Case Study
Why GoPronto uses SuperTokens to safely authenticate its enterprise customers - including Google, RedHat and BigID
April 06th 2023 • 10 minute read
Collaboration
Funding raised
$10.5M
Customers
Google, RedHat, BigID, & more
About
GoPronto helps businesses unlock the collaborative value of their partner ecosystem. With $10.5M in fundraising, and notable customers including Google, RedHat, and BigID, GoPronto is enabling enterprises to grow their revenue by streamlining collaboration with third party sales and marketing partners.
Highlights
1 Fast & lean
GoPronto completed an advanced auth re-architecture to support multiple product lines. With a high level of tailoring, the process took 3-4 months with just a single part-time engineer.
2 Elimination of tech debt
SuperTokens’ flexibility enabled a clean architecture, with all business logic inside a single authentication microservice.
3 Full control
Self-hosting SuperTokens means no reliance on third parties for auth, all without breaking the bank.
Requirement Setting
The GoPronto team had rolled their own authentication using Django. As they had expanded their auth, the team had used various hacks to get different functionalities up and running quickly. They were missing a central IDP.
Mayank, a senior engineer at GoPronto with advanced authentication expertise from his previous role at Akamai, knew it was time for a refactor. Mayank had built and maintained auth at the enterprise level and was intimately familiar with the OAuth, OIDC (6749 and 6750) and other RFCs.
As part of their requirements, GoPronto needed a way to centralize their authentication with email + password, OAuth, SAML, OTP, and social login. Even with his extensive experience with auth, Mayank knew that building from scratch would take too long. Having maximum control over their authentication layer was also a important consideration.
Mayank, a senior engineer at GoPronto with advanced authentication expertise from his previous role at Akamai, knew it was time for a refactor. Mayank had built and maintained auth at the enterprise level and was intimately familiar with the OAuth, OIDC (6749 and 6750) and other RFCs.
As part of their requirements, GoPronto needed a way to centralize their authentication with email + password, OAuth, SAML, OTP, and social login. Even with his extensive experience with auth, Mayank knew that building from scratch would take too long. Having maximum control over their authentication layer was also a important consideration.
“If things go south, I can always self-host it, and I can always maintain it myself.”
Mayank
Senior Software Engineer at Pronto
There was also the question of how to cleanly centralize separate pieces of business logic. For example, the team wanted to be able to filter out non-business domains for demo requests to make sure a high quality of inbound leads. They also needed to authenticate on customers’ domains to run their marketplaces, which required creating separate sessions.
Mayank organized a POC evaluation period for both SuperTokens and AWS Cognito (Auth0’s pricing model eliminated it from consideration entirely). Between the benefits of high customizability, being open source, and the easy-to-read docs, Mayank and the team chose SuperTokens.
Mayank organized a POC evaluation period for both SuperTokens and AWS Cognito (Auth0’s pricing model eliminated it from consideration entirely). Between the benefits of high customizability, being open source, and the easy-to-read docs, Mayank and the team chose SuperTokens.
The Development Experience
Mayank implemented a centralized auth microservice in Go to replace the assorted auth libraries in their original Django monolith.
With SuperTokens’ flexibility to accommodate various business logic necessary for GoPronto, everything could live under one roof. Now, adding new features or making updates is done all in one place in this new IDP microservice.
GoPronto chose to self host SuperTokens and with two cores on Kubernetes, they can manage scale as they onboard more customers. They’ve gotten the best of both worlds when it comes to the dilemma of choosing between 3rd party or home-rolled auth: the speed to deploy, security, and reliability of a dedicated 3rd party, with the customization, control, and leanness of rolling your own.
During the implementation period, it was easy to turn to the SuperTokens Discord and ask any technical questions.
With SuperTokens’ flexibility to accommodate various business logic necessary for GoPronto, everything could live under one roof. Now, adding new features or making updates is done all in one place in this new IDP microservice.
GoPronto chose to self host SuperTokens and with two cores on Kubernetes, they can manage scale as they onboard more customers. They’ve gotten the best of both worlds when it comes to the dilemma of choosing between 3rd party or home-rolled auth: the speed to deploy, security, and reliability of a dedicated 3rd party, with the customization, control, and leanness of rolling your own.
During the implementation period, it was easy to turn to the SuperTokens Discord and ask any technical questions.
“I think you guys are taking that effort [to provide support], and I don’t think that’s going to happen with any other provider… Cognito, Auth0… nobody’s going to care. So that’s really something.”
Mayank
Senior Software Engineer at Pronto
Looking into the future, the roadmap is set for GoPronto to add in TOTP’s with SuperTokens as well.
To watch entire case study discussion video please click here.
To watch entire case study discussion video please click here.
Share this article
