Full Stack PHP/Python AWS Developer at Binary Port
Real User
Top 10
2024-10-30T11:45:00Z
Oct 30, 2024
I recommend the solution as it provides strong security with more control over access. It supports various authentication methods. I'd rate the solution ten out of ten.
Director Cloud Software Development at a manufacturing company with 201-500 employees
Real User
Top 20
2024-09-04T21:21:39Z
Sep 4, 2024
As a developer, I would rate it at nine out of ten. That’s because it’s very flexible. Developers can easily learn the system and get used to developing on it, like configuring automation, configuring integration, and things like that. But, again, it’s for developers. You should know how the API integrations work and things like that. But if you are a user in general, I think I would rate it at six or seven, probably seven, because if you’re not a developer, you need to spend time exploring more. Also, the scoped user management for a specific customer is not available out of the box with Auth0. So that’s something which, if you are a product manager, you would definitely look at. But if you’re a developer, that’s just an opportunity to build something on top of that.
The tool's universal login feature impacted user experience mostly in the social login aspect. This includes accessing platforms like Facebook or WhatsApp using a Gmail account, which has become standard and is no longer seen as rocket science. When you log in, the company generates an SSO token, often from Azure AD. I rate the overall solution a seven out of ten.
Auth0 is quite a low-cost and stable product. It provides a lot of good functionality as well. It is easy to use, manage and is very intuitive. Additionally, we can look at the logs and troubleshoot the issues. I rate it an eight out of ten.
I would rate this solution as six out of ten. There are a few small problems, like with Management API. For integration purposes, it's easy to use. The solution is good for starting projects and for startups. There are a few other options for out-of-the-box solutions, like AWS or Azure AD, but we chose Auth0.
I rate the solution an eight out of ten. The solution is good, but its support for multi-tenancy could be improved further, and advanced authorization capabilities could be included in the next release.
We could manage without Auth0 Rules. We built an architecture in which all the communication to and from Auth0 is centralized in a single service, within our company. We could add this business logic to our service and have the same functionality. But the fact that it's available for us in Auth0 means we don't need to change our code or our service to support it, and that makes things a little bit more convenient. On a scale of one to 10, the importance of Auth0 Rules for us would be a seven. The biggest lesson I have learned from using Auth0 is that when a company does something very well, you are probably better off using their service instead of trying to do it yourself. Doing it on your own requires investing in the development and the maintenance of it. Also, things change over time and you have to keep up. The policy in our company is that whenever a company does something very well, and it is not our core business, and the price is reasonable, we might want to pay them to externalize that product or service.
To someone who says we can build authentication in-house, I would say that you can try it, but you will probably fail at it. The authentication and authorization process is really complex. You need to be really focused on that to be able to deliver a solution that is really secure and compliant with different standards. You can sleep peacefully having Auth0 deployed. With solutions that are built in-house, you will probably have some basic functions, but in my opinion, there is a vulnerability that will probably be exploited in the future. Auth0 is hiring people who are committed only to one particular area of computer science, which is authentication and authorization. They really understand the different algorithms that are behind that. So, if you do not have such engineers in-house, you will probably have a solution that is not 100% bulletproof. For us, MFA is required every time someone logs in. Even though I like the idea of Adaptive MFA, it is not a good fit for our business model. Auth0 allows us to turn on or off features like social logins, MFA, or Anomaly Detection with the flip of a switch, but it is hard to assess the importance of this feature. The ability to customize the flow for authentication and authorization is very important for us, but as a company, we don't need social logins and so on. Having them enabled would be considered unprofessional in our area, and we don't need to turn them on. So, this is very important for us that things that we do not use can be turned off. It hasn't helped to increase new-user conversion due to less sign-up or login friction because that is not in our business use case. We do not allow people to sign in to our solutions. We are business-to-business. Similarly, it has not decreased customer support tickets due to password issues because that's not applicable to us. I would rate Auth0 an eight out of 10. I will always say that I am a really big fan of Auth0.
Security Architect at a construction company with 10,001+ employees
Real User
2020-07-19T08:15:53Z
Jul 19, 2020
This solution does what we want it to do. It's good and I don't see any issues. For anyone wanting to use this solution, make sure that your developers are fully engaged. They have to know how Auth0 works and what the best way to leverage it. I would rate this solution an eight out of ten.
Platform Engineer - Linux at a tech services company with 201-500 employees
Real User
2020-07-12T11:48:49Z
Jul 12, 2020
During our exploration and evaluation, Auth0 and Okta were the top contenders from a pure authentication point. My advice for anybody who is considering such a system is to have multiple authentication systems evaluated from a technical point of view, and adopt the one which rightly suits your use case and requirements. Different products have different features sets, but what matters most is that it is purely compatible with your use case. Scalability is probably the most crucial factor. I would rate this solution an eight out of ten.
Security Architect at a construction company with 10,001+ employees
Real User
2019-11-14T06:33:00Z
Nov 14, 2019
In terms of advice, I think that if your application is developer-driven, then Auth0 provides extremely good developer support and supports multiple development tools and strategies. That's where I believe the product comes into its own. If you're enterprise, then Okta or Microsoft are probably a better solution. It's worth watching. I would rate this product an eight out of 10.
Auth0 is a comprehensive identity management solution that securely authenticates and authorizes users on different platforms and applications. It offers seamless integration, easy configuration, and reliable performance for managing identity and access. Users appreciate its flexibility, scalability, and support for multi-factor authentication.
With robust documentation and excellent customer service, Auth0 enables developers to efficiently implement authentication and authorization...
I recommend the solution as it provides strong security with more control over access. It supports various authentication methods. I'd rate the solution ten out of ten.
As a developer, I would rate it at nine out of ten. That’s because it’s very flexible. Developers can easily learn the system and get used to developing on it, like configuring automation, configuring integration, and things like that. But, again, it’s for developers. You should know how the API integrations work and things like that. But if you are a user in general, I think I would rate it at six or seven, probably seven, because if you’re not a developer, you need to spend time exploring more. Also, the scoped user management for a specific customer is not available out of the box with Auth0. So that’s something which, if you are a product manager, you would definitely look at. But if you’re a developer, that’s just an opportunity to build something on top of that.
The tool's universal login feature impacted user experience mostly in the social login aspect. This includes accessing platforms like Facebook or WhatsApp using a Gmail account, which has become standard and is no longer seen as rocket science. When you log in, the company generates an SSO token, often from Azure AD. I rate the overall solution a seven out of ten.
It is a good product if you are a B2C or B2B solution or any app or consumer product. Overall, I rate the solution an eight out of ten.
I would rate the solution a ten out of ten.
Auth0 is quite a low-cost and stable product. It provides a lot of good functionality as well. It is easy to use, manage and is very intuitive. Additionally, we can look at the logs and troubleshoot the issues. I rate it an eight out of ten.
I would rate this solution as six out of ten. There are a few small problems, like with Management API. For integration purposes, it's easy to use. The solution is good for starting projects and for startups. There are a few other options for out-of-the-box solutions, like AWS or Azure AD, but we chose Auth0.
I rate the solution an eight out of ten. The solution is good, but its support for multi-tenancy could be improved further, and advanced authorization capabilities could be included in the next release.
We could manage without Auth0 Rules. We built an architecture in which all the communication to and from Auth0 is centralized in a single service, within our company. We could add this business logic to our service and have the same functionality. But the fact that it's available for us in Auth0 means we don't need to change our code or our service to support it, and that makes things a little bit more convenient. On a scale of one to 10, the importance of Auth0 Rules for us would be a seven. The biggest lesson I have learned from using Auth0 is that when a company does something very well, you are probably better off using their service instead of trying to do it yourself. Doing it on your own requires investing in the development and the maintenance of it. Also, things change over time and you have to keep up. The policy in our company is that whenever a company does something very well, and it is not our core business, and the price is reasonable, we might want to pay them to externalize that product or service.
To someone who says we can build authentication in-house, I would say that you can try it, but you will probably fail at it. The authentication and authorization process is really complex. You need to be really focused on that to be able to deliver a solution that is really secure and compliant with different standards. You can sleep peacefully having Auth0 deployed. With solutions that are built in-house, you will probably have some basic functions, but in my opinion, there is a vulnerability that will probably be exploited in the future. Auth0 is hiring people who are committed only to one particular area of computer science, which is authentication and authorization. They really understand the different algorithms that are behind that. So, if you do not have such engineers in-house, you will probably have a solution that is not 100% bulletproof. For us, MFA is required every time someone logs in. Even though I like the idea of Adaptive MFA, it is not a good fit for our business model. Auth0 allows us to turn on or off features like social logins, MFA, or Anomaly Detection with the flip of a switch, but it is hard to assess the importance of this feature. The ability to customize the flow for authentication and authorization is very important for us, but as a company, we don't need social logins and so on. Having them enabled would be considered unprofessional in our area, and we don't need to turn them on. So, this is very important for us that things that we do not use can be turned off. It hasn't helped to increase new-user conversion due to less sign-up or login friction because that is not in our business use case. We do not allow people to sign in to our solutions. We are business-to-business. Similarly, it has not decreased customer support tickets due to password issues because that's not applicable to us. I would rate Auth0 an eight out of 10. I will always say that I am a really big fan of Auth0.
This solution does what we want it to do. It's good and I don't see any issues. For anyone wanting to use this solution, make sure that your developers are fully engaged. They have to know how Auth0 works and what the best way to leverage it. I would rate this solution an eight out of ten.
During our exploration and evaluation, Auth0 and Okta were the top contenders from a pure authentication point. My advice for anybody who is considering such a system is to have multiple authentication systems evaluated from a technical point of view, and adopt the one which rightly suits your use case and requirements. Different products have different features sets, but what matters most is that it is purely compatible with your use case. Scalability is probably the most crucial factor. I would rate this solution an eight out of ten.
In terms of advice, I think that if your application is developer-driven, then Auth0 provides extremely good developer support and supports multiple development tools and strategies. That's where I believe the product comes into its own. If you're enterprise, then Okta or Microsoft are probably a better solution. It's worth watching. I would rate this product an eight out of 10.