mbullington | 2 months ago | on: I'm making a game engine based on dynamic signed distance fields (SDFs) [video]
mbullington's comments
mbullington | 5 years ago | on: Sick of spending time on Auth, we built an open source 'Stripe for Auth'
SuperTokens looks really cool and I'm glad it's open source, however, I think the big "blue ocean" here for self-hosted auth systems vs. AWS Cognito and Auth0 are security compliance.
Many large orgs with data requirements need things like ISO 27001, FedRAMP, etc. If you build with a product like SuperTokens and then need to meet these requirements later in your development lifecycle, you'll have to:
a. switch to Cognito/Auth0 for ISO, and for FedRAMP you can only use Cognito.
b. modify SuperTokens by learning NIST requirements (costs engineer time, developers might not know Java)
c. you can make your own, but that defeats the purpose for these systems (costs more time than b)
I feel an "Enterprise" (paid) option by SuperTokens where security compliance is handled, with still the option for self-hosting, would be a massive win.
page 1
I was rendering-curious when we overlapped together at Figma. Mike was super patient and giving with his time, answering all my dumb questions and aiding with my Maker Week projects. Excited to see him take on something so ambitious next.