Skip to main content

Auth Solutions on the Market

· 2 min read

In summary...

  1. If I am running a new startup and do not want to build my own auth systems, go with auth0.
  2. If I am running a company that needs integrations of enterprise services, then go with onelogin for their compliance.
  3. Google Firebase is awful and not easy to migrate in the future. Google would better consider acquiring auth0.
Auth0OktaAmazon CognitooneloginFirebase Authentication
Send Welcome Email after SignupTemplate providedevent handler provide but need email vendor integration
Customer TypeB2C, B2B, B2EB2C, B2B, B2E?B2E
SSO?
MFAPush Notification, SMSAuthenticator, SMS, Voice Call, Security QuestionSMS, AuthenticatorPush, SMS, AuthenticatorSMS
Social Login / Public Identity Providers
Login Rules Engine / Policy
RBAC / Group-based
Cross-platform SDKWeb, Mobile, NativeWeb(Angular, Node.js, React, PHP, Java, .NET), Mobile(iOS, Android), Native (Java, .NET), Machine-to-machineraw examplesiOS, Android, Web, C++, Unity,
Industry StandardsSAML, OpenID Connect, JWT, OAuth2.0, OAuth1.0a, WS-Federation, OpenIDSAML identity providerOAuth2.0, SAML2.0, OpenID ConnectSAML 1.1 and 2.0 WS-Federation 2005 SCIM 1.1 and 2.0 OAuth 1.0 and 2.0 OpenID Connect 1.0 JSON Web Token (JWT) Integrated Windows Authentication (IWA)
Analyticsaws Pinpoint
General SLA99.95%99.97%99.98%
PasswordlessTouch ID, Email Magic Link, SMS
Anomaly Detection1. Brute-force ProtectionLimit the amount of signups and failed logins from a suspicious IP address.2. Breached-password Detection. Detects login attempts with credentials that have been known to be breached.Risk-based authenticationRisk-based authentication
Anomaly Detection ReactionsEmail notificationBlock IP
Providing User Profile / Directory Store✅very extensive✅W/ Management Metrics: Total Users, Authentications, Failed Logins, System Log✅access configured by Apps✅very limited fields
Workflows - Email address verification
Workflows - Email address change
Workflows - Forgot password✅limited page customization✅email templates✅email/SMS template✅no UI customization
Workflows - Lockout Self-Service
AD/LDAP integrationADAD
ComplianceSOC 2 Type II, EU-US Privacy Shield Framework, HIPAA, OpenID ConnectHIPAA, EU, and FED compliancePCI DSS Compliance and is HIPAA EligibleASSURANCE PROGRAMS: SOC 2 Type 2 SOC 1 Type 2 ISO 27017:2015 ISO 27018:2014 ISO 27001:2013 SECURITY PROGRAMS: Skyhigh Enterprise-Ready CSA STAR PRIVACY PROGRAMS: TRUSTe Certified Privacy U.S. Privacy Shield GDPR EU Model Contract Clauses VULNERABILITY MANAGEMENT: Penetration Tests Network Scans Bug Bounty Program OTHER INITIATIVES: HIPAA FFIEC / GLBA NIST Cybersecurity Framework G-Cloud FERPA
User Devices Management

Twitter URL