-
Notifications
You must be signed in to change notification settings - Fork 1.8k
docs: rewrite intro sections for Network/OEL/OSS #2641
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
+360
−225
Merged
Changes from all commits
Commits
Show all changes
13 commits
Select commit
Hold shift + click to select a range
560d03a
docs: rewrites to intro to standardize
unatasha8 265569d
autogen(docs): generate cli docs
ory-bot 569f9d8
docs: bump to 79e05a2469a39381d507936e72baed37b8300afc
aeneasr 3712134
chore: update v2 thresholds (#2638)
tricky42 b565b0e
docs: bump to 9073260639be9811f21421e46d20948cb5a2952f
aeneasr 9b00f21
docs: set redirects to premanent = true (#2635)
unatasha8 4eae00f
fix: update installation guides and sidebar paths (#2613)
wassimoo 71fbc0c
docs: remove old intro files
unatasha8 134c564
docs: added import files
unatasha8 95a715a
Merge branch 'master' into una-red-intro
wassimoo c0e1426
Merge branch 'master' into una-red-intro
wassimoo 60257fb
Update docs/oel/getting-started/index.mdx
unatasha8 d6d935d
docs: added review feedback
unatasha8 File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,125 +1,121 @@ | ||
| --- | ||
| title: Introduction to Ory Network | ||
| sidebar_label: Introduction to Ory Network | ||
| toc_max_heading_level: 3 | ||
| description: | ||
| Ory Network is the fully managed, cloud-native deployment of Ory — a global, low-latency identity and access management service | ||
| built on Ory's open source software. | ||
| --- | ||
|
|
||
| Ory is a software infrastructure provider building a global zero-trust network for humans, robots, devices, and software services. | ||
| Ory develops open-source software on [GitHub](https://github.com/ory) and publishes open standards such as the | ||
| [Ory Permission Language](https://github.com/ory/keto/blob/master/docs/ory_permission_language_spec.md). | ||
| [The Ory Network](https://console.ory.com/) uses cloud-native open-source technologies (Kubernetes, Crossplane, Cockroach, Linux, | ||
| Ory) and standards (OAuth 2.0/2.1, OpenID Connect, MITREid, WebAuthn, TOTP, FIDO3) to deliver a low-latency, planet-scale | ||
| zero-trust infrastructure. Ory combines centuries of open source, security, operational, and industry expertise with a | ||
| user-centric and security-first mindset. | ||
| # Introduction to Ory Network | ||
|
|
||
| Core infrastructure components of [Ory Network](https://console.ory.com) are open source to foster collaboration, reduce supply | ||
| chain risk, broaden access to secure services, and introduce the open standard for internet security. Being open source Ory | ||
| improves the safety of everyone: | ||
| Ory Network is the fully managed deployment of Ory: a global, low-latency identity and access management (IAM) service delivered | ||
| as SaaS. It runs the same open source software you can self-host, with hosting, scaling, security patching, and compliance handled | ||
| for you — so you can add authentication, authorization, and fine-grained permissions to any application and get back to building | ||
| your product. | ||
|
|
||
| - Ory Identities offers a secure and modern central identity management solution with MFA, passwordless, WebAuthn, and more. It's | ||
| based on the open-source [Ory Kratos Identity Server](https://github.com/ory/kratos). | ||
| - Ory OAuth2 & OpenID Connect implements 15+ IETF and OpenID standards to facilitate single sign-on (SSO), delegation, and API | ||
| access authorization. It's based on the open-source [Ory Hydra Federation Server](https://github.com/ory/hydra). | ||
| - Ory Permissions is a low-latency, high-performance, relationship-based authorization system that enables fine-grained access | ||
| control (incl. RBAC and ABAC models) in any application. It's based on the open-source | ||
| [Ory Keto Permission Server](https://github.com/ory/keto), which implements | ||
| [Zanzibar: Google’s Consistent, Global Authorization System](https://research.google/pubs/pub48190/). | ||
| [Sign up](https://console.ory.com/registration) to create a free developer project, or | ||
| [talk to an expert](https://www.ory.com/contact) about production and enterprise needs. | ||
|
|
||
| Ory develops and maintains many additional open-source projects. From an Ory Zero Trust Identity & Access Proxy | ||
| [Ory Oathkeeper](https://github.com/ory/oathkeeper) to developer tooling [Ory Dockertest](https://github.com/ory/dockertest) to | ||
| language-specific libraries [Ory Ladon](https://github.com/ory/ladon). Ory has | ||
| [170+ open source repositories](https://github.com/orgs/ory/repositories) and over 35.000 GitHub stars. | ||
| ## Why Ory Network | ||
|
|
||
| Ory secures billions of requests each month, runs in over 50,000 live deployments, and improves hourly. | ||
| Ory Network gives you Ory's full identity stack without the operational overhead of running it yourself: | ||
|
|
||
| ## Why Ory is different | ||
| - **Fully managed infrastructure** — Ory Network operates a global edge network with multi-region availability, automatic scaling, | ||
| and high availability. You don't patch servers, rotate keys, or manage failover. | ||
| - **Production-grade security and compliance** — Built-in protection against common threats, industry-standard cryptography, | ||
| breached-password detection, and audit-ready compliance (GDPR, SOC 2, ISO, PCI DSS, and more). | ||
| - **Own your user experience** — Bring your own UI in any framework and language, or start with hosted screens. Ory's APIs are | ||
| headless, so the login, registration, and account flows are entirely yours to design. | ||
| - **Built on open source** — Every core service in Ory Network is the same Apache 2.0 licensed software available on | ||
| [GitHub](https://github.com/ory). There is no open-core lock-in, and you can move between deployment models without rewriting | ||
| your integration. | ||
| - **Scale without limits** — Ory Network processes billions of authentication and authorization requests, with stateless | ||
| horizontal scaling and smart edge caching for low latency worldwide. | ||
|
|
||
| Ory differentiates from other vendors in the following key areas: | ||
| ## What's included | ||
|
|
||
| - Ory core services and APIs are developed and licensed under Apache 2.0, allowing you to participate, collaborate, and understand | ||
| the inner workings of Ory. | ||
| - You can bring your UI, in the programming language of your choosing, with the user experience that you like. | ||
| - From designing Identity Schemas using JSON Schema, to webhooks, to advanced configuration options - Ory is the most customizable | ||
| platform out there. | ||
| - Ory spans the whole authentication and authorization universe with well-designed products and APIs: | ||
| - Identity Management with session management & flows for login, registration, recovery, verification, MFA, and more. | ||
| - Permission and Role Management. | ||
| - Delegation via OAuth2 and OpenID Connect. | ||
| - Zero Trust Networking. | ||
| - Modern API design with partial support for gRPC. | ||
| Ory Network is composed of optimized builds of Ory's open source servers, managed and integrated for you, plus the console and | ||
| tooling that make them fast to adopt. The core services each map to a focused part of the identity and access problem: identity | ||
| and sessions, OAuth2 and OIDC, permissions, enterprise SSO, edge access control, and API key management. Around them, Ory Network | ||
| adds the layer that gets you to production quickly: | ||
|
|
||
| ## Ory Network | ||
| - **[Ory Console](https://console.ory.com/)** — The web UI for managing projects, identities, permissions, social sign-in, | ||
| identity schemas, account emails, and multi-tenancy. Most configuration that once required code can be done here without a code | ||
| editor. | ||
| - **[Ory Account Experience](https://www.ory.com/docs/account-experience)** — Prebuilt, customizable screens for login, | ||
| registration, recovery, verification, and account settings, so you can ship auth before building your own UI. | ||
| - **[Ory Elements](https://www.ory.com/docs/elements)** — An open source component library for integrating your own authentication | ||
| UI quickly with frameworks like React and Next.js. | ||
| - **[Ory Actions](https://www.ory.com/docs/kratos/hooks/configure-hooks)** — Hooks that extend Ory by running custom business | ||
| logic and integrating with third-party services such as CRMs, payment gateways, and analytics platforms in response to identity | ||
| events. | ||
| - **[Ory CLI](https://www.ory.com/docs/cli)** — A command-line tool for configuring and operating your self-hosted deployment. | ||
| - **[SDKs and reference UIs](https://github.com/ory/sdk)** — Client SDKs for popular languages and reference UI implementations | ||
| for frameworks like React, Next.js, and React Native. | ||
|
|
||
| The Ory Network is the commercial offering of Ory and is built on top of Ory Open Source software. The goal with Ory Network is to | ||
| offer a planet-scale, low-latency, resilient, and secure service that's easy to use and set up. | ||
| ### Ory Kratos (Identity & AuthN) | ||
|
|
||
| In short: Ory Network is the most convenient way to run Ory. [Sign up](https://console.ory.com/registration) and create a free | ||
| developer project. | ||
| ```mdx-code-block | ||
| import KratosDesc from "@site/src/components/Shared/deploy-intro/kratos-desc.mdx" | ||
|
|
||
| ## Components | ||
| <KratosDesc /> | ||
| ``` | ||
|
|
||
| Each project in Ory Network is an isolated tenant and uses many components providing functionality, user interfaces, and APIs | ||
| around identities, sessions, login, OAuth2, permissions, and more. The core components of projects in Ory Network are | ||
| [Ory Open Source servers](https://github.com/ory/). | ||
| ### Ory Hydra (Delegated AuthZ & Federated AuthN) | ||
|
|
||
| ### Identities and sessions | ||
| ```mdx-code-block | ||
| import HydraDesc from "@site/src/components/Shared/deploy-intro/hydra-desc.mdx" | ||
|
|
||
| Ory Network incorporates the open-source [Ory Kratos Identity Server](https://www.ory.com/kratos) and offers: | ||
| <HydraDesc /> | ||
| ``` | ||
|
|
||
| - Self-service flows are everything users do on their own / without the help of others: | ||
| - Registration with passwords, social sign-in, OpenID Connect, passkeys, and more. | ||
| - Login with passwords, social sign-in, OpenID Connect, passkeys, and more. | ||
| - Updating the profile, email, changing the password, un/linking with social sign-in providers, and more. | ||
| - Recovering the account by resetting the password. | ||
| - Verifying email addresses, phone numbers, and more. | ||
| - Multi-factor authentication flows and recovery processes. | ||
| - Administrative identity management to get, create, update, and delete identities and their data. | ||
| - Headless APIs and data models allow you to fully customize Identity Schemas - for example adding fields like name, accept ToS, | ||
| phone number - and create your login, registration, profile settings, recovery, and verification screen using SDKs and REST | ||
| APIs. | ||
| - SCIM support for automated user provisioning and deprovisioning with supported identity providers. | ||
| ### Ory Keto (Fine-grained Permissions) | ||
|
|
||
| ### Permissions and relationships | ||
| ```mdx-code-block | ||
| import KetoDesc from "@site/src/components/Shared/deploy-intro/keto-desc.mdx" | ||
|
|
||
| Ory Network incorporates the open-source [Ory Keto Permission Server](https://www.ory.com/keto) and offers: | ||
| <KetoDesc /> | ||
| ``` | ||
|
|
||
| - Permission management to get, create, update, and delete permissions. | ||
| - Permission checking to check if a user has a permission. | ||
| ### Ory Polis (Enterprise SSO AuthZ) | ||
|
|
||
| ### OAuth2 and OIDC | ||
| ```mdx-code-block | ||
| import PolisDesc from "@site/src/components/Shared/deploy-intro/polis-desc.mdx" | ||
|
|
||
| Ory Network incorporates the open-source [Ory Hydra OAuth2 & OpenID Server](https://www.ory.com/hydra) and offers: | ||
| <PolisDesc /> | ||
| ``` | ||
|
|
||
| - Fully featured OAuth2 & [OpenID Certified](https://openid.net/developers/certified/)® OIDC Provider | ||
| ### Ory Oathkeeper (Proxy-based access control) | ||
|
|
||
| ### SAML | ||
| ```mdx-code-block | ||
| import OathkeeperDesc from "@site/src/components/Shared/deploy-intro/oathkeeper-desc.mdx" | ||
|
|
||
| Ory Network incorporates the open-source [Ory Polis](https://www.ory.com/polis) and offers: | ||
| <OathkeeperDesc /> | ||
| ``` | ||
|
|
||
| - Enterprise SSO integration with SAML identity providers such as Okta, Azure AD, and Google Workspace. | ||
| - Simplified SSO flow by implementing SSO as a standard OAuth 2.0 flow, abstracting away the complexities of SAML. | ||
| - Act as a SAML Identity Provider (IdP). | ||
| ### Ory Talos (API keys) | ||
|
|
||
| ### Ory Console | ||
| ```mdx-code-block | ||
| import TalosDesc from "@site/src/components/Shared/deploy-intro/talos-desc.mdx" | ||
|
|
||
| Ory Console is the management UI of Ory Network. | ||
| <TalosDesc /> | ||
| ``` | ||
|
|
||
| ### Ory Account Experience | ||
| ## Ory Network compared to the other deployment models | ||
|
|
||
| Ory Account Experience implements screens such as login, registration, account recovery, account setting, and account verification | ||
| for fast adoption of Ory. | ||
| Ory Network is one of three ways to run Ory. All three share the same open source core, so you can start with one and move to | ||
| another as your needs change: | ||
|
|
||
| Ory allows you to implement your own authentication UI by offering simple, headless APIs. Use the open-source | ||
| [Ory Elements](https://github.com/ory/elements) components library for fast integration with frameworks like React and Next.js. | ||
| ```mdx-code-block | ||
| import DeployCompare from "@site/src/components/Shared/deploy-intro/deploy-compare.mdx" | ||
|
|
||
| ### Ory Actions | ||
| <DeployCompare /> | ||
| ``` | ||
|
|
||
| [Ory Actions](../../kratos/hooks/01_configure-hooks.mdx) provide a flexible way to extend the capabilities of the Ory Network by | ||
| defining custom business logic, automating system behavior in response to events, and integrating with third-party services such | ||
| as CRM platforms, payment gateways, business analytics tools, and integration platforms. | ||
| ## Next steps | ||
|
|
||
| ## Ory Open Source | ||
|
|
||
| Ory is the largest open-source ecosystem in the area of authentication, authorization, access control, and zero-trust networking | ||
| in the world. Ory is not another company "greenwashing" with open source by publishing SDKs under open-source licenses. Instead, | ||
| all Ory core systems are available as Apache 2.0 licensed software without enterprise or open-core models. | ||
|
|
||
| Head over to the [Ory Open Source Overview](../../oss/open-source.mdx) for an introduction to the different projects. | ||
| - [Create a free developer project](https://console.ory.com/registration) | ||
| - [Follow a quickstart](../getting-started/overview) | ||
| - [Learn which Ory product to use](../products/products-overview#which-ory-product) | ||
| - [Migrate an existing user base to Ory Network](../migrate-to-ory/migrate) | ||
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.