← Graph

Using external auth providers instead of Devise

question 3 connections

Audience question asking about using third-party auth services like Auth0 to handle users and authentication instead of Devise. Rafał's answer: offloading passwords is great (less passwords stored = fewer issues), but API-token concerns (refresh tokens, cookies, etc.) still apply, so the second half of the talk is still relevant. Also, clients often reject the cost and insist on in-house solutions.

answer_summary
External providers are great — less passwords is always better — but the token/refresh part of the talk still applies, and clients often refuse on cost.
question Using external auth providers instead of Devise
about
Auth0 company
Specifically asked about Auth0.
question Using external auth providers instead of Devise
about
Devise tool
Comparing external providers with Devise.
question Using external auth providers instead of Devise
asked_at
Devise pitfalls and way to tighten security talk
Asked during Q&A after the talk.

Provenance

Created in
Devise pitfalls and way to tighten security — Rafał Rothe... 2026-04-17 21:52
Read by
3 extractions