8

Ask HN: How Are You Handling Auth in 2026?

Supabase used to be my go-to but wondering if there are any easier out of the box solutions I haven't looked into. I'm investigating Clerk and have asked LLMs but curious to get the real take on what's working and what's easy from devs that actually have skin in the game.

WorkOS powers auth for OpenAI, Anthropic, Cursor, Vercel, Perplexity, Clay, Webflow, Granola, and a bunch of others. Free up to 1m users, you pay for enterprise features.

I'm the founder and happy to help. We've differentiated by focusing on "b2b auth" via SAML/SCIM, but today we do everything else. We also have products for feature flags, encryption, bot blocking, MCP auth, etc.

Fun fact, we actually launched on HN in 2020 :) https://news.ycombinator.com/item?id=22607402

15 hours agogrinich

Recently I moved to WorkOS for modulus.so. love your product.

MCP auth and feature flags are two feature that got me in. I also like that it's flexible enough for me to write custom logic in auth flow - which a lot of providers tries to abstract.

5 hours agodasubhajit

This is awesome - I had heard the name floating around but didn't realize how permissive your free tier was. I'm using Clerk for my new project https://thoughtprint.space/ but might switch it over to WorkOS.

10 hours agojoshcsimmons

The obvious answer would be use oauth and base it on one of the main providers such as Google, Microsoft or Meta.

However starting from last year, due to the fact that these companies are becoming too dominant and I don’t trust them anymore I started applying a philosophy of avoiding to depend on them as much as possible unless customers explicitly require to use their services, for this reason we opted to always have our own solution and if needed integrate it with 3rd party solutions, this way we are not slave to FAMGE companies and we have full control over our product, it’s a small drop in an ocean but at least I sleep with more inner peace knowing that I am still contributing to the distributed architecture of internet.

Sounds crazy, potentially less secure, and time consuming but still, I prefer this approach.

Microsoft already F** Us by buying GitHub, others by stealing accumulated knowledge of stackoverflow, and forcing everybody to be AI dependent because they poured billions in it… I am not letting it happen again.

15 hours agook1984

This is phenomenal, more power to you

10 hours agojoshcsimmons

Firebase Auth if I don't need enterprise stuff. Auth0 if I do.

I'm curious to explore some alternatives for enterprise auth like Clerk, but haven't yet.

15 hours agoleros

Clerk seems pricey once you scale.

10 hours agojoshcsimmons

That's ok for enterprise stuff where revenue per user is high. I'd hate to lose a 5/6 figure deal because I have to spend time rolling out some sort of enterprise auth solution for a client.

9 hours agoleros

Keycloak and OpenID Connect and/or OAuth2. I can plug external identity providers to it. It’s not SaaS.

14 hours agospeedgoose

I've used Clerk, it's good. Supabase auth has some minor issues, needs to be more polished.

16 hours agoVishal19111999

better-auth has been genuinely amazing for ts ecosystem, don't be overdependent on the plugins tho some are not flexible for every use case

15 hours agosama004

I write mine.

16 hours agochistev

Auth0

15 hours agomoomoo11

[dead]