This isn't a criticism but feedback from someone that is looking for a 3rd party auth service.
I am starting up my own business, I have spent some time evaluating AuthKit and I can't justify investing time on it. Specifically, I want to target small to medium sized companies that want SSO built into my services.
The fact that the auth would be at an *.authkit.app domain is disconcerting, users would think they have been click-jacked because they have left the domain they were expecting. Your comment about custom domains costing because of Cloudflare is strange given how much CF charge verses the $99 per month cost you charge, there seems to be a big order of magnitude difference, since under the Pro plan they charge 10c per additional domain. Perhaps you have additional services behind that, but it seems strange:
https://www.cloudflare.com/en-gb/plans/
The "Powered By x" would actually be preferable, many people are used to seeing thing like that on payment screens.
Also, the SSO connectors being $125 per month per connection, rules out my target market. That is a lot in my market and it doesn't ease off as I grow, it's a fixed base cost. As I grow to 20-30 customers I'd be better off hiring a developer to implement the same features.
I get it that I am not the target market; that big businesses wouldn't bat an eyelid at that kind of costs. But for my purposes, I can't justify your costs. Good luck to you.
There are several open source options out there (several linked above) that could be a good fit for your business economics. I know lots of folks talk about Supabase and Auth.js on X.
If you have the time and patience, you can also certainly build it yourself. There's no miracles here, just complex engineering and solving a thousand edge cases.
If you decide to use open source, make sure you quickly update dependencies so you're always running latest. Ruby-SAML had a major vulnerability disclosed last month and thousands of apps were affected: https://workos.com/blog/ruby-saml-cve-2024-45409
I am starting up my own business, I have spent some time evaluating AuthKit and I can't justify investing time on it. Specifically, I want to target small to medium sized companies that want SSO built into my services.
The fact that the auth would be at an *.authkit.app domain is disconcerting, users would think they have been click-jacked because they have left the domain they were expecting. Your comment about custom domains costing because of Cloudflare is strange given how much CF charge verses the $99 per month cost you charge, there seems to be a big order of magnitude difference, since under the Pro plan they charge 10c per additional domain. Perhaps you have additional services behind that, but it seems strange: https://www.cloudflare.com/en-gb/plans/ The "Powered By x" would actually be preferable, many people are used to seeing thing like that on payment screens.
Also, the SSO connectors being $125 per month per connection, rules out my target market. That is a lot in my market and it doesn't ease off as I grow, it's a fixed base cost. As I grow to 20-30 customers I'd be better off hiring a developer to implement the same features.
I get it that I am not the target market; that big businesses wouldn't bat an eyelid at that kind of costs. But for my purposes, I can't justify your costs. Good luck to you.