Add comparisons from kanidm/kanidm README (#29)

* Add comparisons from kanidm/kanidm README --------- Co-authored-by: James Hodgkinson <[email protected]>
kanidm · Oct 2, 2024 · 16afc51 · 16afc51
1 parent b3cf62f
commit 16afc51
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 1 deletion.
diff --git a/content/blog/_index.md b/content/blog/_index.md
@@ -1,5 +1,4 @@
 ---
-
 title: "Blog"
 description: "Blog posts"
 draft: false

diff --git a/content/comparisons.md b/content/comparisons.md
@@ -51,3 +51,24 @@ to every detail of it's authentication work flows, which makes it harder to star
 
 Kanidm does NOT require Keycloak to provide services such as OAuth2 and integrates many of the elements in a simpler and
 correct way out of the box in comparison.
+
+## Rauthy
+
+[Rauthy](https://sebadob.github.io/rauthy/) is a minimal OIDC provider. It supports WebAuthn just like Kanidm - they
+actually use our library for it!
+
+Rauthy only provides support for OIDC and so is unable to support other use cases like RADIUS and unix authentication.
+
+If you need a minimal OIDC only provider, Rauthy is an excellent choice. If you need more features then Kanidm will
+support those.
+
+## Authentik / Authelia / Zitadel
+
+[Authentik](https://goauthentik.io/) is an IDM provider written in Python and, [Authelia](https://www.authelia.com/) and
+[Zitadel](https://zitadel.com/) are written in Go. all similar to Kanidm in the features it offers but notably all have
+weaker support for unix authentication and do not support the same level of authentication policy as Kanidm. Notably,
+all are missing WebAuthn Attestation.
+
+All three use an external SQL server such as PostgreSQL. This can create a potential single source of failure and
+performance limitation compared to Kanidm which opted to write our own high performance database and replication system
+instead based on our experience with enterprise LDAP servers.