Auth0 Platform

We have multi-tenant applications. We initially conducted POCs with other providers including Cognito and some open-source providers, as well as Auth0 Platform . We chose Auth0 Platform  because it provides excellent multi-tenant tenancy support, such as creating multiple organizations and having separate users within each organization, which aligned with our application requirements.

Auth0 Platform offers good support and community resources, along with APIs and SDKs. We have Next.js in the frontend and FastAPI in the backend. We used Auth0 Platform SDKs to handle all communication with Auth0 Platform from the frontend. After we receive tokens, we use those tokens in the APIs. From the backend, we use Auth0 Platform public keys to authenticate the token and retrieve user information.

We implemented Auth0 Platform workflow with two-step verification using authorization code with PKCE. Auth0 Platform generates automatic verification codes whenever users log in. This verification code is sent again after receiving authorization codes to obtain the actual token, which is an encrypted token. When we pass this token to APIs, we retrieve published keys to obtain token information and signatures, which are verified before access to backend system APIs is granted. Everything is handled by Auth0 Platform. From a security and compliance perspective, we receive JWT tokens that we verify using the keys, which secures our backends. We have a central gateway where we route APIs, and on the gateway, we have added Auth0 Platform token verification. If verification passes, we allow access to the application layer; otherwise, we deny the request with appropriate codes like 401 or 403.

From a compliance perspective, we did not want to store user IDs and passwords. We used passwordless authentication through email OTP or phone OTP. We also implemented enterprise connections such as Google Workspace  and Microsoft Azure  AD. The organization support feature allows us to define users based on organizations. Passwordless authentication is a particularly good feature when compared with other platforms.

Auth0 Platform offers good support and community resources, along with APIs and SDKs. We used Auth0 Platform SDKs to handle all communication with Auth0 Platform from the frontend. After we receive tokens, we use those tokens in the APIs. From the backend, we use Auth0 Platform public keys to authenticate the token and retrieve user information. The community support was particularly helpful when we encountered obstacles during implementation. We received excellent support from the community when we were stuck. The SDKs provided a plug-and-play experience with minimal changes required to start working with Auth0 Platform from the frontend.

Auth0 Platform is a large company, which results in less flexibility in their applications. We encountered a few issues, and when we consulted the community, they did not have answers. We had to modify our workflow to adjust to their current system.

Pricing is a significant issue we faced. As a small company, we need SSO  login and other login methods. However, accessing SSO  logins requires subscribing to the enterprise plan. Auth0 Platform does not offer basic plans with a few SSO connections that we could try. We must subscribe to a major plan to access most of their features. While this works well for larger companies, for small companies or those conducting POCs, this affects our budget allocation for other initiatives.

Additionally, if we need to serve users in the US, Canada, Europe, and potentially India, we require the ability to keep data in specific countries. Creating multiple Auth0 Platform tenants for data residency requirements is only available in enterprise or higher plans, not in basic plans. Auth0 Platform does not currently have an Indian tenant to serve Indian users. We must use a US or other available tenant and keep Indian user data there. We had a requirement to create an Indian tenant, but since it is not available, we proceeded with a US tenant.

We have been using Auth0 Platform for approximately two years. We received startup credits for one year, and after that program expired, we transitioned to enterprise billing.

We have been using Auth0 Platform for approximately two years. We have not experienced any downtime during this period. Auth0 Platform is already compliant with security and other requirements. We have not encountered any reliability issues, and Auth0 Platform appears reliable for our use case.

Auth0 Platform handles all scaling on their own. We do not need to worry about scaling on their end. We set up our Auth0 Platform tenant, and they handle all logins and scaling. We receive tokens, and how we pass and verify those tokens is what we need to scale from our backend. We can scale our system horizontally. Auth0 Platform is already managed by their team, and we do not need to worry about it. It is a plug-and-play solution.

We spent approximately one or two days setting up the platform. Since then, we have not needed to worry much. Auth0 Platform has been working as expected, and we only need to scale our system. We do not touch Auth0 Platform for day-to-day operations. It is a one-time setup. There might be changes needed based on requirements, but we do not make changes to Auth0 Platform on a day-to-day basis. We do not have to worry about Auth0 Platform operations; we only need to scale our system.

The support team is very good. We faced some issues and raised tickets. Our support team responded immediately and was very responsive. In one instance, a support representative joined a call and explained and resolved the issue. The support team provides immediate support.

We initially conducted POCs with other providers including Cognito and some open-source providers before selecting Auth0 Platform. We chose Auth0 Platform because it provides excellent multi-tenant tenancy support, including creating multiple organizations and having separate users within each organization.

The setup process is straightforward. We used Auth0 Platform SDK and backend support from the community. It required only a few lines of changes to make it work.

We implemented Auth0 Platform workflow with two-step verification using authorization code with PKCE. Auth0 Platform generates automatic verification codes whenever users log in. The verification code is sent again after receiving authorization codes to obtain the actual token, which is an encrypted token. When we pass this token to APIs, we retrieve published keys to obtain token information and signatures, which are verified before we gain access to backend system APIs.

Auth0 Platform is a famous identity provider. When we onboard clients and they ask about our tech stack and security approach, and we mention that we use Auth0 Platform for their login flow, they are already familiar with it. We do not have to explain much about it. This is beneficial when we onboard clients and explain our architecture because they recognize that Auth0 Platform is a large platform with compliance and security measures in place. This represents a good investment.

We used AWS  to host the backend system.

We evaluated one open-source tool and AWS  Cognito before selecting Auth0 Platform.

If companies have a good budget, they should definitely use Auth0 Platform. However, for small companies with limited budgets, Auth0 Platform's basic plan has limited features, so budget considerations are important. If companies are comfortable with their budget, there are no other issues. For larger companies, Auth0 Platform is a good choice to move forward with.

We spent approximately one or two days setting up the platform. Since then, we have not needed to worry much. Auth0 Platform has been working as expected, and we only need to scale our system. We are satisfied with the solution and do not touch Auth0 Platform for day-to-day operations. It is a one-time setup. There might be changes needed based on requirements, but we do not make changes to Auth0 Platform on a day-to-day basis. We do not have to worry about Auth0 Platform operations; we only need to scale our system. Our overall rating for this solution is 8 out of 10.

We generally use Auth0 Platform  to provide identity provider services to our customers who are not part of our domain, such as when we work for different clients. For one client, Auth0 Platform  was already in place, so we used it to onboard users and applications. External users with domains such as gmail.com or facebook.com were onboarded to Auth0 Platform, and we provided access to them through that platform. We also onboarded a few applications there for those purposes.

Currently, we are not using Auth0 Platform to secure artificial intelligence-powered, generative AI, or agent-based applications. We have only used it for external applications and some internal applications.

Auth0 Platform serves an insurance industry client, specifically an insurance company, with an HR portal, a few portals that the security team uses, and several insurance portals. They use Auth0 Platform for security and as their identity provider.

Auth0 Platform's best features include a great graphical user interface. When any new user who has never used Auth0 Platform previously arrives and has any knowledge in identity and access management, they can easily navigate through the portal and use it without needing any prior training for beginner-level work.

The impact on our company has been positive. If we were to use Entra ID or any other identity provider that we evaluated, we would need to onboard users to our platform and create mail domains or invite them as guests. With Auth0 Platform, integration and providing access to external users, not just organization users, was much easier. Managing users was also easier, and this tool has a great graphical user interface, making it easier for us to check logs if users are facing any issues. Providing any access was also easier and quite smooth.

The biggest return on investment for me using Auth0 Platform is that, compared to Okta, which is an identity provider with a good reputation, Auth0 Platform was a new product. Compared to SailPoint or CyberArk, Auth0 Platform's graphical user interface is quite user-friendly, very easy to use and integrate, and also easier to learn.

Regarding improvements for Auth0 Platform, during the last time I used it, I observed that during log analysis or when using the search or filter options, I missed some features. If I went into Entra and tried to filter to find a log, those filtering features are missing in Auth0 Platform, which I felt could be improved. Additionally, providing users with access to applications was not that easy to navigate, and it was difficult to see which user has which application access. If that could be improved, Auth0 Platform will be more user-friendly.

I rate Auth0 Platform an eight, not a ten, because although it offers a great user experience, there are still some aspects to improve. During log analysis, it is not quite easy for us to see if a user has access to applications or which user is facing any issues, so those filtering features are missing. That is why I rated it eight; otherwise, I would have rated it ten out of ten.

I have been using Auth0 Platform for the last three years, from 2020 to 2025.

During my tenure working with Auth0 Platform, I never saw any kind of lag or Auth0 Platform portal going down. We never faced any challenges due to Auth0 Platform. Unlike Azure , where I have seen outages many times, with Auth0 Platform, I never experienced such issues in the last few years.

Regarding the scalability of Auth0 Platform, the number of users does not matter. As we continue to increase the user count, Auth0 Platform supports it and does not lag. It will support 2,000 users, and we can even onboard more than 2,000 users and work with them smoothly. Users can authenticate through the platform and get authorization to use authorized applications. There are no issues with scalability; Auth0 Platform is very good in this regard.

We never reached out to customer support, as our team did not handle that. Our client dealt with customer support, so I do not have much insight into that area.

I am not sure what solution was being used before Auth0 Platform because Auth0 Platform was already in place when I joined. In other clients, I observed they were using on-premises Active Directory and Entra ID for identity provider services, but in this case, I saw they are integrating Entra ID, Active Directory, and Auth0 Platform as one system. This allows internal users to get authenticated through Auth0 Platform, and external users are also authenticated through Auth0 Platform.

Auth0 Platform's initial setup was not very complex. It was easier compared to other products because it functions as software as a service. We registered it on Entra ID as an application and then started using it.

I am not sure about the help for setup from an integrator, reseller, or consultant, but I see many integrators available. However, I never used any.

The biggest return on investment for me using Auth0 Platform is that, compared to Okta, which is an identity provider with a good reputation, Auth0 Platform was a new product. Compared to SailPoint or CyberArk, Auth0 Platform's graphical user interface is quite user-friendly, very easy to use and integrate, and also easier to learn.

Before choosing Auth0 Platform, I mainly evaluated CyberArk, which is a great product but its graphical user interface is not quite user-friendly. For anything I need to check, I often have to search for where this option is or what I have to do, and it is integrated into one portal, which makes it difficult to remember where everything is. In contrast, with Auth0 Platform, I see everything clearly on the left-hand side menu, and I can navigate without confusion. This is a significant advantage.

Currently, in our environment, we are using mostly all the applications on on-premises servers, and they are getting migrated to cloud, which is Red Hat OpenShift , and they are in pods. I am not sure if all are migrated because when I was working, the migration was in progress.

We had four environments deployed: user acceptance testing, production, test, and development. We used to onboard applications for these environments to the different tenants of Auth0 Platform. The application team performed different testings per their environments, and then we deployed them to production. Auth0 Platform's multi-tenant option was available, which made it easier to deploy different environments of the application in different tenants. It was easier for us to segregate and manage because if any application team did not know their tenant ID or any other details they needed, we could easily provide that information due to the multi-tenant capability in Auth0 Platform.

After implementing Auth0 Platform, I have seen measurable improvements in scalability, security, and developer velocity with our cloud environments. It was easier for us to scale our applications to external users. Through Entra ID, we were required to onboard users through guest invites or inviting them to our tenant, which made it difficult to manage all external and internal users in one tenant due to architectural-level challenges. After integrating Auth0 Platform, everything was segregated. Internal users remained in Entra while external users were directly on Auth0 Platform. This made management straightforward. If we need to work on any external users, we can just log into Auth0 Platform and manage them without worrying about duplicating actions on internal user IDs. Those issues never occurred after implementing Auth0 Platform.

Overall, I rate Auth0 Platform an eight out of ten.