Why don’t more people contribute / coalesce around Keycloak?
I don’t know if it was even that “bad” per se “10 years ago.” 10 years ago, React was only open source for 1 year. Meteor was Supabase. People were still writing CoffeeScript.
You are lamenting the complexity of changing authorization requirements without changing application code. I don’t know if OIDC was really set in stone back then. There was no Rego or Cedar, there were IAM policies, and that was also relatively new, and attributes-driven SAML. It’s just a lot of development has happened.
I don’t know if it was even that “bad” per se “10 years ago.” 10 years ago, React was only open source for 1 year. Meteor was Supabase. People were still writing CoffeeScript.
You are lamenting the complexity of changing authorization requirements without changing application code. I don’t know if OIDC was really set in stone back then. There was no Rego or Cedar, there were IAM policies, and that was also relatively new, and attributes-driven SAML. It’s just a lot of development has happened.