities such as showing and searching for identities, managing user sessions, and gaining valuable insights in the form of dashboards and customization.
Ory Account Experience
Ory Account Experience implements screens such as login, registration, account recovery, account setting, and account verification. This allows for fast adoption of Ory.
Contrary to other vendors, Ory allows you to implement your own (login, registration, ...) UI by offering simple, headless APIs.
Identity & session services
The Ory Network incorporates the open-source Ory Kratos Identity Server project and offers:
- Self-service flows are everything users do on their own / without the help of others:
- Registration with passwords, social sign in, OpenID Connect, ...
- Login with passwords, social sign in, OpenID Connect, ...
- Updating the profile, email, changing the password, un/linking with Social. Sign In providers, ...
- Recovering the account by resetting the password.
- Verifying email addresses, phone numbers, ....
- Multi-factor authentication flows and recovery processes.
- Administrative identity management to get, create, update, delete identities (users) and their data.
- Headless APIs and data models allow you to fully customize Identity Schemas (for example adding fields like first name, accept tos, shipping address, gender, ...) and create your own login, registration, profile settings, recovery, and verification screen using our easy to use SDKs and REST APIs.
The Ory Network incorporates the open-source Ory Keto Permission Server project and offers:
- Permission management to get, create, update, and delete permissions.
- Permission checking to check if a user has a permission.
Ory open source
Ory is the largest open source ecosystem in the area of authentication, authorization, access control, and zero trust networking in the world. Ory is not another company "greenwashing" with open source by publishing SDKs under open-source licenses. Instead, all of our core systems are available as Apache 2.0 licensed software without enterprise or open core models.
Head over to the Ory Open Source Overview for an introduction to the different projects.
Is open source taking a back seat?
No! The Ory Network is our commercial offering with which we generate revenue to build more open source and more features in Ory Network. Our value proposition and vision for The Ory Network is to incorporate and advance the open-source ecosystem and add additional services which aren't possible to open source (for example analytics, SLAs, SRE, low-latency).
The Ory Network and our open-source software are interlinked. While we've made some modifications to the open source to make it work better in our multi-tenant environment and operational (SRE) model, we're using the same code base, APIs, features, and configurations for The Ory Network.
In the future, we will increase our open-source footprint, make the projects easier to modify, use, access, and distribute. The only impact The Ory Network will have is that it will accelerate development and enable us to spend more resources on the open source!
New to Ory ?
- Ory Projects Overview. What is Ory ? Learn about the open-source projects at the heart of Ory:
- Ory Community Overview. A place where developers share and build: Learn more about the Ory Community:
- Ory Kratos Quickstart. User login and registration for web, mobile, native, or single-page applications.
- Ory Keto Quickstart. Complex consistent permission and authorization management.
- Ory Hydra Quickstart. Authenticate third-party users and secure access to your applications and APIs.
- Ory Oathkeeper Quickstart. Authenticate, authorize and mutate any incoming network traffic, with a Zero Trust security model.
Don't want to deal with Docker, Kubernetes, and securing your API?
- Sign up for a free Developer account in The Ory Network.
- Add Authentication to your Next.js/React Single Page Application (SPA)
- Add Custom Login, Registration, User Settings to Your Next.js/React Single Page Application (SPA)
- Run your own OAuth2 Server
- E-Commerce with The Ory Network: Part 1: Backend & Part 2: Frontend
- The best way to use Ory: learn about projects and Ory Network Services & APIs
Read our in-depth concepts documentation
- Identity and User Management (Ory Kratos)
- OAuth 2.0 & OpenIDConnect (Ory Hydra)
- Authorization and Permission Server (Ory Keto)
- Zero Trust Networking (Ory Oathkeeper)
Watch video tutorials
- Ory Hydra 5 Minute Tutorial
- Ory Kratos Quickstart
- The Ory Network Frontend Example
- The Ory Network Backend Example
Grok the API