upvote
That's a great analogy. My only addition would be the nuance of that data modelling is way more flexible than authentication (and this is said as someone who is continually surprised by the business requirements, standards, and complexities of auth). Data modelling, after all, needs to handle the entirety of reality (at least what can be mapped to a computer). So you're more likely to outgrow it.

I've heard plenty of stories of folks moving from homegrown auth to a off-the-shelf solution, but that's because I'm in the off-the-shelf auth space.

It'd be super interesting to hear stories of folks who went the other way, and outgrew their service provider's auth.

reply
Can you explain what you mean by “separate users from an ‘org’ or ‘team’ entity)?
reply
You are building your app with a single user in mind. They can create <thing> (blog posts, photo albums, code repositories, you name it). Eventually you realize, sometimes people are working in teams or groups. Multiple people need to have access to <thing>. So instead of architecting from the get-go that a <thing> is owned by a user (usually with some kind of FK, like an owner_id, or user_id) you want to start by having an abstraction there right out the gate. Things are owned by a team or org, and a user belongs to an org.

This is why a lot of SaaS you use these days will come with a "default project" or "default team" that might just be 1:1 with your own person. But injecting that abstraction layer makes it super easy down to the road to allow other individuals to join or participate in the management of those entities.

reply