Why Toast Shifted to Microservices, Starting with Auth0
The restaurant POS disruptors updated IAM to keep growing
About
Launched in 2013, Toast powers successful restaurants of all sizes with a technology platform that combines restaurant POS, front of house, back of house and guest-facing technology with a diverse marketplace of third-party applications. By pairing technology with an unrivaled commitment to customer success, Toast helps restaurants streamline operations, increase revenue and deliver amazing guest experiences.
Industry
Software/Technology
Region
AMER
Every restaurant, during every shift, performs a complex dance between front of house workers, kitchen staff and customers. Toast is a restaurant point-of-service (POS) provider that operates on the principle that POS systems should simplify that dance, not act as a stumbling block. In an industry long dominated by cumbersome and expensive platforms, Toast’s solution makes it easy for staff to communicate, managers to make changes, and customers to order and pay.
Toast’s innovative platform has earned it tens of thousands of customers and a$4.9 billion valuation since its founding in 2013. But in the midst of this growth, Toast discovered that its own legacy systems needed an upgrade.
“Our web application had become more of a monolith as time progressed, and we wanted to move off that monolith and toward a more microservice world,” says Chance Kirsch, Toast’s staff software engineer. "In order to make that transition, we needed to find the right authentication provider to transition to."
“Our web application had become more of a monolith as time progressed, and we wanted to move off that monolith and toward a more microservice world. In order to make that transition, we needed to find the right authentication provider to transition to."
Chance KirschStaff Software Engineer
Mending a “Disjointed” Authentication Experience
In 2019, Toast began exploring the possibility of using a third-party Identity-as-a-Service (IDaaS) provider. The company wanted a better unified OAuth authentication workflow across its applications, particularly since the company had recently acquired a new payroll company that would need to be integrated with the rest of Toast’s infrastructure.
“We were completely integrating that company’s platform applications into our suite of experiences, and there were some huge challenges around consolidating accounts,” says Nora Drago, a senior product manager at Toast. “Identity management across applications, login experiences like Single Sign On and social logins, these are things we didn’t have, and it was a very disjointed experience. So there was a lot of opportunity for us to work with Auth0 and leverage their capabilities to solve some of these challenging and weighty experiences for our customers.”
“In researching various IDaaS providers, we compared companies across a matrix of categories and ranked them with a weighted score for each comparator,” Chance says. “AWS Cognito was one of the options, and was the cheapest option. After talking to them, though, we found out they really weren’t made for our business-to-business (B2B) model, and at the end of our call with AWS, they recommended exploring Auth0.”
“There was a lot of opportunity for us to work with Auth0 and leverage their capabilities to solve some of these challenging and weighty experiences for our customers.”
Nora DragoSenior Product Manager
A Streamlined Experience for Users
Toast opted to use Auth0’s Private Cloud, citing its security benefits and its higher user capacity. They began migrating their users, one group at a time, starting with web application users.
So far, the migration has appeared seamless to users, but Toast has added features to make navigating the app easier. “Previously, if you wanted to go to our helpdesk application, you had to do a separate login, which was a tedious process for our users,” Chance says. “And with Auth0, we implemented Single Sign On (SSO), so now the moment you click ‘login,’ you’re automatically logged in.”
Additionally, Toast is using Auth0 Rules to trigger multi-factor authentication (MFA) for certain users, such as restaurant administrators. They also have a rule for adding specific claims to user tokens which avoids having to ping their database to know what the user's name or role is.
According to Drago, Toast is just beginning to take advantage of the ways Auth0 can benefit users by “making it easier for them to seamlessly move through an upsell opportunity or an onboarding opportunity so there are fewer touchpoints by our internal teams, less hand-holding.”
“Previously, if you wanted to go to our helpdesk application, you had to do a separate login, which was a tedious process for our users. And with Auth0, we implemented Single Sign On (SSO), so now the moment you click ‘login,’ you’re automatically logged in.”
Chance KirschStaff Sofware Engineer
A Faster Release Cycle Means a Better Product
In the past, Toast's release cycles moved slower, which forced teams to wait at least a week for new changes to be deployed. “These are urgent bugs, and it’s not ideal that you have to wait or go through a cumbersome process,” Drago says.
But now, working with Auth0 has freed teams to make urgent fixes themselves which can accelerate the release cycles. “That’s the great thing about separating these things out of our monolith applications,” Chance says. “We, as a team, have the ability to release things ourselves without worrying if another team introduced a change that broke something. So we could do a hotfix immediately rather than waiting a whole day because something didn’t go right.”
Looking ahead, Toast plans to migrate the rest of their user groups to Auth0’s platform and implement social logins. Toast is currently focused on enhancing technologies that enable online ordering and takeout given the COVID-19 pandemic. Still, Drago says, Auth0 is helping Toast prepare for growth. “We want to be ready for growth. That’s part of the reason we integrated with Auth0, and it very much still holds.”
“We want to be ready for growth. That’s part of the reason we integrated with Auth0, and it very much still holds.”
Auth0, a product unit within Okta, takes a modern approach to identity and enables organizations to provide secure access to any application, for any user. The Auth0 Identity Platform is highly customizable, and is as simple as development teams want, and as flexible as they need. Safeguarding billions of login transactions each month, Auth0 delivers convenience, privacy, and security so customers can focus on innovation. For more information, visithttps://auth0.com.