I’m currently using Authelia to authenticate for some of my self hosted services. It works fine, but the limited user backends (ldap or… yaml??) make me want to look for an alternative.
Authentik seems good, but after looking at their website I get the feeling of imminent enshitification, where they’re going to either pull the rug on the open source version, or basically gatekeep essential features behind an enterprise license.
So, for those using Authentik, how has your experience been so far?


I do not consider Authelia secure from an architecture point of view.
That is because there is, by design, no authentication between authelia and the backend. That means that if anyone ever manages to directly access the backend services, they can impersonate anyone, including admin.