Home-grown login integrations were preventing an outstanding gaming experience for users. Auth0 provided the foundation to secure user data and enable Battlefy to focus on innovation.
Battlefy is an online gaming platform that provides organizers with the tools to create and manage eSports events, where gamers engage in competitive multiplayer games for spectators. A burgeoning industry, eSports is experiencing 22% annual growth and is estimated to reach $1 billion market share in the next three years (Goldman Sachs). As of January 2017, event organizers had run more than 75,000 tournaments across college clubs and national eSports organizations.
As a major player in the eSports niche, Battlefy had specific needs when it came to identity:
After a proof of concept, Battlefy successfully implemented Auth0’s services in less than a month. Now Battlefy looks to the future for additional use cases to continue improving their users’ experience and expand Auth0’s functionality.
Given the popularity of the platform and its growing user base, Battlefy was intent on finding an identity management solution that would improve the security of its users. They sought a secure way to store password hashes and other sensitive user information.
Their previous system was a home-grown integration with Facebook and Twitter, but the goal was also to find a cloud OAuth provider that offered flexibility to easily add Google, Twitch, and VK logins over time. Twitter and Twitch functionality were especially critical, given the demands of their user base.
“To Battlefy, Auth0 is really the only identity service provider. We turned to them to replace existing social logins and gain the ability to remove password hashes from our database. Great documentation, easy-to-use API, and a great administrator panel.”
-Ronald Chen, Sr. Software Developer, Battlefy
Battlefy carefully evaluated Auth0 and four other providers to find the best solution. After the review process, the choice came down to either using Auth0 or attempting to build their own identity management system. Ultimately, Battlefy realized it was much more time- and cost-efficient to implement than build from scratch, especially when Auth0 provided everything they needed to build from the ground up, including:
Battlefy started using Auth0 with a proof of concept, with a total implementation time of less than a month. Google and VK logins were quickly added soon thereafter, taking only one day each to implement. “That was the whole purpose of wanting Auth0,” explains Chen.
Battlefy expanded the scope further to take advantage of Auth0’s dashboard, which allows them to easily manage user identities, search and log in as specific users. Auth0 currently manages the identity of Battlefy users, while the user profile base remains in Battlefy’s database. The plan is to eventually migrate the entire user profile to Auth0.
The biggest benefit since implementing Auth0 has been their ability to eliminate sensitive user-private information, including password hashes, from their own database. Relying on Auth0 provided Battlefy with the ability to focus on growing its eSports platform and save valuable resources, rather than develop any custom solutions.
For example, Battlefy used JSON web tokens to eliminate steps when organizing user profile data.
Auth0 promises security as a core principle, but Battlefy was very pleased with the extent of protection provided to keep user-private data safe. In one instance when Battlefy users were locked out of their accounts due to a potential security threat (attempted multiple failed passwords), Auth0’s platform enabled them to customize the alert feature and accurately communicate this higher level of security to users, while keeping accounts protected.
An unexpected bonus was further improving internal security by tying employee logins to the internal management tool that is hosted online, a huge advantage since Battlefy employees are distributed around the world. Only accessible through their Google Apps account, the internal platform is now as secure as its external.
Auth0 checked off all the boxes of Battlefy’s needs, and then some. The login integrations were completed, solid internal/external security for users and employees has been achieved, and Battlefy now enjoys the flexibility of the platform to continue customizing for its needs at any given time. Ultimately, the end user experience is much better and more secure, which is the end goal.
Due to the experiences Battlefy has experienced with Auth0 thus far, they are exploring other ways in which it can be implemented. As a gaming provider to many smaller companies who, according to Chen, “may not have their own servers or infrastructure,” Battlefy is considering acting as the OAuth provider to these smaller companies, providing them with a “Log In with Battlefy” authentication option.
The possibilities are endless, thanks to Auth0’s robust platform. It will grow with Battlefy as the industry continues its fast-paced growth. And in the process, Battlefy is providing the best experience possible to its massive global network of eSports users who are in their quest for gaming glory.