Thanks, definitely appreciate the perspective and thoughtful answers.
I don't think that worries about a cloud provider eating the lunch a company has set (to get metaphorical on you) is solely limited to VC funded companies, but I do appreciate they're more likely to worry (see ElasticSearch, of course).
> but not every infra project has to immediately turn into a 10K employee company.
Also, I'm not sure I buy the concern about aws & friends in this space for a few reasons:
-- Now that SaaS for identity is established, the natural next step is OSS versions that come with SaaS, so if you're starting fresh and know that's coming... it seems short-sighted to start without that
-- aws & friends have their own identity products, so given the already-commoditized market, they're unlikely to want to be pushing your n+1 one
OSS seems more like a growth driver here than a risk b/c of the competitive market, though I can see that being unsettling to traditional business/VC types who are out of touch with the market. What the value-add for a managed layer is seems like "a lot possible", e.g., scale, support, multi-cloud, so I'd expect customers to pull you pretty quick if they didn't already.
In our case, quite explicitly, we're evaluating a path where on-prem single-tenant users can bundle & self-serve something (SSO/LDAP/...), while for our saas tier, we can hook into something normal by aws/azure/someone else. Lack of full-featured OSS (w/ no SaaS necessary) for on-prem, or at least a clear way to let us transparently swap something like Keycloak for those folks, is an instant no.
Good points about AWS, though I will say that AWS has multiple different document databases and caching engines, so if there was customer demand, I don't doubt that they would run a different identity service. I have not used it, but from what I've seen, Cognito doesn't seem to get much love.
> OSS seems more like a growth driver here than a risk b/c of the competitive market, though I can see that being unsettling to traditional business/VC types who are out of touch with the market.
I hope you weren't talking about me :) . We'll see, I certainly some funded auth startups going the open core/OSS route (SuperTokens, Clerky, WorkOS).
> In our case, quite explicitly, we're evaluating a path where on-prem single-tenant users can bundle & self-serve something (SSO/LDAP/...), while for our saas tier, we can hook into something normal by aws/azure/someone else. Lack of full-featured OSS (w/ no SaaS necessary) for on-prem, or at least a clear way to let us transparently swap something like Keycloak for those folks, is an instant no.
Yeah, we have a number of clients who use us just like this (both SaaS and on-prem, often as an identity broker) and are willing to pay our license fees for the support, the documentation and the functionality. I've also reached out to people who seemed like a fit and they had a hard requirement for OSS.
I don't think that worries about a cloud provider eating the lunch a company has set (to get metaphorical on you) is solely limited to VC funded companies, but I do appreciate they're more likely to worry (see ElasticSearch, of course).
> but not every infra project has to immediately turn into a 10K employee company.
Couldn't agree more!
Cheers!