All about auth
March 18, 2022
As a GTM lead at Stytch, one of the most common questions I’m asked by potential customers is: why should we choose Stytch vs. Auth0? This makes sense as Auth0 has been around for close to a decade now and Stytch is much newer to the auth space. But age isn’t everything—in fact, it may be holding Auth0 back in many ways (more on that below).
So, while this might be the first time you’ve heard of Stytch—a special welcome to those who got here by searching for “Auth0 alternative”—we are seeing more and more companies choose passwordless with Stytch over rigid Auth0. In this post, I share the top five reasons why.
One of the first things I hear on calls with customers is that they don’t want to compromise the way their product looks and feels. Both enterprise and startup customers share this sentiment, and it makes sense. You should never have to sacrifice your brand’s unique personality and style for any vendor—even for a service as important as authentication.
In most cases, the first “write interaction” is user signup. Which means, it’s the first instance a user has the chance to form an opinion about your application and how it works (no wonder most user dropoff happens at this stage). It’s of the utmost importance that this experience leave a positive impression, and one that is uniquely yours to make. That’s why highly flexible, highly customizable solutions are core to the Stytch offering.
In comparison, Auth0 unintentionally handcuffs their customers from a customization standpoint because they still support passwords. This requires Auth0 to maintain control over forms and domains and limits their offering to only widget-based customization.
Stytch’s highly customizable frontend components can be seamlessly integrated into your UI—rather than requiring a hosted redirect page—so you get an auth experience that’s fine-tuned to your brand and to your users’ expectations. Stytch’s adaptability to different authentication scenarios and needs is precisely what led the development team at Gather to pick us over our competitors.
I hear from Stytch customers how important it is to provide end users with a seamless experience not just the first time, but every time. We get it and strive to build passwordless authentication solutions that you can rely on. We take it seriously that our customers depend on us for critical infrastructure and so we invest heavily in ensuring we maintain exceptional uptime percentages. See for yourself on our status page.
Stytch builds redundancy into every communication-based auth product, monitoring uptime and using dynamic failover logic to route across multiple providers. This ensures vendor downtime doesn’t impact your platform and that your users always have a high-quality, uninterrupted experience, with no single point of failure.
In contrast, Auth0 requires you to provide your own integration for communication APIs (which are necessary for service-based authentication via email and SMS) and doesn’t allow for any redundancy. This is something that is not often thought about when choosing an authentication provider but is hugely important, which we’ve learned through the pain of prior experience.
At a previous company, our primary service provider experienced two days of downtime, during which we couldn’t authenticate any user coming to our platform. This was extremely painful. It felt as if we’d just opened a new restaurant that we put our heart and soul into, which required marketing spend (CAC) to drum up interest, only to turn customers away at the door due to a broken stove. Take it from us—people can’t come into your restaurant or access your application if you can’t reliably authenticate them. And if your users detect a dip in service, they are much more likely to churn.
We eventually solved the issue by building out a backup provider but it took us over two months! The poor decision to not plan for redundancy negatively affected not only our business teams but also our product/engineering teams—pulling them away from the core products they were working on.
Learning from this painful memory, Stytch works hard to maintain gold standard uptime so that your end users have uninterrupted service, every time. We prioritize customer support and have multiple channels to reach us so that you can get a quick and timely response whenever you have a question. I’m proud to say that our customer responsiveness truly stands out.
This brings me to the third key reason to choose Stytch over Auth0: your time is valuable. Developer to developer, we know that you don’t want to spend a lot of time implementing auth. You want to spend your time focusing on your core product.
That’s why Stytch is designed to get you up and running in minutes, whether you’re building an auth solution from scratch or migrating from another platform. It all starts with our clear and easy-to-implement docs, which our customers clearly love.
As a byproduct of their various builds and migrations, Auth0 adds unexpected complexity to the auth integration process by making their documents extremely difficult and time-consuming to decipher. This is amplified when trying to go passwordless with Auth0, as I often hear from prospects that they spend days trying to understand the complicated documentation.
Authentication is a crucial part of your application but you shouldn’t have to spend days reviewing docs–or weeks implementing them. Standard Metrics (formerly Quaestor), chose Stytch because of our intuitive documentation and focus on the overall developer experience. The full implementation took one engineer at the company less than a day. Within just a few months, upwards of 35% of users were logging in through Stytch, many of whom didn’t have access due to lack of a Google or Microsoft account.
When it comes to fees, Auth0 provides little transparency, making it difficult for you to forecast costs, especially at scale. Moreover, their pricing model is misaligned so that in many cases, the more volume you handle, the more you pay. Outwardly, they try to convey transparency with their calculators on the pricing page, but it masks the true cost of their services. Their per-user pricing often works out to be two to three times higher than Stytch’s, and you have to step up to an advanced, enterprise subscription plan to access basic passwordless solutions like OAuth, MFA, and WebAuthn. I’ve also heard that these additional features require contracts with marketplace vendors at an added cost.
At the other end of the spectrum, Stytch keeps pricing simple and transparent with our partnership model. Pricing starts at a transparent 10 cents per active user, with no monthly commitment, and quickly decreases as you scale. Our pricing model is purposefully aligned with your business model. We only make money when you authenticate users, and we make sure that you never pay for anything other than usage.
But don’t just take our word for it—you can check out our full pricing structure here.
I want to close out with what is perhaps the most fundamental difference between Stytch and Auth0: Stytch solutions are fully passwordless, while Auth0’s are primarily password-based.
Auth0 started out during a time when password-based authentication was the default. Therefore, their core focus continues to be on password-based auth products, though they’ve recently started exploring limited passwordless solutions. By maintaining the status quo, Auth0 has zeroed in on only half of the process—security—instead of also optimizing for frictionless UX and boosting conversion.
In stark contrast, Stytch was founded on the belief that passwordless is the way of the future. Passwords are a dated method of authentication that cause needless friction, frustrated users and lower conversion rates due to user drop off. As web usage has exploded, password reuse has become a ballooning issue. In fact, 81% of all internet breaches involve weak or stolen passwords. But it doesn’t need to be this way. Authentication technology has evolved, just like the internet, and Stytch is leading the path forward to a passwordless future.
With Stytch, you can improve conversion while boosting security with familiar, low-friction industry-standard solutions like OAuth and OpenID. We’re building an all-in-one platform for passwordless auth. Our passwordless product suite continues to evolve and includes the newest and highest-converting auth methods, like Google One Tap and embeddable magic links. Google One Tap is a particularly powerful way to improve onboarding and login flows, and companies that have done the heavy lifting to integrate it have observed impressive results. For example, Pinterest saw a 47% conversion increase in sign-ups on desktop and a 126% conversion increase in sign ups on Android.
A great user experience translates to real business impact. Take Lighthouse–an innovative rental platform that was using Auth0 but felt hemmed in. Lighthouse switched to Stytch to offer a more flexible onboarding and authentication experience to their users—and saw a 62% jump in sign-up conversions when they did.
So, what does migrating to Stytch look like? I’m glad you asked. It’s actually pretty easy to switch your users over to Stytch.
We’ve put together a handy guide that walks you through the auth migration process and shares some helpful considerations to keep in mind as you change providers.
As the internet moves to passwordless, Stytch is leading the charge. Choose Stytch, so that you never have to search for an auth alternative again.