FusionAuth
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs
    • Login

    Why isn't FusionAuth open source?

    Scheduled Pinned Locked Moved
    Q&A
    open source license faq
    2
    6
    12.5k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • danD
      dan
      last edited by dan

      Why isn't FusionAuth open source like some of the alternative user identity management systems?

      --
      FusionAuth - Auth for devs, built by devs.
      https://fusionauth.io

      1 Reply Last reply Reply Quote 0
      • danD
        dan
        last edited by

        The simple answer is that there are pros and cons to making our intellectual property open source. At this point we have chosen a closed source model for the core product but open source many components as well. All of the docs, website, client libraries, jwt library, mvc, and domains are open source.

        We continually discuss this strategy internally and evaluate what is best for the longevity and quality of the product. From our perspective there is a misconception that open source equates to longevity. While it is true that anyone could fork and maintain FusionAuth if it was open source, many open source projects die because there is no maintainer. It is also possible that a company such as IBM - that now owns KeyCloak / RedHat could choose to no longer support KeyCloak, or change the source code licensing model. In other words, the licensing model does not necessarily mean it will be supported or properly maintained.

        We understand this is a sensitive topic for many and we do certainly see positive aspects of making the entire platform open source. However, there are no current plans to modify our licensing model.

        --
        FusionAuth - Auth for devs, built by devs.
        https://fusionauth.io

        1 Reply Last reply Reply Quote 0
        • F
          firrae
          last edited by

          Is there a sunset provision of sorts that if the company were to fold the project would become open source so those who do depend on it can continue to maintain it or at least keep it going until we could migrate away? That right now is my last big concern.

          1 Reply Last reply Reply Quote 0
          • danD
            dan
            last edited by

            @firrae said in Why isn't FusionAuth open source?:

            who do depend on it can continue to maintain it or at least keep it going until we could migrate away

            You could continue to run FusionAuth, self-hosted, until you were able to migrate away. The software wouldn't stop running if the company was no longer functioning.

            Does that address your concerns?

            --
            FusionAuth - Auth for devs, built by devs.
            https://fusionauth.io

            F 1 Reply Last reply Reply Quote 0
            • F
              firrae @dan
              last edited by

              @dan Slightly? The issue would still be there should you stop supporting it/company stops existing and then while people are trying to plan out a migration a large vulnerability is found and then unfix-able. It would leave the attack vector open until a migration could occur which could be a while with small teams.

              1 Reply Last reply Reply Quote 0
              • danD
                dan
                last edited by

                Hiya,

                I got an answer for you about sunset provisions.

                We have discussed source code escrow options with clients in the past. We can also offer a source code release clause (in the event FusionAuth goes out of business). However, these are only options if you are on an Enterprise plan with a custom contract.

                Hope that helps you make the right decision for your application(s).

                --
                FusionAuth - Auth for devs, built by devs.
                https://fusionauth.io

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post