On his way to becoming an aerospace engineer, Auth0 Senior Solutions Architect - Professional Services Carlos Mostek realized he enjoyed writing software to solve engineering problems almost as much as he enjoyed solving the problems themselves. His degree made him a real rocket scientist, but still not satisfied, he went on to work on modeling and simulation for a defense contractor before completing his Master of Software Engineering at the University of Minnesota - Twin Cities.
"Discover how his background as a rocket scientist and fire juggler helps @auth0 Senior Solutions Architect @mostekcm solves customer challenges."
Working on defense robotics proved exciting, but the long production cycle meant it took years for his efforts to reach the real world. After six years, he left defense robotics for a finance project with his defense projects still eight years away from the field. Two months after shifting to finance, he had code in production and was back to working on “fun, hard problems,” says Carlos. “That's a cool thing about software — there are hard problems in almost any area.”
Like many developers, Carlos always has a side project or three, which is how he discovered Auth0. The easy, fast authentication integration allowed him to keep his focus on core tasks. “I loved the concept that nobody builds their own database anymore, nobody should be building their own authentication/authorization anymore. That really resonated with me as a developer,” says Carlos. Eventually, that resonance led him to Auth0 Professional Services.
We sat down with Carlos to talk about his love of hard problems, fascination with the evolving world of identity, and how making customers happy is his reward.
On working with identity:
Identity is one of those things where nobody wants to do it, but everybody knows that if you don't do it right, bad things can happen.
I've always been somebody who wanted to take apart the pieces of things and put them back together so I could understand how they work inside. So I think that's what got me into identity.
Identity’s a quickly evolving arena. There's new techniques, new thoughts, and our platform is continually evolving. As long as I'm still learning and I'm continuing to improve and I'm helping other people get mastery, then I'm having fun and enjoying myself.
On the satisfaction of unraveling complicated problems:
The most satisfaction I get out of my job is when I see my hard work making somebody else's day better. The more directly can work with the person who's actually getting the benefit the happier I am.
With Auth0, I talk to customers almost every day. Even if somebody's really unhappy, if I can work with them and take them from being unhappy to being very happy, that's an extremely rewarding thing for me, especially if it's as a result of my ability to unravel and unwrap a complicated problem for them, make it simpler and come up with a solution that makes everybody — including our customer’s customers — happy.
"Helping customers solve hard problems can lead to happiness, says @auth0 Senior Solutions Architect @mostekcm. Find out how his approach to finding answers in this QA."
A good example is when I can work with a customer to get them a mobile login flow that uses a browser — [or universal login] (https://auth0.com/universal-login) instead of a native login form. Initially many customers push back on this thinking that it will result in a poor customer experience, but once we work with them and show them how easy it is, they end up really happy with the solution. Particularly when they realize they need to add MFA or consent or anything else that is so much easier with universal login.
The thing I like about professional services is that I get exposure to all different parts of Auth0 as a platform versus seeing only the parts that I'm developing. I get to see and experience different customer use cases and figure out what is unique and what is different about each customer. I also get to take advantage of my ability to relate to people, get along with people, and communicate. One of my strengths is the ability to communicate a complex topic to a customer in a way that they will understand it without having to become an expert themselves.
On the tenets Carlos follows while working with customers:
The first is making sure that we step back and look at the problem that they're trying to solve. The second thing is transparency — to make sure that they understand the risks associated with the decisions that they're making. And alongside that is understanding. Every customer is going to have similarities to other customers and other businesses, and they're also going to have things that make them unique. Everybody has a different set of core principles and priorities within their business, and there are often tradeoffs between the "right way" to do it and what they would like to see in their system.
In fact, many times when I'm making a recommendation, people say, “why can't I do it this way with Auth0, and I have to clarify and say, "Actually you can. We have the ability for you to do it that way. It's just that we have other best practices for security and scalability. It's not really an Auth0-ism as much as it is a standard-industry concern."
On the importance of white-boarding and doing architectural design while on a call:
Collaboration is always a rewarding experience. I know that they're going to be a more satisfied customer. I do have some customers who say, "We just don't know, and please just tell us." But I have a lot of customers who have built systems. They've used OAuth before, they're familiar with authentication and authorization, and they have a pretty good understanding — though sometimes they are missing certain pieces or haven’t considered things, or maybe there's something that's has changed in the identity world that they haven't seen yet. With these customers, in particular, it's really important to be more collaborative instead of just an educator.
On his most intriguing use case:
One of the more complex scenarios is a company that supports research studies. They are a B2B scenario, and they're multitenant. Each research university has their own environment. But within that environment, each university has its own unique way that they would authenticate users. Some are doing usernames and passwords, some are bringing their own identity (for example whatever they're using for the university email, they might use that for authentication for the university employees). And then at the same time, a lot of those places need to enable study participants to be able to log in and register notes as a study requirement.
The study participants also need to be able to authenticate. They want to provide those participants with the option to use social authentication to make it easier for them, or have those customers be able to authenticate using a username and password. They are also a multi-application environment. One university had, six, seven, eight different applications. Some of them were single-page apps, some of them were web apps, they have a mobile app, and then they all need to be able to handle all these different types of authentication mechanisms.
It was a spider web of possibilities for how to do things. But at the end of the day, we were able to solve most of that in a pretty good way. Without having to get too creative, because being creative is fun, but it's not always the best way to do things with identity. Everything related to identity needs a threat analysis. The more choices that are made that don't align with the standards (the more creative we get), the more likely that there is a threat vector yet to be discovered.
On Carlos’ advice for customers trying to decide if they need professional service:
We've found that Auth0 does make things really, really easy. But Auth0 is also a very flexible platform. So oftentimes the solution is just a simple flip of a switch, but the knowledge of which switch to flip in order to get things to work smoothly and easily and always, in the long run, is where the professional services team comes in.