I have a situation where we’d like to use Auth0 for identity management/logins/sign-ups because it has good frontend ux for login/sign-up flow and might save implementation time.
The use case is for session management. I.e. logins and user sign ups for a standard server/client website where we also store the user in our own database. However I have some reservations because:
- you apparently shouldn’t use JWT for sessions (link)
- I can’t find any code examples with Auth0 where people have stored the user in their own database (e.g. on first time sign in you write to the db)
- Auth0 is an extra integration which complicates the code
- Auth0 doesn’t seem to have APIs webhooks for deleting/adding users so we’d have to do this in 2 places separately (Edit: it does have an api to add/delete users but no webhooks for that, so we would have to do user management via our website or do it in auth0 then our db separately)
So what am I asking? Well, given those requirements do you have any advice on whether to use Auth0 or should it be avoided for this kind of situation? The only thing holding me back right now from rolling our own solution is the front-end time required and the concern that the front-end UX won’t be as good as Auth0’s.