00:00
Hi, everybody! Welcome to DEMO, the show where companies showcase their latest products and platforms. Today, I’m joined by Gilad Shriki, co-founder of Descope, but he’s also known as Shriki. Hello, Shriki!
00:11
Shriki: Hello.
00:12
Welcome to the show! Tell me a little about Descope and what you’re going to be showing us today.
00:16
Shriki: Thanks for having me! Descope is a customer identity and access management platform that provides app developers with an easy way to build login experiences and user journeys.
00:27
So, you’re going to be showing me parts of the platform, which is also called Descope, correct?
00:32
Shriki: Yes.
00:33
How big of a problem is authentication in this market? Because every time I visit a new website, authentication is already in place, so I don’t really understand what’s happening behind the scenes.
00:43
Shriki: It’s a big market and a big problem. There are still a lot of passwords in use. Some app developers prefer to build authentication themselves, while others choose to buy a service. We believe this market requires disruption, making it much easier to build, and that’s exactly what we’re doing.
01:01
So, the problem you’re solving is primarily about speed — getting authentication up and running quickly — rather than developers building it themselves or using templates from existing authentication platforms, right?
01:14
Shriki: Correct. So, it’s about speed but also about approach. We believe in low-code and no-code experiences for developers who want to set something up quickly, and that’s what we provide.
01:23
Okay. If companies don’t use Descope, what are they doing instead? Are they just hand-coding authentication?
01:31
Shriki: Yes, they often build it themselves, and sometimes they do it poorly. Other times, they use a different authentication provider, but there are only a few major players in this space.
01:40
What makes Descope different from the competition? Why should everyone use it?
01:43
Shriki: I think our approach to authentication, especially with the flows I’ll be demonstrating today, is a leader in the space. The ability to build and iterate on authentication without making changes to the application itself is a game-changer.
01:57
All right, let’s dive into the demo! Show us some cool stuff.
02:01
Shriki: Of course! What you see here is our platform, featuring dashboards and activity logs. But the most important part is the authentication methods. We support a wide variety of authentication options, including passwords — though we’re not fans of passwords, we still support them. Today, I’ll be demonstrating how to go passwordless.
In just five to 10 minutes, I’ll show you how to add multiple authentication options that don’t rely on passwords. You’ll also see where users are managed — this is your user pool — and how we track user information.
The real magic happens in the flows, which allow you to build and iterate authentication processes and user journeys. Let’s step into our sample application. This is a revenue management app we quickly spun up. You’ll see a basic login experience, which is powered by Descope. Right now, it’s rudimentary and basic, but it can be fully styled and customized. I’ll log in with my user account. Since I don’t have an account yet, I’ll sign up using a simple password.
Now, you see that I need to verify my email. All of this is part of the flow — meaning the application itself isn’t aware of the verification process, and the developer didn’t have to code it manually.
I’ll go ahead and retrieve the verification email, enter the OTP [one-time password], and now I’m in.
04:48
Does this process come with a template, or would most developers be familiar with setting it up themselves?
04:55
Shriki: Yes, we provide templates. In fact, what I’m showing now started as a template. I began with the password authentication template and am iterating on it.
The cool part is that you can modify the experience. For example, when a user already exists, instead of just prompting them for a password, we can add an option to log in with a magic link.
I’ll demonstrate that now by adding a “Log in with Magic Link” button. I’ll configure it to send a magic link via email. You can see how easily I connect the dots — this update automatically handles sending the email and verifying the user.
Now, if I go back to my login page and enter my email, I see the new magic link option. Clicking it sends me an email with the magic link, which I can click to log in instantly.
This process was faster to set up than it would take to edit this video!
08:35
Are you seeing more social logins being used? If I’m an app developer and I don’t trust Google, can I switch to a different provider?
08:53
Shriki: Yes! Discord, for example, is another popular option. It’s incredibly easy to add — we just drag and drop it. No need to modify the authentication flow, because it uses the same OAuth and OIDC protocols.
All social logins are bundled together because they use the same method. If I log out and refresh, you’ll see Discord as a login option.
If you need a different provider, we support custom social logins too. Anything that follows standard OAuth protocols can be added, with full icon and branding support.
09:51
What’s the most popular authentication method right now? I see you’re wearing a “Kill the Password” shirt.
10:06
Shriki: The trend is moving towards passwordless authentication. Social logins are widely used, but there’s also a growing shift toward passkeys.
Passkeys are a strong authentication method that provide a great user experience. They use the biometrics of your device, allowing seamless authentication — even across devices.
For example, if you create a passkey on your phone, you can still use it to log in on a desktop.
10:44
With my email, I still have to use a long, complex password, then enter an authenticator code, and then use Face ID. That’s three steps!
11:04
Shriki: Exactly! Passkeys eliminate the need for extra steps. They’re considered multi-factor authentication on their own because they require both something you have (your device) and something you are (your biometric).
With Descope, adding passkeys takes just a few minutes. I’ll show you how.
When a user logs in, we prompt them: “Would you like to add a passkey?” If they say yes, they scan their fingerprint, and now passkeys are enabled.
Once added, logging in is even easier. Instead of entering a password, users just provide their email and scan their fingerprint.
15:46
I know you have a lot of other features. Where can people go to learn more?
15:52
Shriki: Visit descope.com. You can sign up for free and start using the platform immediately.
And by the way, signing up for Descope is a Descope-powered flow, so you’ll experience it firsthand!
16:15
That’s cool! And you already answered my question about free demos. Shriki, great demo! Thanks for joining us.
16:23
Shriki: Thanks for having me!
16:25
That’s all the time we have for today’s show. Be sure to like the video, subscribe to the channel, and leave your thoughts in the comments. Join us every week for new episodes of DEMO. I’m Keith Shaw — thanks for watching!
