We have been working with Auth0 for a couple of weeks now with some success and will use it as our authN and authZ service. Generally the experience has been positive and the documentation is pretty good but I thought there were a couple of documents that it may be worth Auth0’s time in making a bit simpler to find.
We are using aws API Gateway and arrived here looking for a true Oauth2 authZ service. We use Terraform to deploy infrastructure.
So for people like us two really good resources are:
We got to the second one pretty quickly via google but it must a common approach so doesn’t it deserve to be more prominent? The api and jwt authZ blog was really the key but before we found that we got what looked like some legacy (?) pages on the REST api then some good stuff on Custom Authorizers. Nothing wrong with them as such obviously but for us the integration of auth0 and an http api was the best solution, so I just think it would be better if the blog wasn’t a blog but was at least part of the first thing I found on protecting an aws api. It is all there for the various use cases just not in the same place or in a way that the user can quickly grasp what is the correct case for them.
If there are truly legacy pages which don’t appear in your documentation links then take the pages down so they don’t appear in google searches and create confusion.
I appreciate you are in the business of creating a service not docs and you know your audience (sic) better than me, but these docs had such a big impact on our design that these articles deserve to be front and centre not hidden in the blog?