I love auth0 so much for it being a wonderful product. I love auth0 company for personal support and generosity from their side I received whilst being their client. And I love the perfect level of support. And mostly everything they do. Therefore I decided to use my rant credits and write this short rant - because I want it to have this one single major problem fixed so badly.
Auth stands for two things - authentication and authorization. And auth
shortening usually means both things. And authorization part of auth0 functionality is half-baked.
It was so five years ago - Field Notes: Evaluating Auth0 vs. Stormpath - One Hungry Mind . It was so when I started using it year ago. It is today - we still do not have groups functionality. authorization extension vs authorization core ambiguity is OK for 3 or 6 months, but things are not seeming to move towards any sort of resolution for years now…
One can not demand a company to ship a certain feature. Yet I think there is also a problem with communication of authorization roadmap topic. Let me give few examples: a) Update on Authorization Core RBAC roadmap any tougher questions regarding RBAC seems to be ignored.
b) https://webcache.googleusercontent.com/search?q=cache:qJLJtH82Jl8J:https://community.auth0.com/t/authorization-series-pt-2-securing-http-apis-with-rbac-rules/29128+&cd=2&hl=en&ct=clnk&gl=lt → articles disappear. In history you can see company commits of having groups in 2021q2, but it’s month into 2021q3, and we’re not there.
c) Any roadmap timeline requests ignored: How do you manage user groups? - #2 by john.gateley .
Dear auth0, authorization it’s half of what you do. At least according to your name. Stand up and say - we do not support complex authorization requirements as of now. Try work arounding this as a); b); c)
.
Please do provide updates on what’s going on with authorization part of auth. Maybe it’s a complex problem, I understand, but currently, as the rant title suggest - it’s an elephant in the room matter.
How we, clients and community, can help to get this sorted? Is there a groups feature beta program where we can apply? When will authorization functionality will get the attention and progress from your side It actually deserves?
Tom