WorkOS powers auth for OpenAI, Anthropic, Cursor, Vercel, Perplexity, Clay, Webflow, Granola, and a bunch of others. Free up to 1m users, you pay for enterprise features.
I'm the founder and happy to help. We've differentiated by focusing on "b2b auth" via SAML/SCIM, but today we do everything else. We also have products for feature flags, encryption, bot blocking, MCP auth, etc.
This is awesome - I had heard the name floating around but didn't realize how permissive your free tier was. I'm using Clerk for my new project https://thoughtprint.space/ but might switch it over to WorkOS.
Recently I moved to WorkOS for modulus.so. love your product.
MCP auth and feature flags are two feature that got me in. I also like that it's flexible enough for me to write custom logic in auth flow - which a lot of providers tries to abstract.
The author of the initial comment mentioned that customers of contract work prefer code which is 100% theirs, purpose-written, not a dependency, even vendored.
We use WorkOS to support some of our offerings but not for our own corporate identity/authentication. I’m not close to the project so I don’t have experience using WorkOS but definitely curious about replacing Okta.
Hmm, since Chromium is working on adding browser-local AI features, I wonder if this one day could be a security check (for links opened from the outside of the browser). E.g. the browser detected that you clicked on a new-tab link, and the page looks like a commonly known site, then the AI detects that the URL isn't "x.com" and gives a heads-up warning. At least for the top 1000 most common sites, this could prevent a lot of phishing attacks.
This is exactly how not to defend against phishing. The meaningful defense is to foreclose on it entirely, not to just get super good at spotting fakes.
So, in that case the browser (correctly) did not autofill? Is that a common occurrence for legit traffic from X? And no complaint about the website's identity from the browser -- the expected "lock" icon left of the URL?
As long as people are used to companies just buying new domains for the hell of it, yes. Just look at the amount of domains Microsoft uses for signing in! My password manager currently holds 8 of them. Eight! Who can be blamed for thinking it’s the password managers fault?
Our customers include OpenAI, Anthropic, xAI, Cursor, Perplexity, Vercel, Replit, Webflow, Clay, Hex, Carta, Plaid, Drata, Vanta, and many others. If you've used these products, you've used WorkOS!
I started a startup to fix this exact problem integrating and configuring SSO/SAML.[0]
We launched here on HN 5 years ago[1] and today power SSO for OpenAI, Cursor, Vercel, and a thousand other apps. We also found the initial configuration step to be painful for users, so we built a self-serve wizard that enables enterprise admins to fix issues.[2]
It's still crazy how much complexity there is with enterprise identity systems and managing the user lifecycle for big orgs. It's like the whole thing is made of weird edge cases and even moreso when you add SCIM, RBAC, MFA, etc etc.
(If anyone reading this also loves suffering at the intersection of IAM and developer tools, we are hiring! Email in my profile :))
also if anyone wants to go down the rabbit hole about why SAML is hard to implement, this is a pretty interesting writeup of a major 0-day vuln we discovered earlier this year: https://workos.com/blog/samlstorm
I'm the founder and happy to help. We've differentiated by focusing on "b2b auth" via SAML/SCIM, but today we do everything else. We also have products for feature flags, encryption, bot blocking, MCP auth, etc.
Fun fact, we actually launched on HN in 2020 :) https://news.ycombinator.com/item?id=22607402