What do you like best about the product?

I really appreciate the customization FusionAuth brings to the table - it’s a standout feature that gives you the flexibility to mold it to your specific needs. The model is well-designed, and the feature set is impressive, covering a lot of bases for authentication and user management. It feels developer-friendly, which makes integration into projects smoother and more enjoyable.

What do you dislike about the product?

Despite its strengths, there are some frustrating drawbacks. The API breaking between releases is a big issue - it’s disruptive and adds unnecessary rework. I also found the authorization customization lacking; there’s no easy way to implement permission-based or attribute-based authorization, which feels like a missed opportunity for a service like this. On top of that, the API can be unreliable. For example, when deleting a user from a group, I’ve seen inconsistent results—sometimes it removes their roles, sometimes it doesn’t, and it’s unpredictable. These issues make it harder to rely on consistently.

What problems is the product solving and how is that benefiting you?

FusionAuth is solving problems related to authentication, authorization, two-factor authentication (2FA), and single sign-on (SSO) by offering a system that manages user logins, assigns basic roles, provides 2FA options like Google Authenticator or SMS, and enables SSO across applications using standards like OAuth2 and OpenID Connect. For me, this means I can offload these identity management tasks without building them from scratch, which reduces development time. However, the inconsistent API behavior - like unpredictable role deletions when removing users from groups - and limited authorization flexibility require me to spend extra effort on workarounds or adjustments.