I absolutely hate hand-rolling auth for every new SAAS system. I advocate e.g. Auth0 everytime, because no one gives a shit about logging in. It is such an inconsequential part of the product offering, yet it consumes _so much_ time and energy because of the (justified) importance of "doing it right".
I understand the SAAS offerings are relatively expensive, but its just such an engineering sink. Especially once you start getting into SSO, MFA, and the like. So yes, I'm 100% in favor of outsourcing it.
EDIT: Authorization is different. Absolutely keep that in your database if you can.
I understand the SAAS offerings are relatively expensive, but its just such an engineering sink. Especially once you start getting into SSO, MFA, and the like. So yes, I'm 100% in favor of outsourcing it.
EDIT: Authorization is different. Absolutely keep that in your database if you can.