Rearchitecting Holland and Barrett

“Like many old-school retailers out there, Holland and Barrett started their online journey by relying on out-of-the-box solutions.,” explained Paris Apostolopoulos, Engineering Manager at Holland and Barrett.

Although the previous stack served the company well as it grew its online presence, the growing shift from physical retail to e-commerce emphasized the need for the company to take full ownership of its technological architecture. 

“We previously relied on huge, commercial systems that owned both the functionality and customer data. As we sought to better understand our customers and improve their shopping experience, we realized we had to move away from that. We needed a modern system that is easier to secure, more flexible, and is easier for customers to use,” Apostolopoulos said. 

Rebuilding an e-commerce giant from the ground-up is no small task. It required Apostolopoulos and his team to make decisions with profound consequences for the future growth and evolution of the platform. 

“Our original identity system was a simple Java-based web service that tied together the various Oracle products we used,” he said. 

“We thought about re-implementing that functionality using a modern tech stack, but ultimately decided against it. We’re in the business of retail. We don’t want to re-invent the wheel. We want something that would ultimately put us in a more secure position, while proving easier to develop and maintain.”

The Auth0 Factor

Security was Holland and Barrett’s first priority. Data migration and long-term maintenance followed. 

“We want our users to securely access our website. But, at the same time, we’re currently dealing with 15 years of legacy systems. We needed something that was flexible and would allow us to easily make changes in the years to come,” said Apostolopoulos. 

“We saw so many companies doing amazing things with Auth0. But we also saw that migrations were easy and robust. We could transition from our existing platform to Auth0 without our customers noticing anything. That was important because, from a business side, we don’t want to lose customer data or accounts. The only thing they should see is a nice UI, and that’s it,” he added. 

In three months, Apostolopoulos and his team had built a new authentication layer based on Auth0. Development represented a fraction of this time. 

“In the case of our web applications, we integrated Auth0 in one day. Our mobile apps took a little bit longer. The biggest challenge was moving our customer data from the existing proprietary tools to our new infrastructure,” he said. 

“Our contract included a number of support hours with Auth0 architects. We found the tooling and documentation really mature, and the only time we asked for help was when dealing with specific migration challenges. The quality of support was incredible. We had specific questions and received definitive answers.” 

Holland and Barrett’s Identity Journey

Starting from scratch is a daunting task. Especially when you’re one of the world’s leading wellness brands. Although Holland and Barrett are yet to deploy Auth0’s more advanced identity features, like Social Login, it feels confident that its chosen solution will give it the flexibility to make more ambitious improvements in the future. 

“There’s still a lot of work to do, but we’re thrilled we don’t have to deal with authentication anymore. Auth0 has saved our developers a lot of work,” said P. Apostolopoulos.