When building a new app, deciding how to handle identity will be one of your biggest challenges. Whether you only need a simple username & password service and related support, or something far more complex, you will have two basic options to consider:
- Building an in-house identity service
- Leveraging a third-party service like Auth0 for your identity needs
As development teams mull over this decision, they tend to come back to one question over and over again:
“How hard could it be?”
With a room full of experienced and talented developers ready to get down to work, it might seem like the obvious solution to simply build something from scratch. After all, an in-house build will give you full control over the finished product, and it might seem to offer cost savings.
However, the reality of this situation isn’t so simple. Let’s take a closer look at the in-house vs. third-party debate to help you make this important choice.
The Key Considerations
To get started, it will help to establish a framework that can guide your decision. What are the important factors at play for this project? While the precise considerations you need to make will vary based on your business, the three points below are important across the board.
- Cost. Obviously, this is the big one. How much is it going to cost to build your own identity solution, compared to leveraging a third-party option? We will look closer at this topic later in the article.
- Quality. The end result of this process needs to be an identity solution that meets all of your needs. The last thing you want is to be dealing with identity problems within your app on an ongoing basis.
- Time. The longer it takes to meet the identity needs of your app, the more expensive the build will become. A plan that you think will cost less money might not really be more affordable in the end if it takes many months longer to complete.
Taking on the Challenge
For this section, we are going to assume you have decided to build identity in-house. What will that look like in terms of cost, timeline, and functionality? Every case is unique, of course, but we can outline a general progression that most organizations will experience.
Getting things started will be simple enough for most development teams. Assuming you have some experienced developers already on your team, building the basic functions of identity will be relatively straightforward. Things like username & password, signup, and password retrieval will be established in the early going. It’s likely these basics can be built in little more than a week.
With that said, there are many more steps – and much more time – required to produce it and get it ready for implementation. By the time this in-house identity solution is ready to be put into action, you could be as many as 90 days into the development process. And even at this stage, you are still looking at a relatively simple, basic solution. Adding advanced features will take even longer, such as passwordless access, multi-factor authentication, integration with other systems.
The Work Never Ends
The exact timeline for your in-house build will depend greatly on a variety of factors like the experience of your team, the features required, and more. In total, you are likely looking at a range of 4-10 months to have everything up and running.
That may not sound too bad, and it might even fit into the timeline with the rest of your project. But it’s important to remember that the work is not over at that point. Since this is an in-house solution, you’ll need to continue to support it for the entire lifecycle of the app. Running this build will include work like maintaining security, adding new apps, and managing infrastructure. Depending on your industry, there might also be compliance requirements. That’s a significant commitment that will likely require roughly four full-time employees to manage.
Going the Other Direction
Standing in opposition to the plan of building your own custom identity solution is working leveraging the technology offered by Auth0. By going outside your own development team and leaning on a solution that is already available, many of the obstacles above are eliminated. As a result, the timeline is condensed dramatically, and you can go live in short order. In fact, 80% of Auth0 customers are able to go live within just one week.
In addition to shrinking the development time down to just a matter of days, there is also the matter of long-term savings to consider. Rather than needing those four full-time developers to run the build, you’ll need just a single developer to run Auth0. That’s a 75% reduction in salary costs, meaning that money can be invested in other parts of your business.
A Hidden Expense
Before diving into an in-house build project, there is another potential cost that needs to be considered. This is not a hard cost, but rather an opportunity cost that could potentially drag down your business and slow the development of other products or services.
The issue is this – while your development team is working on identity for your app, what are they not working on? In other words, how could you be better using their time to add value to the company? Even if you are able to develop a solid identity solution in-house, that still doesn’t mean doing so was the right decision. The development talent you have on staff might be better served working on other projects while using Auth0 to meet your identity requirements.
An Easy Decision in the End
Could you build identity in-house and come away with a solution that meets your needs? Sure – with the right team, it’s certainly possible. But is it worth it? Probably not. Between the extended timeline, the complexity of the process, and the long-term ramifications of running the build, it’s a bigger task than you might imagine.
This is where Auth0 enters the picture. Identity is what we do, and we do it well. Whether you need a consumer-facing solution or identity management for your employees, our identity platform is ready to serve you. Contact Auth0 today to learn more.
Auth0 provides a platform to authenticate, authorize, and secure access for applications, devices, and users. Security and application teams rely on Auth0's simplicity, extensibility, and expertise to make identity work for everyone. Safeguarding billions of login transactions each month, Auth0 secures identities so innovators can innovate, and empowers global enterprises to deliver trusted, superior digital experiences to their customers around the world.