We're happy to wait for now. To give you an idea w...
# general
We're happy to wait for now. To give you an idea where we're coming from, and why we're looking at ST: We currently have a java monolith with Spring Security, but are building a new product to eventually move all our clients to our scalable serverless infrastructure. We're heavily invested in the AWS infrastructure, and so AWS Cognito was the obvious choice. However, as we're multi-tenanted, there are some serious pitfalls there, such as only being able to have 4 custom domains for the front-end auth pages per AWS account. If you want more, you effectively need to rebuild the whole OAuth Flow to have your own pages. Yikes. Came across ST from some older reddit posts, and it looks like it may meet all of our requirements from a feature perspective. We'd probably opt in to being hosted by you if multi-tenanted out of the box (currently ~650k MAU), except we have around 50% of our users in Australia, which is a region you don't currently support. Regardless, we're still at an investigation / PoC stage, so it's likely to be several months until we have any real production users on the system. We just see Auth as a pretty foundational element of the app, since we'll also be doing custom authorizers on our other business lambdas to check token validity etc. It's one of the things I wanted to make sure we get right early