17 years helping Israeli businesses
choose better software
About FusionAuth
FusionAuth is the only authentication, authorization, and user management built for devs. It works with any app, using any framework.
And thanks to the great online community we were able to overcome almost every issue we encountered since day one.
Nothing springs to mind, but the distinction between tenant settings and user settings can be a little confusing at first.
Filter reviews (30)
Usage
Sort by
Filter reviews (30)
Alternatives Considered:
FusionAuth is the most fully-featured SSO solution for the price
Comments: FusionAuth has been really good and from my first experience with v1.15.8, then I upgraded twice to v1.16 then v1.17, they keep adding more features and convenience like making Elasticsearch optional. (I'm still using Elasticsearch though because I'm still migrating from previous identity provider and we have 200,000+ users to migrate, most of them are free users.) The number of free users we have is making it not cost-wise to use other identity provider products. I have successfully integrated FusionAuth with three WordPress instances and a Rocket.Chat instance. I'm excited to complete the migration and use FusionAuth with our own custom apps. I'm also doing consulting with social enterprises / nonprofits and when they need a login/SSO solution for their constituents/donors/volunteers, I can wholeheartedly recommend FusionAuth for them.
Pros:
* The installation and maintenance process is straightforward, especially that they've provided a Helm chart that can be deployed directly to a Kubernetes cluster. When I first installed it, v1.15.8 required Elasticsearch. But in v1.16.0 and newer, Elasticsearch is optional so it's much easier to get started especially for those with less than 10,000 users. * The functionality is complete. It's amazing how FusionAuth can bundle so many functionality in one software bundle AND also make it relatively easy to install. General SSO, OpenID Connect, SAML, 2FA: all the basics are covered, and more. * Multi-tenant. This is unique with FusionAuth: with a single FusionAuth instance you can service SSO multiple groups or even multiple companies. This can dramatically reduce cost if you're need to share resources. Or perhaps you need separate tenants for staging and development environments, you're not required to buy a separate license for this. * Free license available * Support is good even without an enterprise contact (FusionAuth Forum & GitHub)
Cons:
* MariaDB isn't yet officially supported. It's a minor quibble and is probably irrelevant to most people, but I do wish FusionAuth would have supported this. It's actually possible to run FusionAuth with MariaDB, just that you'll need to be prepared to potential (current and future) issues, that you don't have to worry if you use PostgreSQL or MySQL. * Not open source. Again this is a minor quibble. I'd prefer if FusionAuth open sources or even made "source-available" the core parts of FusionAuth. It'd make problems much easier to debug especially if there are users willing to help debugging. For businesses getting a support contract directly from FusionAuth it's probably not an issue.
Alternatives Considered:
Don't make your own auth system ever again. Lean on a toolset that has everything you need built in!
Comments: Very easy to get started. Used a container image to setup a test environment. Microsoft (netcore) already has an integration with OAuth2/Openidconnect --- so we just had to taylor it the way we wanted in our own application. The docs are very clear / clean. The forums are active. I had suggested a very simple feature, and it was put into a released version 2 days later. We are not even a paying customer yet. That was very revealing that this is an active product, and the feedback was valuable.
Pros:
While evaluating different auth systems, we found ourselves scratching our heads about how we would accomplish certain integration points. Options for self-hosting, options for cloud & on-prem applications, custom data and if we have to host a side-by-side database. We wanted to tie all our our separate container applications running out there, into a single sign on, with minimal work. The APIs were very clear, and easy to understand while implementing. We love the transparency of the github repos, so we can comb through the code to see what was being done while doing the integration. In a short 1-2 months of work, we were able to learn about how (with no Oauth/OpenID Connect experience) to integrate our applications in using the standards. FusionAuth has some nice escape hatches for additional information such as their Lambda support and data objects on each entity so you can store arbitrary data for future usages.
Cons:
Some of the generated SDKs could benefit from a developer that uses the technology suchs as dotnet/core, where the sdks could be better fit to conform to that development standard, but it wasn't a blocking issue. Just using objects that are camel case is kinda foreign, as if you are using java. But this is about as bad as it gets -- it worked as expected without having us spend a ton of time troubleshooting anything.
Alternatives Considered:
Review
Pros:
Ease of use. Easy to setup. Customisable. Open source.
Cons:
Fast moving. Hard to upgrade. Clients are a bit buggy
Alternatives Considered:
Feature-packed and easy to integrate
Comments: Overall, we feel we've gotten value out of FusionAuth and are happy to be using it. There are some things we've had to work around (like the CI/CD concepts discussed in the cons), but we've been happy with the performance and low maintenance of the solution that this hasn't really affected us too much.
Pros:
FusionAuth is API-driven which allows custom authentication flows to be done simply in little time. The whole solution feels well-designed and the team is quick to resolve issues and meet community demands for features as needed.
Cons:
The CI/CD-based configuration utilities for FusionAuth aren't quite as great as we'd like. They offer a solution for standing up an environment through configuration (Kickstart), but not ongoing configuration, which means if settings are changed in the live environment they aren't peer-reviewed like what we had with Auth0's Terraform provider.
FusionAuth Response
4 years ago
Thanks for the review Scott. Just a heads up that the community has provided an open source Terraform provider. You can check it out and learn more here: https://fusionauth.io/community/forum/topic/374/terraform-provider-for-fusionauth-released
Alternatives Considered:
Great CIAM
Comments:
Working in a non-profit research field, we often need to quickly set up prototypes of web applications and services. FusionAuth helps us saving a lot of time while giving a smooth and safe user experience.
The availability of a free community version is very important for us, since it is not easy to justify the costs for such prototypes in advance. Then, if they become products, somebody will likely buy the support for FusionAuth and other components.
Pros:
Apart from the top level support for OpenID and OAuth2.0 standards, we like the ease of deployment and the high number of clients available that make it easy to develop with FusionAuth. Furthermore, the possibility to customize the tenant UI produce a smooth UX.
Cons:
The suite has a lot of features, and the team is constantly working on improvements. Multi-Tenant SSO and iframe token refresh for implicit-grant, which currently are not supported, would be the cherry on the cake. The logging can be made a bit more verbose in order to quickly debug issues.
FusionAuth Response
4 years ago
Thanks for your review. As of release 1.19, multi tenant SSO is supported.
Alternatives Considered:
A fantastic auth provider
Comments: The team are really responsive, the software has been rock solid and is really quick. It has all the majors features you want and need and the documentation is fantastic!
Pros:
The ease of use, the fact it's got a really great billing model, compared to something like Auth0 it's dirt cheap and much better in my opinion. This is the best auth provider by FAR which gives you so much out of the box for free.
Cons:
Not much. The team is super responsive and some of my requests have already been implemented.
Alternatives Considered:
Customizable, well documented, full of features, and inexpensive
Pros:
FusionAuth is very customizable thanks to the templating system used. It is the thing that I found to be the killer feature when compared with the others. There are multiple deployment options including free of charge on-premise one while there is still an option to have SaaS and paid support. This is a commercial product but developed a lot like the open-source one (Github issues) which is great giving direct contact with the FA people and the option to vote for the most wanted features. FusionAuth support is awesome.
Cons:
There is no dedicated JavaScript library/client that can help with the SPA integrations but this can be done using some other available tools/libraries.
Alternatives Considered:
FusionAuth is Fantastic
Comments: We use FusionAuth as our Auth layer and we have had a lot of success integrating it into on-prem deployments with other IdP's.
Pros:
It is very customizable. It is lightweight. The support is the best of any vendor we use. It integrates into other platforms easily. The docs are generally very good, especially considering how often the software is updated.
Cons:
There are some minor features I would like to see, such as ActiveDirectory groups mapping to roles in FusionAuth, but it may be possible to do this already. I wish there was better native Kubernetes support.
Alternatives Considered:
Great product overall
Comments: Pretty good
Pros:
The easy to use and easy to setup, the admin portal and the user interface are pretty good. Along with this, all the great features that are present to integrate and built authentication service.
Cons:
Lack of multi tenant features. Ability to add custom roles where user is only a tenant admin
Alternatives Considered:
A brilliant solution to a common problem
Comments: We're using a monolithic approach to manage our current 300K users with simple identity management and we're rebuilding our architecture to put an Identity/Token management system in the middle and build several microservices around it. I’ve been scratching my head to implement IdentityServer4 into our new architecture until I discovered FusionAuth. I’m not upset about the time we spent with IS4 & .net Core Identity; they sky-rocketed our domain expertise. However, FusionAuth is the tool, and I'm a bit surprised to see how they managed to make it easy on a sketchy topic like identity management and tokenization.
Pros:
Easy to use, and almost zero time to use the product with a line of code to grab and start docker containers. Once the apps are up, it literally takes 5 minutes to set up a working Identity Management system with security proven protocols support out of the box. The overall management interface is pretty straight forward, and easy to understand. They have great documentation as well to support you along the way.
Cons:
Theme management is still in its early steps and I believe they will come up with something more robust. Even the current version of 1.x has a superior management interface than the competition.
An easy to use and yet powerful multi-tenant self hosted authentication service
Comments: Our overall experience with FusionAuth has been truly positive. FusionAuth had everything we were looking for from an authentication service and therefor it helped us save countless work hours implementing our own solution.
Pros:
Integrating with our software was relatively simple thanks to the versatility offered by FusionAuth's multi-tenant feature. And thanks to the great online community we were able to overcome almost every issue we encountered since day one.
Cons:
It may be because of our use case being so different from what FusionAuth is normally used but we would love if its performance was improved specially the memory usage.
You guys make my life easier
Comments:
I really like the UI (except for Freemarker templating) and the Documentation is just awesome.
Being part of the Slack-Channel is great and people there (especially robotdan) are really responsive.
Pros:
- Documentation. - Easy configuration trough a well-designed UI. - Adding Social Logins is a no-brainer. - It even suits the needs of very small projects. - Docker-Configration is easy and update procedure painless - Its free without the support. Still i get support on the slack-channel and therefore writing bug-reports and feature-requests is something i can give back.
Cons:
Templating (both UI and Emails) is a pain. But it's not an easy task to make it better. At least it works most of the time and is better than other solutions I know.
Best Opensource Auth System out there.
Pros:
The biggest impact for me has been an immediate understanding of the way the system works, and indeed auth software should work. All the examples are clear, concise and above all actually work! The support via their slack channel is just awesome, they've never let me down. Great product, great company, and above all amazing people.
Cons:
Nothing springs to mind, but the distinction between tenant settings and user settings can be a little confusing at first.
FusionAuth Response
4 years ago
Thanks for the review Stefan. Just to be clear, while FusionAuth has open sourced many things (docs, example apps, client sdks, supporting libraries) the core is not open source. The community edition is forever free as in beer but not free as in speech. This is something we continue to have internal discussions about, but as of right now, we're not planning to open source the core application.
good keycloak alternativ
Comments: So far I'm fine :) I did not use FusionAuth on production yet, but going to investigate this opportunity. I believe it may be great piece of software to bootstrap your new services in the internet and be concentrated on the business logic, at the same time being confident that you use top auth technologies.
Pros:
I like that FusionAuth popped up on the market, because until today there was only one major player - keycloak. Documentation is complete and good, I have experience contacting the developers, they answer quickly and passionately. Fact that FusionAuth is provided as SaaS from IBM also says something to me. Interface is quite fresh, I like this also. API is consistent.
Cons:
- To be honest, I'm not a fan that this is another Java enterprise application; - I know that keycloak is backed by Apache and is open source, so I believe that it'll continue to exist. I don't know the backers of FusionAuth so far and it's plans for the future.
FusionAuth Response
4 years ago
Thanks for your review. Regarding your concerns, there's no reason why you couldn't run FusionAuth until you had a migration plan. We also offer source code escrow to customers who want one.
Simplest IAM software for our use-case
Comments: Surprised in good. It took some time to master it but now we feel good.
Pros:
* authorization features * permissions management * almost ready-to-use helm chart at the time we tried * json kickstart is perfect * no need for elasticsearch
Cons:
* unable to export the fusionauth config to json so that I can use it as a kickstart * difficult to deploy on k8s if we really need to expose it (we did not succeed in that; however it's no problem for us, because we don't expose fusionauth any more)
Great hosted IAM solution
Comments: I was able to get FusionAuth up and running immediately and without problems for testing. Production deployment with AWS ECS, RDS, ES, and ELB was very quick too. I haven't used it at scale yet, but I'm fairly confident it will handle scale given its architecture.
Pros:
Free, full-featured, very easy to test locally via Docker and deploy and scale in AWS with ECS, RDS, ES, and ELB, good documentation and excellent support via Slack
Cons:
Interface could be more intuitive and being Java/Tomcat-based makes it a little bloated
Single solution of Authentication
Comments: Good.
Pros:
* Easy integration of oauth2. * Central authentication mechanism for multiple application * Excellent API support 👍 * Multiple sign mechanism like google, external jwt, facebook .... * Performant. didn' t check at huge user base
Cons:
*Default UI provided for login. Would appreciate if you can have materail like UI which is trending. I think you tried to match with Admin portal theme. But it is OK to have differnt look for login so that we don't have to do much customization * Missing Linkedin sign option * Sample application in every client platform like c#, java, javascript (node and angular). A kind of guided by example
FusionAuth Response
4 years ago
Thanks for your review. We've been working on creating more example applications and have apps for all the client libraries (except for Dart, and that is in the works). Please see https://fusionauth.io/docs/v1/tech/example-apps/ for a list of example applications.
Great Application
Comments: Our company decided to implement FusionAuth to resolve some specific authentication challenges and provide the maximum flexibility for our platform as it evolves. The FusionAuth team has been fantastic in providing us with advice and support when needed, and receptive to new ideas to consider for future updates. We have no regrets about choosing FusionAuth as our authentication provider.
Pros:
Integration with our existing services was fairly painless, given we were replacing another authentication engine.
Cons:
We have had a positive experience with the product.
Alternatives Considered:
Recon InfoSec
Comments: Love it so far, works great, would recommend
Pros:
Ease of implementation Security Stability Well documented Robust API Passwordless login/magic link MFA Responsive and helpful support/dev team
Cons:
UI is not immediate intuitive in some cases, like roles and permissions, but docs are great Would love a feature similar to Okta's SWA for applications that still don't have SAML or OAuth
Startup use of FusionAuth
Comments: The best thing about FA (other than the freemium model) is the support. The support team is first rate.
Pros:
I mostly use the passwordless login. It has taken me considerable time to implement due to my "part time" status as a developer.
Cons:
The documentation for the php API could use some upgrading, IMO.
Compact and complete platform
Comments: Support is fast and responsive. A platform to watch
Pros:
Very solid platform, easy to run and install. Feels light weight in usage, but misses no feature.
Cons:
None, excellent platform. Nothing to complain
Identity Management for NextGen Apps
Comments: Before FusionAuth, we were using our own built-in Identity Management using DB and Code. However, as we grew with our user requirements, log in with Social Identity was one thing, users even asked for an Email/Password-based credential mechanism which was not existing up until now. Now while revamping our entire WebApp, we have plugged in FusionAuth for Authentication and even the App is able to use them. Best is they update the Code regularly. Amazing!
Pros:
Since we build lots of stuff using .Net and FusionAuth has the simplest of ways to get deployed on an Ubuntu Server. Just one line and it will be installed easily.
Cons:
I wish I could even have Identity Validation for Mobile Number Users and not just Emails.
Best Auth System
Comments: So much better than Auth0
Pros:
Good docs, integrates well into CICD, good support, good free tier, sensible paid options
Cons:
I wish they'd open source the core. It lacked passwordless SMS out-of-the box.
Great solution to do away with boilerplate authentication code!
Pros:
A free, cross platform, and API centric solution to avoid writing the same boilerplate authentication code is an awesome thing!
Cons:
I think documentation, client libraries, and examples could be more flushed out, but they are still very useful regardless.
FusionAuth Response
4 years ago
Thanks for your review. We've been working on creating more example applications and have apps for all the client libraries, except for Dart, and that is in the works. Please see https://fusionauth.io/docs/v1/tech/example-apps/ for a list of example applications.
Alternatives Considered:
Good Stuff!
Comments: Super positive experience; would highly recommend to colleagues.
Pros:
- Easy to use - Great docs - Great customer support
Cons:
It does have some bugs but I have yet to run into anything critical and the team is super quick to fix them.