SixSides
Five reasons we chose WorkOS over rolling our own auth

Five reasons we chose WorkOS over rolling our own auth

June 30, 2025Mitchell Davis

As a Laravel developer, my default instinct is to build everything myself. Laravel makes it ridiculously easy to spin up authentication – you can have registration, login, password resets, even two-factor auth running in an afternoon.

So when we started building SixSides, our events platform, I fully expected to roll our own authentication. I’ve done it before. I know the stack. Why pay for something I can build?

But this time, I didn’t. Instead, I chose WorkOS. Here’s why – and why I think it’s worth tech founders at least considering before diving into the build-yourself rabbit hole.

1. Time-to-market mattered more than code purity

We had nine days to hit our first live customer milestone. That meant my time was better spent building the parts of SixSides that differentiate us – event attendee experiences, global data replication, and the features our early customers were paying for.

Auth is important, but it’s a solved problem. WorkOS gave us production-ready login, signup, and password management in hours, not days.

2. The free tier is insanely generous

WorkOS lets you have up to one million monthly active users for free if you don’t need enterprise SSO. For a bootstrapped SaaS, that’s a no-brainer.

If we ever get close to a million active users, paying for auth will be the least of our worries. Until then, it’s effectively zero cost infrastructure that’s battle-tested and secure.

3. Social login without the integration pain

Our customers’ event attendees aren’t going to remember yet another password. The fewer clicks to get in, the better.

With WorkOS, I ticked a few boxes in their dashboard and instantly had “Sign in with Google, Apple, Microsoft, LinkedIn, and GitHub” ready to go. No fiddling with multiple OAuth flows, token verification, or “fun” differences between providers.

4. A migration path if we ever change our mind

One of my early hesitations with hosted auth was lock-in. What if we outgrow WorkOS?

Turns out, the only thing we’d lose is password hashes. If we migrate, we just force a password reset for existing users. All other user data – names, emails, metadata – is ours to keep. That’s a very acceptable trade-off for the time saved now.

5. It integrated cleanly with Laravel

In Laravel, the standard auth scaffolding works beautifully – but integrating WorkOS wasn’t a fight either.

We used WorkOS to handle the identity side, then passed JWTs through a Cloudflare Worker that sits in front of our Laravel API. Laravel doesn’t need to handle the login process at all – it just trusts the token, verifies the signature, and gets on with the job.

It’s clean, it’s modular, and if we ever need to swap out the provider, we can do it without ripping apart the core app.

When you should still roll your own

If authentication is a core differentiator for your product – say, you’re building a security platform, or you need extremely custom onboarding flows – then owning that code might make sense.

For everyone else, especially early-stage founders with limited dev time, WorkOS (or a similar provider) is worth a serious look.

I’m still a “build it myself” developer at heart. But part of growing as a founder is knowing when to let go of control and focus on the parts of the product that only you can build. For SixSides, WorkOS ticked that box.