[asafc]

It's always a valid choice to build your own, just not cost-efficient for some. It's considered safe to use cloud authentication providers like Okta, Auth0, etc as well as cloud billing providers like Stripe, etc.

An authorization proxy is quite the same, and I would argue that for some teams is much safer to use than building your own AuthZ. Broken access control is the top OWASP risk for a reason (i.e: implementation complexity)

source: https://owasp.org/Top10/A01_2021-Broken_Access_Control/