Skip to main content

Welcome to Ory!

Ory is a software infrastructure provider building a global zero-trust network for humans, robots, devices, and software services. Ory develops open-source software on GitHub and publishes open standards such as the Ory Permission Language. The Ory Network uses cloud-native open-source technologies (Kubernetes, Crossplane, Cockroach, Linux, Ory) and standards (OAuth 2.0/2.1, OpenID Connect, MITREid, WebAuthn, TOTP, FIDO3) to deliver a low-latency, planet-scale zero-trust infrastructure. Ory combines centuries of open source, security, operational, and industry expertise with a user-centric and security-first mindset.

Core infrastructure components of Ory Network are open source to foster collaboration, reduce supply chain risk, broaden access to secure services, and introduce the open standard for internet security. Being open source Ory improves the safety of everyone:

  • Ory Identities offers a secure and modern central identity management solution with MFA, passwordless, WebAuthn, and more. It's based on the open-source Ory Kratos Identity Server.
  • Ory OAuth2 & OpenID Connect implements 15+ IETF and OpenID standards to facilitate single sign-on (SSO), delegation, and API access authorization. It's based on the open-source Ory Hydra Federation Server.
  • Ory Permissions is a low-latency, high-performance, relationship-based authorization system that enables fine-grained access control (incl. RBAC and ABAC models) in any application. It's based on the open-source Ory Keto Permission Server, which implements Zanzibar: Google’s Consistent, Global Authorization System.

Ory develops and maintains many additional open-source projects. From an Ory Zero Trust Identity & Access Proxy Ory Oathkeeper to developer tooling Ory Dockertest to language-specific libraries Ory Ladon. Ory has 170+ open source repositories and over 35.000 GitHub stars.

Ory secures billions of requests each month, runs in over 50,000 live deployments, and improves hourly.

Why Ory is different

Ory differentiates from other vendors in the following key areas:

  • Ory core services and APIs are developed and licensed under Apache 2.0, allowing you to participate, collaborate, and understand the inner workings of Ory.
  • You can bring your UI, in the programming language of your choosing, with the user experience that you like.
  • From designing Identity Schemas using JSON Schema, to webhooks, to advanced configuration options - Ory is the most customizable platform out there.
  • Ory spans the whole authentication and authorization universe with well-designed products and APIs:
    • Identity Management with session management & flows for login, registration, recovery, verification, MFA, and more.
    • Permission and Role Management.
    • Delegation via OAuth2 and OpenID Connect.
    • Zero Trust Networking.
    • Modern API design with partial support for gRPC.

Ory Network

The Ory Network is the commercial offering of Ory and is built on top of Ory Open Source software. The goal with Ory Network is to offer a planet-scale, low-latency, resilient, and secure service that's easy to use and set up.

In short: Ory Network is the most convenient way to run Ory. Sign up and create a free developer project.

Components

Each project in Ory Network is an isolated tenant and uses many components providing functionality, user interfaces, and APIs around identities, sessions, login, OAuth2, permissions, and more. The core components of projects in Ory Network are Ory Open Source servers.

Identities and sessions

Ory Network incorporates the open-source Ory Kratos Identity Server and offers:

  • Self-service flows are everything users do on their own / without the help of others:
  • Registration with passwords, social sign-in, OpenID Connect, ...
  • Login with passwords, social sign-in, OpenID Connect, ...
  • Updating the profile, email, changing the password, un/linking with social sign-in providers, ...
  • Recovering the account by resetting the password.
  • Verifying email addresses, phone numbers,...
  • Multi-factor authentication flows and recovery processes.
  • Administrative identity management to get, create, update, and delete identities (users) and their data.
  • Headless APIs and data models allow you to fully customize Identity Schemas (for example adding fields like first name, accept tos, shipping address, gender, ...) and create your login, registration, profile settings, recovery, and verification screen using SDKs and REST APIs.

Permissions and relationships

Ory Network incorporates the open-source Ory Keto Permission Server and offers:

  • Permission management to get, create, update, and delete permissions.
  • Permission checking to check if a user has a permission.

OAuth2 and OIDC

Ory Network incorporates the open-source Ory Hydra OAuth2 & OpenID Server and offers:

Ory Console

Ory Console is the management UI of Ory Network.

Ory Account Experience

Ory Account Experience implements screens such as login, registration, account recovery, account setting, and account verification for fast adoption of Ory.

Contrary to other vendors, Ory allows you to implement your own (login, registration, ...) UI by offering simple, headless APIs. Use the open-source Ory Elements components library for fast integration with frameworks like ExpressJS, React, or Preact.

Ory Actions

Ory Actions provide a flexible way to extend the capabilities of the Ory Network by defining custom business logic, automating system behavior in response to events, and integrating with third-party services such as CRM platforms, payment gateways, business analytics tools, and integration platforms.

Ory Open Source

Ory is the largest open-source ecosystem in the area of authentication, authorization, access control, and zero-trust networking in the world. Ory is not another company "greenwashing" with open source by publishing SDKs under open-source licenses. Instead, all Ory core systems are available as Apache 2.0 licensed software without enterprise or open-core models.

Head over to the Ory Open Source Overview for an introduction to the different projects.

Is open source taking a back seat?

No!

Ory Network is the commercial offering which generates revenue to sustain high quality development and add more features to Ory Open Source. The value proposition and vision for Ory Network is to incorporate and advance the open-source ecosystem and add additional services which aren't possible to open source (for example analytics, SLAs, SRE, low-latency).

The Ory Network and Ory Open Source software are interlinked. Ory Network is using the Ory Open Source code base, APIs, features, and configurations to provide services. Ory Network features modifications to better support the custom multi-tenant environment and operational (SRE) mode.

In the future, Ory will continue to increase its open-source footprint. and make the projects easier to modify, use, access, and distribute. The biggest impact Ory Network will have is that it will accelerate and sustain the development of Ory Open Source.

Ory Network

The most flexible and scalable way to manage identi­ties, authen­tication, autho­rization and access control.Explore Ory Network

Explore Ory Network