Introducing major updates to Stytch B2B authentication

Product

April 30, 2024

Author: MB Crosier

We launched our B2B authentication solution nearly a year ago because we realized that building and managing authentication for multi-tenant applications was painful for developers.

The product has evolved a lot since that launch, and we’ve seen incredible engineering teams ranging from Zapier, Hubspot, and Cisco make the switch to Stytch. Today we’re incredibly excited to announce a long list of new capabilities that make integrating authN, authZ and fraud prevention into multi-tenant apps an even better experience for developers.

What’s different about Stytch B2B auth

What makes Stytch B2B auth so unique is the underlying architecture. Other authentication solutions simply tack on elements of B2B authentication to a consumer authentication offering. This pushes all of the complexity of organization tenancy (also known as multi-tenancy) to your development team, who then have to write and maintain significant amounts of custom code in their backend systems to handle authentication. The complexity of this code only increases as your app scales and as new authentication methods and configurations are required. Doing something as simple as changing an organization’s auth settings requires a messy 40+ line if-else and array comparator function.

At Stytch, we took a different approach and chose to build a B2B authentication solution with built-in multi-tenancy and “Organizations” as a first class entity in our data models. By building a solution from the ground up that’s specifically tailored for the needs and requirements of multi-tenant applications, Stytch’s platform cuts the engineering lift to build and scale auth so teams can focus on building their core products. Adding or updating SSO, MFA, SCIM, RBAC and more is just a simple API call away.

What’s new in Stytch’s B2B solution

Since the initial launch of our B2B solution, the Stytch team has continued to improve our B2B auth solution, adding new features and capabilities that help developers implement and scale enterprise-grade authentication in their apps.

Today, we’re excited to announce a whole host of updates to Stytch’s B2B solution, including:

Zero downtime session migration: You can now migrate from your existing auth provider to Stytch without requiring your users to log out of their existing session. This means that a migration is effectively invisible for your end-users, so there’s no friction when you switch to Stytch as your authentication provider. See the docs.
Google One-Tap: We now support Google One-Tap for B2B authentication via our SDKs. Compared to the standard “login with Gmail” auth method this provides a frictionless user experience that automatically detects a user’s logged-in Chrome or Gmail session. See the docs.
Pre-built UI for OTP & TOTP MFA: We now provide pre-built UI elements for both OTP and TOTP MFA in our front-end SDKs, so you can easily set up MFA with security and UX best practices in a fraction of the time. See the docs.
Role-based access control (RBAC): RBAC enables organizations to streamline the management and enforcement of user roles and permissions. With RBAC, Stytch allows you to handle both authentication (authN) and authorization (authZ) in a single platform. See the docs.
System for Cross-domain Identity Management (SCIM): Enables any changes made to a user identity in an IdP (e.g. provisioning, deprovisioning, profile updates) to be automatically synced with your application. See the docs.
Protected email magic links: Ensures the successful, secure delivery of email magic links, as our built-in device fingerprinting detects enterprise security scanners and prevents consumption of the single-use token. See the docs.
And many more!

If you’re interested in learning more about our B2B offering, feel free to check out our docs or chat with a member of our team.

New B2B Example Apps

We’ve recently released two different versions of a multi-tenant B2B example application built on Stytch’s SDKs that developers can leverage to better understand Stytch’s B2B solution. One version leverages Stytch’s pre-built UI components on the frontend, while the other uses a headless UI. This showcases another advantage of Stytch – the flexibility of developer tools to use pre-built UI components, SDKs for headless implementation, and/or backend SDKs and APIs.

Check out our blog post to get access and learn more.

Learn how others integrated Stytch

We also have new case studies highlighting two different B2B applications that are leveraging Stytch for authentication.

Tome: Tome is an AI-powered storytelling platform that migrated millions of users and organizations from Auth0 to Stytch B2B in weeks.
Orb: Orb is a comprehensive billing platform that migrated from Auth0 to Stytch’s SSO offering in one week.

At Tome, we care deeply about delivering a great UX across the board, and auth is no exception. By leveraging Stytch's B2B product, we have successfully reallocated 2-3 engineers to core product development and new features.

Archana Sankaranarayanan - Director of Engineering

Learn With Jason Livestream: Auth and RBAC in multi-tenant React apps

Want to learn how to build authN and authZ into an application?

Follow along in this recording where our CTO, Julianna Lamb appeared on a Twitch livestream with LearnWithJason. Julianna and Jason used Stytch and our pre-built UI components to add authentication and authorization to a React + Express app in a 90 minute livestream.