Auth0 is quite a low-cost and stable product. It provides a lot of good functionality as well. It is easy to use, manage and is very intuitive. Additionally, we can look at the logs and troubleshoot the issues. I rate it an eight out of ten.
I would rate this solution as six out of ten. There are a few small problems, like with Management API. For integration purposes, it's easy to use. The solution is good for starting projects and for startups. There are a few other options for out-of-the-box solutions, like AWS or Azure AD, but we chose Auth0.
I rate the solution an eight out of ten. The solution is good, but its support for multi-tenancy could be improved further, and advanced authorization capabilities could be included in the next release.
We could manage without Auth0 Rules. We built an architecture in which all the communication to and from Auth0 is centralized in a single service, within our company. We could add this business logic to our service and have the same functionality. But the fact that it's available for us in Auth0 means we don't need to change our code or our service to support it, and that makes things a little bit more convenient. On a scale of one to 10, the importance of Auth0 Rules for us would be a seven. The biggest lesson I have learned from using Auth0 is that when a company does something very well, you are probably better off using their service instead of trying to do it yourself. Doing it on your own requires investing in the development and the maintenance of it. Also, things change over time and you have to keep up. The policy in our company is that whenever a company does something very well, and it is not our core business, and the price is reasonable, we might want to pay them to externalize that product or service.
To someone who says we can build authentication in-house, I would say that you can try it, but you will probably fail at it. The authentication and authorization process is really complex. You need to be really focused on that to be able to deliver a solution that is really secure and compliant with different standards. You can sleep peacefully having Auth0 deployed. With solutions that are built in-house, you will probably have some basic functions, but in my opinion, there is a vulnerability that will probably be exploited in the future. Auth0 is hiring people who are committed only to one particular area of computer science, which is authentication and authorization. They really understand the different algorithms that are behind that. So, if you do not have such engineers in-house, you will probably have a solution that is not 100% bulletproof. For us, MFA is required every time someone logs in. Even though I like the idea of Adaptive MFA, it is not a good fit for our business model. Auth0 allows us to turn on or off features like social logins, MFA, or Anomaly Detection with the flip of a switch, but it is hard to assess the importance of this feature. The ability to customize the flow for authentication and authorization is very important for us, but as a company, we don't need social logins and so on. Having them enabled would be considered unprofessional in our area, and we don't need to turn them on. So, this is very important for us that things that we do not use can be turned off. It hasn't helped to increase new-user conversion due to less sign-up or login friction because that is not in our business use case. We do not allow people to sign in to our solutions. We are business-to-business. Similarly, it has not decreased customer support tickets due to password issues because that's not applicable to us. I would rate Auth0 an eight out of 10. I will always say that I am a really big fan of Auth0.
Security Architect at a construction company with 10,001+ employees
Real User
2020-07-19T08:15:53Z
Jul 19, 2020
This solution does what we want it to do. It's good and I don't see any issues. For anyone wanting to use this solution, make sure that your developers are fully engaged. They have to know how Auth0 works and what the best way to leverage it. I would rate this solution an eight out of ten.
Platform Engineer - Linux at a tech services company with 201-500 employees
Real User
2020-07-12T11:48:49Z
Jul 12, 2020
During our exploration and evaluation, Auth0 and Okta were the top contenders from a pure authentication point. My advice for anybody who is considering such a system is to have multiple authentication systems evaluated from a technical point of view, and adopt the one which rightly suits your use case and requirements. Different products have different features sets, but what matters most is that it is purely compatible with your use case. Scalability is probably the most crucial factor. I would rate this solution an eight out of ten.
Security Architect at a construction company with 10,001+ employees
Real User
2019-11-14T06:33:00Z
Nov 14, 2019
In terms of advice, I think that if your application is developer-driven, then Auth0 provides extremely good developer support and supports multiple development tools and strategies. That's where I believe the product comes into its own. If you're enterprise, then Okta or Microsoft are probably a better solution. It's worth watching. I would rate this product an eight out of 10.
Auth0 is a comprehensive identity management solution that securely authenticates and authorizes users on different platforms and applications. It offers seamless integration, easy configuration, and reliable performance for managing identity and access. Users appreciate its flexibility, scalability, and support for multi-factor authentication.
With robust documentation and excellent customer service, Auth0 enables developers to efficiently implement authentication and authorization...
It is a good product if you are a B2C or B2B solution or any app or consumer product. Overall, I rate the solution an eight out of ten.
I would rate the solution a ten out of ten.
Auth0 is quite a low-cost and stable product. It provides a lot of good functionality as well. It is easy to use, manage and is very intuitive. Additionally, we can look at the logs and troubleshoot the issues. I rate it an eight out of ten.
I would rate this solution as six out of ten. There are a few small problems, like with Management API. For integration purposes, it's easy to use. The solution is good for starting projects and for startups. There are a few other options for out-of-the-box solutions, like AWS or Azure AD, but we chose Auth0.
I rate the solution an eight out of ten. The solution is good, but its support for multi-tenancy could be improved further, and advanced authorization capabilities could be included in the next release.
We could manage without Auth0 Rules. We built an architecture in which all the communication to and from Auth0 is centralized in a single service, within our company. We could add this business logic to our service and have the same functionality. But the fact that it's available for us in Auth0 means we don't need to change our code or our service to support it, and that makes things a little bit more convenient. On a scale of one to 10, the importance of Auth0 Rules for us would be a seven. The biggest lesson I have learned from using Auth0 is that when a company does something very well, you are probably better off using their service instead of trying to do it yourself. Doing it on your own requires investing in the development and the maintenance of it. Also, things change over time and you have to keep up. The policy in our company is that whenever a company does something very well, and it is not our core business, and the price is reasonable, we might want to pay them to externalize that product or service.
To someone who says we can build authentication in-house, I would say that you can try it, but you will probably fail at it. The authentication and authorization process is really complex. You need to be really focused on that to be able to deliver a solution that is really secure and compliant with different standards. You can sleep peacefully having Auth0 deployed. With solutions that are built in-house, you will probably have some basic functions, but in my opinion, there is a vulnerability that will probably be exploited in the future. Auth0 is hiring people who are committed only to one particular area of computer science, which is authentication and authorization. They really understand the different algorithms that are behind that. So, if you do not have such engineers in-house, you will probably have a solution that is not 100% bulletproof. For us, MFA is required every time someone logs in. Even though I like the idea of Adaptive MFA, it is not a good fit for our business model. Auth0 allows us to turn on or off features like social logins, MFA, or Anomaly Detection with the flip of a switch, but it is hard to assess the importance of this feature. The ability to customize the flow for authentication and authorization is very important for us, but as a company, we don't need social logins and so on. Having them enabled would be considered unprofessional in our area, and we don't need to turn them on. So, this is very important for us that things that we do not use can be turned off. It hasn't helped to increase new-user conversion due to less sign-up or login friction because that is not in our business use case. We do not allow people to sign in to our solutions. We are business-to-business. Similarly, it has not decreased customer support tickets due to password issues because that's not applicable to us. I would rate Auth0 an eight out of 10. I will always say that I am a really big fan of Auth0.
This solution does what we want it to do. It's good and I don't see any issues. For anyone wanting to use this solution, make sure that your developers are fully engaged. They have to know how Auth0 works and what the best way to leverage it. I would rate this solution an eight out of ten.
During our exploration and evaluation, Auth0 and Okta were the top contenders from a pure authentication point. My advice for anybody who is considering such a system is to have multiple authentication systems evaluated from a technical point of view, and adopt the one which rightly suits your use case and requirements. Different products have different features sets, but what matters most is that it is purely compatible with your use case. Scalability is probably the most crucial factor. I would rate this solution an eight out of ten.
In terms of advice, I think that if your application is developer-driven, then Auth0 provides extremely good developer support and supports multiple development tools and strategies. That's where I believe the product comes into its own. If you're enterprise, then Okta or Microsoft are probably a better solution. It's worth watching. I would rate this product an eight out of 10.