The reason Okta spent $6.5B on Auth0

&gt; Auth0 is the most prominent alternative that customers consider when evaluating Okta. The acquisition of Auth0 eliminates that threat and grants Okta pricing power as a result.<p>&quot;Grants pricing power&quot; is such a euphemistic phrase for &quot;solidifying a monopoly will let them price gouge&quot;

&gt; Okta is built as a top down sales organisation whereas Auth0 is built with a developer first bottoms up acquisition strategy. This allows Okta to get the best of both worlds.<p>Good luck with that. The CEO of Okta will have to be very very very smart to keep this atmosphere around Auth0. So easier to say that&#x27;s it&#x27;s not going to happen. When you are an enterprise company you don&#x27;t buy a customer centric company to become them, you do the opposite. You make them become like you

Most importantly Auth0 was beating Okta on execution. Auth0 was leaner and would soon get to feature parity for both use cases. Without this deal they would slowly have lost ground to Auth0.

I work with a LOT of large enterprises, and I see Okta everywhere. Where I don&#x27;t see Okta, I see Microsoft and Ping. I&#x27;ve never run across an enterprise using Auth0, so I was surprised to see this statement:<p>&gt;Auth0 is the most prominent alternative that customers consider when evaluating Okta.<p>Is there a feature&#x2F;vertical where Auth0 and Okta compete that isn&#x27;t enterprise IDMS? Or was Auth0&#x27;s market outside of the Fortune 500 space?<p>* edit - OK, it seems clear from the responses that what I see Okta used for (employee&#x2F;internal identity management) is not what Auth0 was focused on. That makes sense - thanks for all the answers!

My take on this is a little different. (Disc: I&#x27;m a cofounder of Clerk which is also in the space)<p>I think Okta will try to build &quot;Okta for Customer ID&quot;<p>When people think of Okta, they think of it as a tool to help employees securely access third-party SaaS vendors.<p>That same problem exists for Customer Identity, but it looks a little different. Instead of setting up SSO for SaaS, developers are writing code to pass their customer data into tools like Stripe, Intercom, Salesforce, Segment, Mailchimp, etc, etc.<p>This is redundant work that a centralized Customer identity provider has the potential to alleviate.<p>I don&#x27;t really think Auth0 is well-positioned to pull this off, and that&#x27;s part of why we started Clerk. But considering Okta has that playbook in it&#x27;s DNA, I wouldn&#x27;t be surprised if that&#x27;s what they&#x27;re attempting.

If anyone&#x27;s looking for an Auth0 alternative, I recommend checking out WorkOS.<p>It&#x27;s like Stripe for enterprise features, including SSO&#x2F;SAML, Directory&#x2F;SCIM, and more.<p><a href="https:&#x2F;&#x2F;workos.com&#x2F;docs" rel="nofollow">https:&#x2F;&#x2F;workos.com&#x2F;docs</a><p>(I&#x27;m the founder. Hope it&#x27;s still ok to shamelessly plug your startup on HN. :) )

Not long ago I worked at Okta, and I know their engineering process pretty well. If I were to speculate on the purchase on Auth0, it would be to get more engineers improving the Okta platform. There are some really hard scaling problems and some really hard security problems, and absorbing Auth0&#x27;s talent is a way to acquire specialty talent in a narrow space.<p>Finding the right engineer who can program securely, scale, and make the developer empathy painless is a key challenge. This is what Okta did with Stormpath before the IPO.<p>(Disclosure: long OKTA)

Does the ~S~E~C~ (edit: FTC) have to approve? If so, have they?<p><a href="https:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;Hart%E2%80%93Scott%E2%80%93Rodino_Antitrust_Improvements_Act" rel="nofollow">https:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;Hart%E2%80%93Scott%E2%80%93Rod...</a><p>-------------------------<p>The general rule is that a filing is required if three tests are met: *<p>(1) the transaction affects U.S. commerce;<p>(2) either<p><pre><code> (a) one of the parties has annual sales or total assets of $151.7 million[3] or more (as of 2014: in 2012 this threshold amount began increasing periodically under the law), and the other party has sales or assets of $15.2 million[3] or more (as of 2014: this amount adjusts periodically) (where an acquired person is not engaged in manufacturing, only its total assets, not its sales, are counted, unless its sales are over $151.7 million[3]); or (b) the amount of stock the acquirer has is valued at $272.8 million or more (as of 2012: amount adjusts periodically) at any time; and </code></pre> (3) the value of the securities or assets of the other party held by the acquirer after the transaction is $68.2 million or more (as of 2012: amount adjusts periodically).[4] The 2018 rules raise this amount to US$84.4 million [5]<p>-------------------------<p>* IANAL, but I worked somewhere that was charged with violating the act and it&#x27;s <i>any</i> of the three, not <i>all</i> of them.

Waiting for &quot;I can build this over a weekend&quot; comment on Hacker News :)

&gt; Okta will issue shares to Auth0 shareholders at share price of $276.21, close to 20% less than the current share price (at the time of writing).<p>The screenshot immediately under this statement shows an Okta share price of $226. Am I misunderstanding something?

Looks like this is only good for people whose chief activity is &quot;owning stuff&quot;.<p>Everybody else (specifically people who actually execute actions, build stuff) loses.

&gt; it can also refactor Auth0’s (and it’s own) pricing to increase revenue even further.<p>Yeah, about that. Auth0 is already struggling to compete with Firebase Auth, AWS Cognito, and even Azure AD B2C (at least on price, for that last one). Increasing the price further is a bad idea.<p>Also, ory.sh is coming. If I were Salesforce, I&#x27;d be funding that to just commoditise auth.

&gt; Auth0 is built with a developer first bottoms up acquisition strategy<p>I really wish people would stop saying “bottoms up.” This is what you say when you’re clinking glasses together. The phrase people are looking for here is “<i>bottom</i> up,” as in “<i>up</i> from the <i>bottom</i> of the organization.” So unless they mean they’re starting from a developer’s ass, or preparing to ram their product up a bunch of developers’ exposed bottoms, it would be nice if people learned this expression.

Self-Sovereign Identity might replace major parts of the federated identity market within 5 years i expect. even Okta CEO admitted that self-sovereign identity will be the future. the major problem is that the decentralized nature of SSI, will remove the most part and profit of 3rd party tools, as it is easier and cheaper to have direct relations between services and users

Company realises that they have become kind of slow and that their culture is not conductive to moving fast, innovation and making more money<p>&quot;We could just buy a culture that is&quot; and then either they keep it alive or the original culture destroyed the acquired one and the process starts again?<p>Isn&#x27;t that like half of acquisitions or maybe I&#x27;m being too simplistic, I dunno

Recent and related:<p><i>Okta to Acquire Auth0 for $6.5B</i> - <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=26334516" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=26334516</a> - March 2021 (309 comments)

Having integrated both... Okta is an awful product and Auth0 is an excellent product. Night and day difference in quality.

Auth0 was actually no alternative given its pricing. I actually saw a lot of people moving to Firebase from Auth0.

Author of the article here. Feel free to AMA about the acquisition (or about SuperTokens)

Did any employees get screwed when it came to stock options?

Auth is easy, right ?<p>The pain point to me is authorization. Doing authorization correctly is really hard.<p>But most of frameworks i see (open source or closed source) failed at that job.

When people say oh it has a $30 Billion addressable market... how do they come up with these numbers? Startup CEO types love to throw around these numbers but some time they seem wildly optimistic, and their methodology is rarely explained.

They OH auth0 was using mongo to store customers’ data and wanted to fix that.

What are some open source self hosted alternatives to Okta and Auth0?

Okta’s core strength is in her predominately salespeople; programmers, not so much.

Anyone want to start a competing SSO service?