I'm looking to design my software to be resilient enough that it can handle any single cloud provider experiencing downtime. In a previous discussion, someone suggested looking into Auth0 and Keycloak for my identity and access management solution. I am now curious if anyone has other recommendations for a cost-effective and efficient way to manage authentication for an application that isn't confined to just one cloud environment. My goal is to avoid any single points of failure in my design.
3 Answers
Auth0 is set up to be multi-region and available in at least three availability zones in Azure, so competing with their resilience by hosting your own Keycloak might be challenging.
Keycloak might be your best bet if you want more control but don't mind managing it yourself. You can set it up on different providers and make sure they can work together, so if one goes down, the authentication still functions. It’s free and supports OIDC, SAML, and OAuth right out of the box. Auth0 is easier to implement but puts you at the mercy of their uptime, which is a single point of failure risk you're trying to avoid. For true resilience, consider running Keycloak across two providers with shared database replication and a global load balancer for failover. It's a complex setup, but once it's in place, it’s pretty reliable. Also, your specific application needs might affect how much investment you should put into this.
Thanks for the insight! Do you have any suggestions for tutorials or documentation on creating federated implementations? I would like to see more specific guidelines.
It sounds like you might need a solid plan for reliability here. Are you really looking for more reliability than what major providers like Amazon, Microsoft, or Google offer? Multi-cloud setups are already tricky, and achieving high availability across multiple clouds can complicate things further—often at a cost. Many SaaS products claim multi-cloud support, but it usually just means that customers can select a cloud provider rather than having the same features across all platforms. If you don't trust the cloud providers enough, you might end up needing to manage your own servers. Remember, the idea of cloud services is convenience and quick recovery, not necessarily 100% reliability.
Thanks for the response! My use case definitely requires high reliability, especially during disasters. I can't afford to have any downtime, so I'm hoping to spread risk across multiple cloud providers. Also, what exactly is "multi-cloud HA"?
I’m new to all of this, so I’m trying to learn more. Does Auth0 operate on other infrastructures too, or is it limited to Azure? I’m just concerned about possible issues like Microsoft encountering a major mistake in their infrastructure.