T3 and User Management (admin user must be able to CRUD users) - suggestions?
I’m trying to find a good example of a User Management system written on top of the T3 stack.
I don’t want to use Clerk because it will be super expensive when I get thousands of organizations onboarded. Next Auth also doesn’t seem to fit the requirements unless I missed something.
The basic need is a user to register and login themselves, and for a super-admin user to create organizations and users and those users will have access to functionality based on the organizations they are members of.
Any guidance would be awesome, thanks.
#questions #t3 #tech-discussion
Solution:Jump to solution
oh, I see what you mean. You're looking for the actual service behind that, it's not what something like next-aut1h would do directly, it'd let you connect to a service, like an IAM service in Azure or AWS (or Auth0). Since you're saying clerk is too expensive, it's probably worth your while to look into Entra (used to be called Azure Active Directory, some docs haven't been updated, fyi) or Cognito for AWS and you can use those as a baseline to evaluate how you're managing your user's identit...
6 Replies
why wouldn't next-auth work for this use case? This seems pretty straightforward. I'm about to use next-auth in a project I'm bringing to production and the complaints about it are largely around the docs and if you are using a database to manage sessions. I'm using JWT's and don't need a db adapter and everything looks pretty straightforward (disclaimer: I'm working on auth this week, lol)
Next auth is for users to self-register. I didn’t see any way to manage or create those users as a super-admin. Happy to be wrong 🙂 hoping to be wrong!
Even if it’s just email and password or username and password. That would be sufficient for my use case.
Solution
oh, I see what you mean. You're looking for the actual service behind that, it's not what something like next-aut1h would do directly, it'd let you connect to a service, like an IAM service in Azure or AWS (or Auth0). Since you're saying clerk is too expensive, it's probably worth your while to look into Entra (used to be called Azure Active Directory, some docs haven't been updated, fyi) or Cognito for AWS and you can use those as a baseline to evaluate how you're managing your user's identities.
They have a good console to manage all that kind of stuff, you can generate passwords for your users, etc. Pro tip: Do yourself a favor and learn about Management Groups, Tenants and organizing your users with security groups (these are azure terms, but AWS has the exact same concepts).
If you want to deploy something yourself and not be locked-in on a cloud vendor, keycloak is an excellent choice: https://www.keycloak.org/
Keycloak
Keycloak is an open source identity and access management solution
Brilliant, thanks. I’ll look into each of these. I went blank on aws for some reason but cognito was built for this. Will check out keycloak too. Thanks so much.