Auth0

Auth0 Case Study

Achieving SSH Requirements and PCI Compliance

How we helped Auth0

check_box

PCI Compliance

Teleport helps Auth0 meet their customers' PCI requirements with RBAC, logging, and session recordings.

verified_user

Secure Access

Provides secure access to customer infrastructure to provide support and maintenance.

code

Flexible Authentication

Because Teleport is open source, Auth0 was able to build custom authentication via OIDC.

Profile

Company: Auth0

Industry: Technology

Solution: Identity as a Service (IDaaS)

Challenges

Create an offering for security consious customers that want control of their data.

Find a single solution that would work for both their multi-tenant and single tenant customers.

Enable their customers to achieve PCI and security compliance requirements.

Case Study

Auth0 was founded in 2015 with a mission to make the internet safer. Today, Auth0 is about 500 employees strong and manages over 2.5 billion logins per month. The company’s universal authentication and authorization platform makes it easy for their customers to add authentication and authorization services for web, mobile, and legacy applications.

The company offers both a public and private hosted editions of its flagship product. Auth0 was built around developers and makes it dead simple to add authentication with just a couple lines of code. In the multi tenant service, data is isolated and encrypted, but nonetheless, many customers opt to use the private cloud instance on dedicated environments, typically for compliance reasons.

Auth0 selected Teleport by Gravitational to provide secure access to all their customers’ infrastructure, whether it’s hosted in a public or private environment.

Because many of their customers had to meet PCI compliance, Auth0 needed a solution that would provide their customers with the peace of mind that their environments were completely isolated.

The company initially came across the Teleport open source community edition. Because it is open source and supported OIDC, one of the first things they did was add support for Auth0 directly into Teleport; in other words, they authenticate into Teleport using Auth0.

Teleport is a secure, SSH gateway that gives users the ability to grant temporary access to infrastructure. Teleport has built-in role-based access control (RBAC) and automatically terminates sessions after a pre-defined period of time determined by the customer. For Auth0, Teleport is used for customer support both in hosted and private environments.

Auth0 uses RBAC (supported in Teleport) to ensure only the right support staff from the right teams are accessing the right customer infrastructure as needed. Just as importantly, the only connection to the outside for customer infrastructure is provided by Teleport. It ensures that Auth0’s support teams can provide troubleshooting when needed and not have to manage any SSH keys.

Teleport not only stores logs of every session, but records sessions for playback so users can see exactly what was done in each session. Auth0 and their customers appreciated the recordings; they were able to see why something wasn’t in the state it was supposed to be.

In addition to the multi-tenant edition of Auth0, the team currently manages nearly 70 private instances for customers, each with at least 3 environments and up to 12 servers, and each node is accessed through Teleport. As for working with Gravitational, it’s been good so far.

“Teleport provided a secure, transparent and easy way to access to our customer environments. It helped our Managed Services Engineering Team to provide support 24x7 to our customers worldwide. We went from about 20 environments to over 120 in less than a year.” Pablo Terradillos, Applications Engineer, Auth0

Teleport provided a secure, transparent, and easy way to access our customer environments. It helped our Managed Services Engineering Team to provide support 24x7 to our customers worldwide. We went from about 20 environments to over 120 in less than a year.

Pablo Terradillos Applications Engineer, Auth0

This site uses cookies to improve service. By using this site, you agree to our use of cookies. More info.