|
|
|
|
|
|
by TimReynolds
363 days ago
|
|
|
For production systems that need to scale and evolve over time, you’ll regret tightly coupling to Auth0 or Cognito. Don’t misunderstand me—the hosted versions of these services work well, and their hardened, managed interfaces make security testing straightforward. However, the moment you need even minor customization beyond their standard offerings, you’ll find yourself in a frustrating situation. |
|
|
But for a side gig that may or may not pop stuff like Auth0/Clerk is absolutely god send. Auth is hard. Compliance around it is hard. Bad actors deterrence is hard.
Sure, I can roll my own auth with better-auth or similar but I have to think about it. It's the same thing as owning a bare metal and managing my own kubernetes. It's a neat idea, and in some scenarios can be cheaper/more beneficial, but for most scenarios, especially low key side projects or startups it's too much of a hassle. I'd better delegate that mess to someone else for free - for now, and pay the bill later on, when I have to money to share.
If I'd be starting a well researched project with decent founding I would probably roll my own solution, but when talking about side project or personal moonshot it's way better to stick with "responsibility as a service" scheme.