I can easily that Auth0 is one of the best identity management products on the market right now. However, building up your own solution makes sense for some cases as well? Yes and No. Let me analyze and explain pros and cons.

1. Being a Successful Product
Oytun Sengul
oytuneren@gmail.com

2. What they’ve done
successfully so far?
$330M raised in total
Series F funding closed with $120M
just in 6 years
Valuation $1.92B
Results
•Doing job well done
•Product market fit
•Paying more attention to UX Research
•Developer friendly documentations
•User friendly user interface
•All expected features and even more…
•Fast and easy support

3. Magic Quadrant
Report 2019

4. •Try to get Demo
•Checked user reviews
•Reach out users (Gerilla)
•SWOT analyse
Strengths
Threats
Weaknesses
Opportunities
Competitor Analysis
Okta
Keycloak
Cloud Provider’s Solution (Amazon-Google-Microsoft)
• Complicated UI
• Training needed
• Lack of support
• More customisable
features
• Decreasing prices
• More integration
with competitors in
different areas
• Complicated UI
• Training needed
• Developer mindset
• Sales/Marketing
• Better product marketing
• Open source solution with all advantages
• Community
• More out of box integrations,
libraries.
• Lean development approach
and presentation
• Well documented/
materials
• Easy setup
• Multi site accessibility
and multiple level of
administrative
• No community
• Charging for user provisioning
(trouble for big amount of
internal users)
• Easy identity setup for
internal apps
• Well integration between
cloud apps
• Packing solutions for
verticals (e-com, travel,
content etc.)
• IPO
• Backed by giants
• Always ready for sector
standards before everyone

5. Why not
choosing
Auth0?
•The Auth0 price point (quickly increasing based on monthly active users) is
limiting for startups that are strapped for cash who expect fast growth in user
base. Consequently, it may not be a great tool for companies with a large base
of users, because of incrementally increase pricing scenarios.
Pricing
On-premises
They don’t have and it is crucial for some scenarios which described below:
• You can’t fully control your authentication flow.
•You can’t customise dashboard for internal use and can’t manage
administrative management with that way.
•Trust and secure your data, especially in EU.
•Can’t control costs with your way.

6. Validation
500 internal users (employees) and 7000
external active users will cost $2480/m
+
Developing your own product
•1 senior backend developer
•1 project manager
•Architect or CTO consultancy
•1 month analyse + 1 month integration
(depends on complexity of use case)
500 internal users (employees) and 7000
external active users will cost ~$300/m
+
•1 senior backend developer
•1 backend developer
•1 frontend developer
•1 product manager
•Architect or CTO consultancy
•2 months analyse + 4 months development
(depends on complexity of use case)*
* please check last page for details

7. Oytun Sengul
oytuneren@gmail.com
Thanks

8. MVP:
• Use the open sourced Keycloak structure under the hood and build our own needed solution on top of it.
• We would like to use our own custom authentication flow with this structure and use custom design.
• To adopt the completely uselessness of Keycloak's admin panel, to design a completely custom admin panel
and to see and provide its first features that fit us. So design and develop new admin panel, with multiple level
of administrative.
• To prepare our own single sign on services (API) by cloning Auth0 all over this structure.
• We would like to control our own database and our users to get different kind of actions between 300 websites
and apps that we’re managing.
Done:
• Keycloak admin panel has been redesigned and prepared for the basic features of single sign-on structure.
• The main features; creation of users, application-based (server-side and client-side) management features, user
grouping, user-group and application-based authorisation (permissions).
• Auth0-like services cloned. (55%)
Integration:
• Integration services and applications has been developed (Go and JS so far)
• This service has been prepared both as client-side and server-side.
• Documentation is ready.
• All available functions was test/performed on two different test environments and on live.