Kalau kamu pernah build aplikasi Laravel dari nol, pasti tau rasanya: authentication itu selalu jadi bagian yang makan waktu paling banyak.
Gue udah ngalamin ini berkali-kali. Setiap mulai project baru, entah itu untuk client, untuk BuildWithAngga, atau untuk experiment pribadi — authentication selalu jadi bottleneck. Bukan karena susah secara konsep, tapi karena banyak banget yang harus di-handle.
Mau user bisa login pakai Google? Setup OAuth, register app di Google Cloud Console, handle callback, manage tokens. Mau tambahin GitHub login? Ulangi prosesnya. Microsoft? Lagi. Apple? Different beast entirely.
Terus client minta SSO karena mereka enterprise company dengan Okta atau Azure AD? Prepare yourself untuk berminggu-minggu ngulik SAML atau OIDC protocol.
Dan sekarang user mulai expect passwordless login — passkey pakai fingerprint atau Face ID. WebAuthn implementation? That's another rabbit hole.
Belum lagi security updates, session management, MFA, audit logs...
You get the point. Authentication itu bukan satu feature — itu ecosystem of features yang terus berkembang.
The Old Way
Dulu, approach gue untuk authentication di Laravel biasanya:
PROJECT AUTHENTICATION CHECKLIST (OLD WAY):
□ Laravel Breeze atau Jetstream untuk basic auth
□ Socialite untuk social login
□ Setup Google OAuth
□ Setup GitHub OAuth
□ Setup Facebook OAuth (kalau perlu)
□ Handle each callback separately
□ Custom SSO implementation (kalau enterprise)
□ Learn SAML protocol
□ Implement service provider
□ Debug XML assertions (nightmare)
□ Passkey? Maybe next year...
□ Testing semua flow
□ Security audit
□ Ongoing maintenance
Timeline: 2-4 minggu untuk setup proper
Dan itu untuk SATU project. Multiply dengan setiap project baru.
The Game Changer: Laravel 12 + WorkOS AuthKit
Februari 2025, Laravel 12 dirilis. Dan salah satu addition yang paling exciting bukan framework feature — tapi starter kit integration dengan WorkOS AuthKit.
Taylor Otwell sendiri yang build integration ini. Dalam tweet-nya, dia bilang dia "got a bit carried away" karena terlalu enjoy experience-nya. That's saying something.
WorkOS AuthKit itu essentially authentication-as-a-service yang comprehensive. Satu package, satu integration, dan kamu dapat:
- Social Authentication: Google, Microsoft, GitHub, Apple, GitLab, LinkedIn, Slack — tinggal toggle di dashboard
- Passkey Authentication: WebAuthn/FIDO2 built-in, user bisa login pakai fingerprint atau Face ID
- Magic Auth: Passwordless login via email link
- Enterprise SSO: SAML dan OIDC support untuk 26+ identity providers
- MFA: Multi-factor authentication
- Session Management: Centralized, configurable
- Audit Logs: Track semua authentication events
Dan yang paling mind-blowing? FREE untuk sampai 1 juta Monthly Active Users.
Untuk konteks, 1 juta MAU itu lebih dari cukup untuk 99% startups dan projects. Kamu literally bisa build authentication system yang enterprise-grade tanpa bayar sepeser pun sampai app kamu massive.
Apa yang Akan Kita Pelajari
Di artikel ini, gue akan guide kamu step-by-step untuk:
- Setup fresh Laravel 12 dengan WorkOS AuthKit starter kit
- Konfigurasi WorkOS account dan credentials
- Implementasi Social Login (Google dan GitHub)
- Enable Passkey authentication untuk passwordless login
- Setup SSO untuk enterprise clients
- Best practices untuk production deployment
By the end of this tutorial, kamu akan punya authentication system yang lebih robust dari yang kebanyakan developer build selama berminggu-minggu — dalam hitungan jam.
Let's get started.
Bagian 2: Apa Itu WorkOS AuthKit?
Sebelum kita hands-on, penting untuk understand apa sebenarnya WorkOS dan AuthKit itu.
WorkOS: The Company
WorkOS adalah company yang fokus di developer tools untuk enterprise features. Mereka di-backed oleh major VCs dan sudah dipakai oleh companies seperti Vercel, Perplexity, Webflow, Plaid, dan 1000+ lainnya.
Mission mereka simple: bikin enterprise features accessible untuk semua developer, bukan cuma yang punya tim dedicated untuk security dan compliance.
AuthKit: The Product
AuthKit adalah authentication solution dari WorkOS. Think of it sebagai "Stripe for Authentication" — kamu integrate sekali, dan semua complexity di-handle oleh mereka.
Ini breakdown lengkap features-nya:
WORKOS AUTHKIT FEATURES:
┌─────────────────────────────────────────────────────────┐
│ SOCIAL AUTHENTICATION │
├─────────────────────────────────────────────────────────┤
│ ✓ Google ✓ Microsoft ✓ GitHub │
│ ✓ Apple ✓ GitLab ✓ LinkedIn │
│ ✓ Slack │
│ │
│ → Toggle on/off di dashboard │
│ → OAuth handling automatic │
│ → Token management handled │
└─────────────────────────────────────────────────────────┘
┌─────────────────────────────────────────────────────────┐
│ PASSWORDLESS OPTIONS │
├─────────────────────────────────────────────────────────┤
│ PASSKEY (WebAuthn/FIDO2): │
│ ├── Fingerprint authentication │
│ ├── Face ID / Windows Hello │
│ └── Hardware keys (YubiKey, etc.) │
│ │
│ MAGIC AUTH: │
│ └── Email link login (no password needed) │
└─────────────────────────────────────────────────────────┘
┌─────────────────────────────────────────────────────────┐
│ ENTERPRISE SSO │
├─────────────────────────────────────────────────────────┤
│ PROTOCOLS: │
│ ├── SAML 2.0 │
│ └── OIDC (OpenID Connect) │
│ │
│ IDENTITY PROVIDERS (26+): │
│ ├── Okta │
│ ├── Azure AD / Microsoft Entra ID │
│ ├── Google Workspace │
│ ├── OneLogin │
│ ├── PingIdentity │
│ ├── JumpCloud │
│ └── Custom SAML/OIDC │
│ │
│ ADMIN PORTAL: │
│ └── Self-serve setup untuk IT admins client │
└─────────────────────────────────────────────────────────┘
┌─────────────────────────────────────────────────────────┐
│ ADDITIONAL FEATURES │
├─────────────────────────────────────────────────────────┤
│ ✓ Multi-Factor Authentication (MFA) │
│ ✓ Session Management │
│ ✓ Audit Logs │
│ ✓ Role-Based Access Control (RBAC) │
│ ✓ Brute-force protection │
│ ✓ Bot detection │
└─────────────────────────────────────────────────────────┘
Kenapa WorkOS + Laravel 12?
Ada banyak authentication services di luar sana. Kenapa specifically WorkOS untuk Laravel?
1. Official Integration
Ini bukan third-party integration yang di-maintain random developer. Laravel team sendiri yang build dan maintain WorkOS starter kit. Taylor Otwell personally involved.
Artinya:
- Quality assurance dari Laravel team
- Long-term support guaranteed
- Best practices baked in
- Updates seiring Laravel updates
2. Seamless dengan Laravel Auth System
WorkOS starter kit integrate langsung dengan Laravel's authentication system. Auth::user() works as expected. Middleware works. Gates and policies work. Tidak perlu learn new paradigm.
// Ini tetap work seperti biasa
$user = Auth::user();
Route::middleware(['auth'])->group(function () {
// Protected routes
});
// Check authentication
if (Auth::check()) {
// User is logged in
}
3. Multiple Frontend Support
Starter kit available untuk:
- React (dengan Inertia)
- Vue (dengan Inertia)
- Livewire (dengan Flux UI)
Pilih stack yang kamu prefer, WorkOS integration tetap sama.
4. Zero to Production Ready
Dengan satu command, kamu dapat:
- Login/Register pages
- Dashboard
- Profile management
- Session handling
- Email verification (optional, karena WorkOS handle verification)
Pricing yang Make Sense
Ini yang bikin WorkOS attractive untuk startups dan indie developers:
WORKOS PRICING 2025:
┌────────────────────────────────────────────────────────┐
│ USER MANAGEMENT (AuthKit) │
├────────────────────────────────────────────────────────┤
│ FREE: Up to 1,000,000 Monthly Active Users │
│ After: $2,500/month per additional 1M MAUs │
│ │
│ → Basically FREE untuk hampir semua use cases │
└────────────────────────────────────────────────────────┘
┌────────────────────────────────────────────────────────┐
│ ENTERPRISE SSO │
├────────────────────────────────────────────────────────┤
│ $125/connection/month │
│ │
│ Volume discounts: │
│ ├── 16-30 connections: $100/month each │
│ ├── 31-50 connections: $80/month each │
│ └── 51-100 connections: $65/month each │
│ │
│ → "Connection" = 1 enterprise client's SSO setup │
└────────────────────────────────────────────────────────┘
┌────────────────────────────────────────────────────────┐
│ ADDITIONAL │
├────────────────────────────────────────────────────────┤
│ Directory Sync (SCIM): $125/connection/month │
│ Custom Domains: $99/month flat │
│ Staging Environment: FREE (unlimited testing) │
└────────────────────────────────────────────────────────┘
Real Talk:
Untuk kebanyakan apps, kamu akan bayar $0. Social login, passkeys, magic auth, MFA — semua free.
SSO baru bayar kalau kamu punya enterprise clients yang butuh connect ke Okta/Azure AD mereka. Dan di context itu, $125/month per client itu nothing dibanding value dari enterprise deal.
Comparison: Build Sendiri vs WorkOS
Let's be real tentang tradeoff-nya:
| Aspect | Build Sendiri | WorkOS AuthKit |
|---|---|---|
| Setup Time | 2-4 minggu | 1-2 jam |
| Social Login | Manual setup per provider | Toggle di dashboard |
| Passkey | Complex WebAuthn implementation | Automatic |
| SSO | Weeks of SAML/OIDC work | Minutes dengan Admin Portal |
| Security Updates | Your responsibility | WorkOS team handles |
| Maintenance | Ongoing effort | Zero maintenance |
| Cost (< 1M users) | Dev time + infrastructure | FREE |
| Compliance | DIY audit | SOC 2 certified |
Build sendiri make sense kalau:
- Kamu punya very custom requirements
- Kamu mau learn the protocols in-depth
- Kamu punya dedicated security team
WorkOS make sense kalau:
- Kamu mau ship fast
- Kamu butuh enterprise features tanpa enterprise team
- Kamu prefer focus di core product, bukan auth infrastructure
For most of us? WorkOS adalah no-brainer.
Bagian 3: Setup Fresh Laravel 12 dengan WorkOS AuthKit
Alright, enough theory. Let's build something.
Di bagian ini, kita akan setup fresh Laravel 12 project dengan WorkOS AuthKit dari nol sampai running.
Prerequisites
Sebelum mulai, pastikan kamu punya:
PREREQUISITES CHECKLIST:
□ PHP 8.2 atau higher
→ Check: php -v
□ Composer (latest version)
→ Check: composer --version
→ Update: composer self-update
□ Node.js 18+ dan NPM
→ Check: node -v && npm -v
□ Database
→ MySQL, PostgreSQL, atau SQLite (easiest untuk development)
□ Laravel Installer (latest)
→ Install/Update: composer global require laravel/installer
□ Code Editor
→ VS Code recommended dengan Laravel extensions
□ Browser
→ Chrome/Firefox/Safari untuk testing
Kalau semua ready, let's go.
Step 1: Create Laravel Project dengan WorkOS Starter Kit
Open terminal dan jalankan:
# Pastikan Laravel installer up to date
composer global require laravel/installer
# Create new project
laravel new authkit-demo
Setelah command ini, kamu akan dapat interactive prompts. Pilih options berikut:
┌ Would you like to install a starter kit? ────────────────┐
│ › Livewire │
│ React │
│ Vue │
│ None │
└──────────────────────────────────────────────────────────┘
→ Pilih sesuai preference. Untuk tutorial ini, kita pakai Livewire.
┌ Which authentication provider would you like to use? ────┐
│ Laravel │
│ › WorkOS │
└──────────────────────────────────────────────────────────┘
→ Pilih WorkOS — ini yang kita mau!
┌ Which database will your application use? ───────────────┐
│ MySQL │
│ PostgreSQL │
│ SQLite │
│ › SQLite │
└──────────────────────────────────────────────────────────┘
→ SQLite paling gampang untuk development. Untuk production, sesuaikan.
┌ Would you like to run the default database migrations? ──┐
│ › Yes │
│ No │
└──────────────────────────────────────────────────────────┘
→ Yes, biar langsung ready.
Tunggu sampai proses selesai. Laravel akan:
- Download framework
- Install WorkOS starter kit
- Install dependencies (Composer dan NPM)
- Run migrations
- Setup basic structure
Step 2: Setup WorkOS Account
Sekarang kita perlu WorkOS credentials. Kalau belum punya account:
2.1. Sign Up di WorkOS
- Buka https://workos.com
- Click "Get Started" atau "Sign Up"
- Create account (bisa pakai email atau GitHub)
- Verify email
2.2. Create Project di Dashboard
- Setelah login, kamu akan masuk ke dashboard
- Click "Create Project" atau gunakan default project
- Beri nama project (misal: "AuthKit Demo")
2.3. Dapatkan Credentials
Di dashboard, cari:
- Client ID: Format
client_xxxxxxxxxx - API Key: Format
sk_test_xxxxxxxxxxxxxx(untuk staging/development)
Untuk menemukan credentials:
- Go to "Developers" atau "API Keys" section
- Copy Client ID
- Generate atau copy API Key (staging environment)
2.4. Configure Redirect URL
Masih di WorkOS dashboard:
- Go to "Redirects" atau "Authentication" → "Redirects"
- Add redirect URL:
http://localhost:8000/authenticate - Save
IMPORTANT:
Redirect URL HARUS exact match dengan yang di .env file.
Termasuk protocol (http vs https) dan trailing slash (atau tidak).
Development: <http://localhost:8000/authenticate>
Production: <https://yourapp.com/authenticate>
Step 3: Configure Environment Variables
Masuk ke project directory dan buka file .env:
cd authkit-demo
code .env # atau editor lain
Cari dan update WorkOS-related variables:
# .env file
APP_NAME="AuthKit Demo"
APP_ENV=local
APP_KEY=base64:xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
APP_DEBUG=true
APP_URL=http://localhost:8000
# ... other configs ...
# WorkOS Configuration
WORKOS_CLIENT_ID=client_xxxxxxxxxxxxxxxxxx
WORKOS_API_KEY=sk_test_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
WORKOS_REDIRECT_URL="${APP_URL}/authenticate"
Replace client_xxxxxxxxxxxxxxxxxx dan sk_test_xxxxx dengan credentials dari WorkOS dashboard.
Step 4: Verify Database Migration
WorkOS starter kit sudah include migration untuk users table. Let's verify:
# Check migration status
php artisan migrate:status
Kamu harusnya lihat migrations sudah ran. Kalau belum:
php artisan migrate
Step 5: Build Frontend Assets
WorkOS starter kit include frontend components. Build them:
# Install NPM dependencies (kalau belum)
npm install
# Build assets
npm run build
Untuk development dengan hot reload:
npm run dev
Step 6: Start Development Server
Sekarang, let's run the app:
# Option 1: Simple way
php artisan serve
# Option 2: Using Composer script (recommended, runs both PHP and Vite)
composer run dev
App sekarang running di http://localhost:8000.
Step 7: Test Basic Authentication
- Buka browser, navigate ke
http://localhost:8000 - Kamu akan lihat landing page dengan "Log in" dan "Register" buttons
- Click "Log in" atau "Register"
- WorkOS AuthKit UI akan muncul
WHAT YOU SHOULD SEE:
┌─────────────────────────────────────────────────────────┐
│ │
│ Welcome back │
│ │
│ ┌─────────────────────────────────────────────────┐ │
│ │ Email │ │
│ └─────────────────────────────────────────────────┘ │
│ │
│ ┌─────────────────────────────────────────────────┐ │
│ │ Password │ │
│ └─────────────────────────────────────────────────┘ │
│ │
│ ┌─────────────────────────────────────────────────┐ │
│ │ Continue │ │
│ └─────────────────────────────────────────────────┘ │
│ │
│ Don't have an account? Sign up │
│ │
└─────────────────────────────────────────────────────────┘
By default, Email + Password authentication enabled. Kamu bisa:
- Register user baru
- Login dengan credentials
- Access dashboard setelah authenticated
Checkpoint: Verify Everything Works
Sebelum lanjut, let's verify setup:
✓ Laravel 12 installed dan running
✓ WorkOS credentials configured di .env
✓ Redirect URL set di WorkOS dashboard
✓ Can access login/register page
✓ AuthKit UI appears (WorkOS branded login form)
✓ Can register new user
✓ Can login dan access dashboard
✓ Can logout
Kalau semua checked, congratulations! Kamu sudah punya working authentication dengan WorkOS.
Troubleshooting Common Issues
Issue: "Invalid redirect URI" error
Solution:
1. Check WORKOS_REDIRECT_URL di .env
2. Pastikan exact match dengan setting di WorkOS dashboard
3. Perhatikan: http vs https, trailing slash, port number
Issue: "Invalid API key" error
Solution:
1. Pastikan WORKOS_API_KEY correct
2. Staging key starts dengan "sk_test_"
3. Production key starts dengan "sk_live_"
4. Clear config cache: php artisan config:clear
Issue: Login page tidak muncul (redirect loop)
Solution:
1. Clear semua caches:
php artisan cache:clear
php artisan config:clear
php artisan route:clear
php artisan view:clear
2. Restart server
3. Clear browser cookies untuk localhost
Issue: Blank page setelah authentication
Solution:
1. Check browser console untuk JS errors
2. Pastikan npm run build atau npm run dev jalan
3. Check storage/logs/laravel.log untuk errors
Mini Tips
"Selalu test di incognito/private window ketika develop authentication. Browser caching dan existing sessions bisa bikin debugging lebih susah dari seharusnya. Fresh window = fresh state."
Bagian 4: Implementasi Social Login
Sekarang app kamu sudah running dengan email + password authentication. Tapi let's be honest — di 2025, users expect bisa login pakai Google atau GitHub dengan satu click.
Social login bukan cuma convenient. Data menunjukkan social login bisa increase signup conversion rate 30-50%. Users gak perlu create new password, gak perlu verify email manually, gak perlu remember another credential.
Good news: dengan WorkOS, setup social login literally cuma butuh beberapa menit. No code changes needed.
Kenapa Social Login Matters
Sebelum kita setup, let's understand the value:
USER PERSPECTIVE:
Traditional Signup:
1. Enter email
2. Create password (harus strong, harus unique)
3. Submit form
4. Check email
5. Click verification link
6. Login lagi
7. Finally in!
→ 7 steps, high friction, banyak yang abandon
Social Login:
1. Click "Continue with Google"
2. Select Google account (biasanya auto-detected)
3. Done!
→ 2-3 steps, low friction, higher conversion
Dari developer perspective, social login juga mengurangi beban:
- Gak perlu handle password storage
- Gak perlu implement password reset flow
- Email sudah verified by provider
- Profile picture dan name available
Setup Google OAuth
Google adalah provider paling common. Almost everyone punya Google account. Let's set it up.
Step 1: Create Google Cloud Project
- Buka https://console.cloud.google.com
- Create new project atau select existing
- Beri nama project (misal: "AuthKit Demo")
Step 2: Configure OAuth Consent Screen
- Di sidebar, go to "APIs & Services" → "OAuth consent screen"
- Select User Type: "External" (untuk public app)
- Fill required info:
- App name: "AuthKit Demo"
- User support email: your email
- Developer contact email: your email
- Scopes: add
emaildanprofile - Test users: add your email untuk testing
- Save
Step 3: Create OAuth Credentials
- Go to "APIs & Services" → "Credentials"
- Click "Create Credentials" → "OAuth client ID"
- Application type: "Web application"
- Name: "WorkOS Integration"
- Authorized redirect URIs:
<https://authkit.workos.com/sso/oauth/callback> - Click "Create"
- Copy Client ID dan Client Secret
IMPORTANT:
Redirect URI untuk WorkOS adalah:
<https://authkit.workos.com/sso/oauth/callback>
BUKAN localhost atau domain kamu.
WorkOS yang handle OAuth callback, lalu redirect ke app kamu.
Step 4: Configure di WorkOS Dashboard
- Login ke WorkOS dashboard
- Go to "Authentication" → "Social Login"
- Find "Google" dan click "Configure"
- Paste:
- Client ID dari Google
- Client Secret dari Google
- Toggle "Enabled" ON
- Save
Step 5: Test Google Login
- Buka app kamu:
http://localhost:8000 - Click "Log in"
- Sekarang kamu harusnya lihat "Continue with Google" button
- Click it
- Select Google account
- Authorize
- Redirected back ke app, logged in!
WHAT CHANGED IN UI:
Before:
┌─────────────────────────────────────┐
│ Email: [________________] │
│ Password: [________________] │
│ [Continue] │
└─────────────────────────────────────┘
After enabling Google:
┌─────────────────────────────────────┐
│ [G] Continue with Google │
│ │
│ ──────────── or ──────────── │
│ │
│ Email: [________________] │
│ Password: [________________] │
│ [Continue] │
└─────────────────────────────────────┘
Setup GitHub OAuth
GitHub login essential kalau target audience kamu developers. Setup-nya similar.
Step 1: Create GitHub OAuth App
- Buka https://github.com/settings/developers
- Click "OAuth Apps" → "New OAuth App"
- Fill:
- Application name: "AuthKit Demo"
- Homepage URL:
http://localhost:8000(atau production URL) - Authorization callback URL:
<https://authkit.workos.com/sso/oauth/callback>
- Click "Register application"
- Copy Client ID
- Generate Client Secret dan copy
Step 2: Configure di WorkOS Dashboard
- Di WorkOS dashboard → "Authentication" → "Social Login"
- Find "GitHub" → "Configure"
- Paste Client ID dan Client Secret
- Enable
- Save
Step 3: Test GitHub Login
- Refresh login page
- "Continue with GitHub" button sekarang muncul
- Test the flow
Adding More Providers
Proses sama untuk providers lain. WorkOS support:
AVAILABLE SOCIAL PROVIDERS:
Provider Setup Difficulty Common Use Case
─────────────────────────────────────────────────────
Google Easy General audience
GitHub Easy Developer tools
Microsoft Medium Enterprise, Office users
Apple Medium iOS apps, privacy-focused
GitLab Easy DevOps tools
LinkedIn Medium Professional/B2B apps
Slack Easy Workspace tools
Untuk setiap provider:
- Create OAuth app di provider's developer console
- Set redirect URI ke
https://authkit.workos.com/sso/oauth/callback - Copy credentials ke WorkOS dashboard
- Enable
That's it. Gak perlu code changes, gak perlu redeploy.
Best Practice: Disable Email + Password
Ini recommendation dari Laravel team sendiri:
Kalau kamu sudah enable social login dan passkeys, consider disable email + password authentication entirely.
Kenapa?
- Gak perlu handle password storage
- Gak perlu worry about password breaches
- Gak perlu implement password reset
- Simpler codebase, better security
Cara disable:
- WorkOS Dashboard → "Authentication" → "Authentication Methods"
- Find "Email + Password"
- Toggle OFF
- Save
Sekarang users hanya bisa login via:
- Social providers (Google, GitHub, dll)
- Passkeys (next section)
- Magic Auth (email link)
- SSO (untuk enterprise)
Handling User Data dari Social Login
Ketika user login via social provider, WorkOS return profile data. Laravel starter kit handle ini automatically, tapi good to know what's available:
// Data yang available setelah social login:
$user = Auth::user();
$user->id; // Laravel user ID
$user->name; // Full name dari provider
$user->email; // Email dari provider (verified)
$user->avatar; // Profile picture URL (kalau available)
$user->workos_id; // WorkOS user ID
// Email sudah verified by provider
// Gak perlu manual email verification
Mini Tips
"Enable minimal 2 social providers untuk redundancy. Kalau Google down atau user gak punya GitHub, mereka masih bisa login via provider lain. Google + satu lagi (GitHub untuk devs, Microsoft untuk enterprise) adalah combo yang solid."
Bagian 5: Implementasi Passkey Authentication
Passkeys adalah future of authentication. Apple, Google, dan Microsoft semuanya pushing adoption. 1Password dan password managers lain sekarang support passkeys. Ini bukan experimental feature lagi — ini mainstream.
Dan dengan WorkOS, implementasi passkey di Laravel literally tinggal enable di dashboard.
Apa Itu Passkey?
Sebelum implement, let's understand how it works:
PASSKEY BASICS:
Traditional Password:
- Secret string yang user remember
- Stored (hashed) di server
- Can be phished, leaked, or guessed
- User harus ingat untuk setiap site
Passkey:
- Cryptographic key pair (public + private)
- Private key NEVER leaves user's device
- Public key stored di server
- Authenticated via biometrics (fingerprint, face) atau PIN
- Phishing-resistant by design
How Passkey Authentication Works:
REGISTRATION FLOW:
User Browser Server (WorkOS)
│ │ │
│ Click "Add Passkey" │ │
│───────────────────────>│ │
│ │ Request challenge │
│ │─────────────────────────>│
│ │ │
│ │ Challenge + options │
│ │<─────────────────────────│
│ │ │
│ Biometric prompt │ │
│ (fingerprint/face) │ │
│<───────────────────────│ │
│ │ │
│ Verify biometric │ │
│───────────────────────>│ │
│ │ │
│ │ Create key pair │
│ │ Store private key │
│ │ Send public key │
│ │─────────────────────────>│
│ │ │
│ │ Store public key │
│ │ Passkey registered! │
│ │<─────────────────────────│
│ │ │
LOGIN FLOW:
User Browser Server (WorkOS)
│ │ │
│ Click "Sign in │ │
│ with Passkey" │ │
│───────────────────────>│ │
│ │ Request challenge │
│ │─────────────────────────>│
│ │ │
│ │ Challenge │
│ │<─────────────────────────│
│ │ │
│ Biometric prompt │ │
│<───────────────────────│ │
│ │ │
│ Verify & sign │ │
│───────────────────────>│ │
│ │ │
│ │ Signed challenge │
│ │─────────────────────────>│
│ │ │
│ │ Verify signature │
│ │ with stored public key │
│ │ │
│ │ Success! User logged in │
│ │<─────────────────────────│
Key points:
- Private key never transmitted
- Server never knows the secret
- Biometrics processed locally
- Challenge-response prevents replay attacks
Enable Passkey di WorkOS
Super simple:
Step 1: Enable di Dashboard
- WorkOS Dashboard → "Authentication" → "Authentication Methods"
- Find "Passkeys"
- Toggle ON
- Configure options:
- User verification: "Required" (recommended)
- Authenticator attachment: "Platform" (device biometrics)
- Save
Step 2: Test Registration
- Login ke app kamu (via social atau email)
- Go to profile/settings page
- Look for "Security" atau "Passkeys" section
- Click "Add Passkey"
- Browser akan prompt biometric verification
- Complete fingerprint/face scan
- Passkey created!
WHAT USER SEES:
┌─────────────────────────────────────────────────────────┐
│ Security Settings │
│ │
│ Passkeys │
│ ───────────────────────────────────────────── │
│ Use your fingerprint, face, or screen lock to │
│ sign in without a password. │
│ │
│ Your passkeys: │
│ ┌─────────────────────────────────────────────────┐ │
│ │ 🔑 MacBook Pro - Chrome │ │
│ │ Added Dec 15, 2025 [Remove] │ │
│ └─────────────────────────────────────────────────┘ │
│ │
│ [+ Add new passkey] │
│ │
└─────────────────────────────────────────────────────────┘
Step 3: Test Login dengan Passkey
- Logout
- Go to login page
- Click "Sign in with Passkey" (atau browser might auto-suggest)
- Browser prompt muncul
- Verify dengan fingerprint/face
- Instantly logged in!
User Experience Flow
Passkeys shine di user experience:
LOGIN TIME COMPARISON:
Email + Password:
1. Type email (5 sec)
2. Type password (5 sec)
3. Click submit (1 sec)
4. Wait for response (1-2 sec)
Total: ~12-13 seconds
Social Login:
1. Click provider button (1 sec)
2. Select account (2 sec)
3. Authorize (1 sec)
4. Redirect back (1-2 sec)
Total: ~5-6 seconds
Passkey:
1. Click "Sign in with Passkey" (1 sec)
2. Touch fingerprint (1 sec)
Total: ~2 seconds
Passkey is 6x faster than password!
Device Support
Passkeys work di most modern devices:
PLATFORM SUPPORT (2025):
Desktop:
✓ Chrome (Windows, Mac, Linux)
✓ Safari (Mac)
✓ Firefox (Windows, Mac, Linux)
✓ Edge (Windows, Mac)
Mobile:
✓ Safari (iOS 16+)
✓ Chrome (Android 9+)
Authenticators:
✓ Windows Hello
✓ macOS Touch ID / Face ID
✓ iOS Face ID / Touch ID
✓ Android Fingerprint / Face
✓ Hardware keys (YubiKey, etc.)
Cross-device:
✓ Use phone to authenticate on desktop
(via QR code scan)
Handling Passkey-Only Authentication
Kalau kamu mau go full passwordless:
// config/workos.php atau .env
// Recommended setup untuk passwordless:
// 1. Disable Email + Password di WorkOS dashboard
// 2. Enable: Passkeys + Social Login + Magic Auth
// User flows:
// - New user: Sign up via Social → Add Passkey
// - Returning user: Login via Passkey (fastest)
// - Fallback: Social Login atau Magic Auth
Recovery Flow:
Kalau user kehilangan device:
- User click "Can't access passkey?"
- WorkOS offers alternatives:
- Social login (kalau enabled)
- Magic Auth (email link)
- User authenticates via alternative
- User dapat register passkey baru di device baru
Code: Check Passkey Availability
Kalau kamu perlu check apakah browser support passkeys:
// resources/js/passkey-check.js
async function checkPasskeySupport() {
// Check if WebAuthn available
if (!window.PublicKeyCredential) {
console.log('Passkeys not supported in this browser');
return false;
}
// Check if platform authenticator available
const available = await PublicKeyCredential
.isUserVerifyingPlatformAuthenticatorAvailable();
if (available) {
console.log('Passkeys fully supported!');
return true;
} else {
console.log('Passkeys supported but no platform authenticator');
// Can still use security keys like YubiKey
return 'partial';
}
}
// Usage
checkPasskeySupport().then(supported => {
if (supported === true) {
// Show "Add Passkey" prominently
} else if (supported === 'partial') {
// Show "Add Security Key" option
} else {
// Hide passkey options, use other auth methods
}
});
Session Configuration
Important: sync Laravel session dengan WorkOS session.
// config/session.php
return [
// Match dengan WorkOS AuthKit session timeout
// Default WorkOS: 2 hours inactivity
'lifetime' => 120, // 120 minutes = 2 hours
'expire_on_close' => false,
// ... other configs
];
Di WorkOS dashboard:
- Go to "Authentication" → "Session Settings"
- Set inactivity timeout: 2 hours (atau match dengan Laravel)
- Save
Kenapa ini penting? Kalau mismatch, user bisa experience weird behavior — logged in di satu side tapi not di side lain.
Mini Tips
"Encourage users untuk setup passkey di multiple devices. MacBook di rumah, iPhone untuk mobile, mungkin YubiKey sebagai backup. Kalau satu device hilang atau rusak, mereka masih bisa akses account. WorkOS handle multiple passkeys per user automatically."
Bagian 6: Implementasi SSO untuk Enterprise
Kalau kamu building B2B SaaS, SSO bukan nice-to-have — itu deal breaker.
Enterprise clients dengan 500+ employees punya IT policies yang strict. Mereka gak mau employees create separate credentials untuk setiap app. Mereka mau centralized identity management via Okta, Azure AD, atau identity provider lainnya.
Tanpa SSO support? Deal lost. Simple as that.
Traditionally, implementing SSO itu nightmare. SAML protocol itu complex, XML assertions itu confusing, debugging itu painful. Banyak startups avoid enterprise market entirely karena SSO implementation cost terlalu tinggi.
Dengan WorkOS? SSO setup dalam hitungan menit, bukan minggu.
SSO Basics
Sebelum implement, let's understand the concepts:
SSO TERMINOLOGY:
Identity Provider (IdP):
- System yang manage user identities
- Examples: Okta, Azure AD, Google Workspace, OneLogin
- Company's IT admin controls this
Service Provider (SP):
- Your application
- Trusts IdP untuk authenticate users
SAML (Security Assertion Markup Language):
- XML-based protocol
- Most common untuk enterprise SSO
- Complex tapi well-established
OIDC (OpenID Connect):
- JSON-based protocol (built on OAuth 2.0)
- Newer, simpler than SAML
- Growing adoption
SSO Flow:
USER JOURNEY WITH SSO:
1. User visits your app
└─> yourapp.com/login
2. User enters work email
└─> "[email protected]"
3. App detects SSO-enabled domain
└─> majujaya.co.id → Okta connection
4. Redirect to Identity Provider
└─> User sees Okta login page
5. User authenticates at IdP
└─> Using company credentials (maybe with MFA)
6. IdP sends assertion to WorkOS
└─> "Yes, this is Budi from Maju Jaya"
7. WorkOS validates dan redirect to app
└─> User logged in, session created
8. User lands on dashboard
└─> No separate password needed!
Dari user perspective: masukkan email kerja → authenticate sekali di company portal → done. Seamless.
Enable SSO di WorkOS
Step 1: Enable SSO Feature
- WorkOS Dashboard → "Authentication" → "Authentication Methods"
- Find "Single Sign-On"
- Toggle ON
- Save
Step 2: Understand Organizations
Di WorkOS, "Organization" represent your enterprise client:
WORKOS ORGANIZATION CONCEPT:
Your App (Service Provider)
│
├── Organization: "PT Maju Jaya"
│ ├── Domain: majujaya.co.id
│ ├── Connection: Okta (SAML)
│ └── Users: All @majujaya.co.id emails
│
├── Organization: "CV Tech Indo"
│ ├── Domain: techindo.com
│ ├── Connection: Azure AD (OIDC)
│ └── Users: All @techindo.com emails
│
└── Organization: "Startup XYZ"
├── Domain: startupxyz.io
├── Connection: Google Workspace (SAML)
└── Users: All @startupxyz.io emails
Each organization = 1 SSO connection = 1 billing unit
Step 3: Create Organization untuk Client
- WorkOS Dashboard → "Organizations"
- Click "Create Organization"
- Fill:
- Name: "PT Maju Jaya" (client's company name)
- Domains: "majujaya.co.id" (their email domain)
- Save
Step 4: Setup SSO Connection via Admin Portal
Ini yang powerful dari WorkOS — kamu gak perlu setup SSO sendiri. Client's IT admin yang setup, via guided Admin Portal.
ADMIN PORTAL FLOW:
1. Kamu generate invite link dari WorkOS dashboard
└─> "Invite admin to setup SSO"
2. Kirim link ke IT admin client
└─> Via email atau langsung share
3. IT admin click link, masuk Admin Portal
└─> Hosted by WorkOS, professional UI
4. Admin pilih Identity Provider mereka
└─> Okta? Azure AD? Google Workspace?
5. Admin follow step-by-step instructions
└─> WorkOS provide specific guide per IdP
6. Admin upload metadata / configure connection
└─> Copy-paste dari IdP dashboard
7. Test connection
└─> Admin bisa test SSO flow langsung
8. Done!
└─> SSO active, users bisa login
Generate Admin Portal Link:
- Go to Organization yang sudah dibuat
- Click "Invite admin" atau "Setup SSO"
- Select "Single Sign-On"
- Either:
- Enter IT admin email (mereka dapat email dengan link)
- Copy setup link langsung
- Share ke client
Implementing SSO in Laravel
Good news: kalau kamu pakai WorkOS starter kit, SSO sudah handled automatically. Tapi let's understand what happens under the hood.
Domain-based SSO Detection:
// Ini handled by WorkOS automatically, tapi conceptually:
// 1. User submit email di login form
$email = "[email protected]";
// 2. Extract domain
$domain = "majujaya.co.id";
// 3. WorkOS check: Is this domain connected to SSO?
// If yes → redirect to IdP
// If no → continue normal auth flow
// Kamu gak perlu code ini manually
// WorkOS AuthKit handle automatically
User Data dari SSO:
// Setelah SSO authentication, user data available seperti biasa
$user = Auth::user();
$user->email; // [email protected]
$user->name; // Budi Santoso (dari IdP)
$user->workos_id; // WorkOS user ID
// Additional: organization info
// Bisa diakses via WorkOS API kalau needed
Integrating Admin Portal ke App Kamu
Instead of manually sharing links, kamu bisa embed Admin Portal setup dalam app:
// routes/web.php
use WorkOS\\WorkOS;
Route::middleware(['auth', 'admin'])->group(function () {
Route::get('/settings/sso/setup', function () {
$workos = new WorkOS(env('WORKOS_API_KEY'));
// Get current user's organization
$organizationId = Auth::user()->organization_id;
// Generate Admin Portal link
$portalLink = $workos->portal->generateLink([
'organization' => $organizationId,
'intent' => 'sso',
'return_url' => route('settings.sso'),
]);
return redirect($portalLink->link);
})->name('settings.sso.setup');
});
Dengan ini, admin dari client bisa setup SSO langsung dari dalam app kamu. Professional experience.
SSO Testing
WorkOS provide Test Identity Provider untuk development:
- Di Organization, click "Test SSO"
- WorkOS provide fake IdP untuk testing
- Test berbagai scenarios:
- Successful login
- Different user attributes
- Error handling
- No need setup real Okta/Azure untuk development
Pricing Consideration
SSO adalah satu-satunya WorkOS feature yang berbayar untuk most use cases:
SSO PRICING:
$125/connection/month
- 1 connection = 1 organization's SSO setup
- Unlimited users within that organization
Volume discounts:
- 16-30 connections: $100/month each
- 31-50 connections: $80/month each
- 51-100 connections: $65/month each
- 100+: Contact sales
Real talk tentang pricing:
Kalau PT Maju Jaya bayar kamu $5,000/month untuk SaaS subscription, $125/month untuk enable SSO itu nothing. Usually enterprise deals have much higher contract values yang easily justify SSO cost.
Strategy:
- Offer SSO di "Enterprise" tier
- Price tier accordingly (SSO cost + margin)
- Or: pass SSO cost ke client directly
Common SSO Scenarios
Scenario 1: Karyawan Baru
1. IT admin add user di Okta
2. User automatically dapat access ke semua SSO-enabled apps
3. Termasuk app kamu
4. No manual provisioning needed
Scenario 2: Karyawan Resign
1. IT admin disable user di Okta
2. User immediately kehilangan access ke semua apps
3. Termasuk app kamu
4. Centralized offboarding
Scenario 3: User dari Non-SSO Domain
1. User login dengan personal email (gmail.com)
2. WorkOS detect: gmail.com bukan SSO-enabled domain
3. Normal auth flow (social login, passkey, etc.)
4. SSO only untuk configured organization domains
Mini Tips
"Jangan underestimate value dari Admin Portal. Enterprise IT admins appreciate self-serve setup. Mereka gak mau schedule calls dan share credentials dengan external vendors. Admin Portal bikin SSO setup bisa dilakukan kapan saja, tanpa dependency ke tim kamu."
Bagian 7: Best Practices dan Production Tips
Kamu sudah setup social login, passkeys, dan SSO. Sekarang let's make sure semuanya production-ready.
Environment Configuration
Development vs Production Credentials:
# .env.local (Development)
APP_ENV=local
APP_DEBUG=true
APP_URL=http://localhost:8000
WORKOS_CLIENT_ID=client_staging_xxxxxxxxxx
WORKOS_API_KEY=sk_test_xxxxxxxxxxxxxxxxxxxxxx
WORKOS_REDIRECT_URL="${APP_URL}/authenticate"
# .env.production (Production)
APP_ENV=production
APP_DEBUG=false
APP_URL=https://yourapp.com
WORKOS_CLIENT_ID=client_production_xxxxxxxxxx
WORKOS_API_KEY=sk_live_xxxxxxxxxxxxxxxxxxxxxx
WORKOS_REDIRECT_URL="${APP_URL}/authenticate"
Important:
sk_test_keys untuk staging/developmentsk_live_keys untuk production- NEVER use test keys di production
- NEVER commit credentials ke git
WorkOS Environments:
WORKOS ENVIRONMENTS:
Staging:
- Free, unlimited testing
- Test all features
- Fake data okay
- Use for development dan QA
Production:
- Real users, real data
- Billing applies (for SSO)
- Use for live apps only
Security Best Practices
1. Force HTTPS di Production
// app/Providers/AppServiceProvider.php
use Illuminate\\Support\\Facades\\URL;
public function boot()
{
if (config('app.env') === 'production') {
URL::forceScheme('https');
}
}
Passkeys require secure context. HTTP di production = passkeys won't work.
2. Recommended Auth Configuration
RECOMMENDED SETUP:
Enable:
✓ Social Login (Google + 1 more)
✓ Passkeys
✓ Magic Auth (email link as fallback)
✓ SSO (untuk enterprise clients)
Disable:
✗ Email + Password
Kenapa disable password?
- No password = no password breaches
- No password reset flow needed
- No weak password issues
- Simpler, more secure
3. Session Security
// config/session.php
return [
'driver' => env('SESSION_DRIVER', 'database'), // atau redis untuk scale
'lifetime' => 120, // Match WorkOS setting
'expire_on_close' => false,
'encrypt' => true, // Encrypt session data
'secure' => env('SESSION_SECURE_COOKIE', true), // HTTPS only
'http_only' => true, // Prevent XSS access
'same_site' => 'lax', // CSRF protection
];
4. CORS Configuration (kalau pakai API)
// config/cors.php
return [
'paths' => ['api/*'],
'allowed_origins' => [
env('APP_URL'),
'<https://authkit.workos.com>', // WorkOS callbacks
],
'allowed_methods' => ['*'],
'allowed_headers' => ['*'],
'supports_credentials' => true,
];
User Model Best Practices
// app/Models/User.php
<?php
namespace App\\Models;
use Illuminate\\Foundation\\Auth\\User as Authenticatable;
use Illuminate\\Notifications\\Notifiable;
class User extends Authenticatable
{
use Notifiable;
protected $fillable = [
'name',
'email',
'workos_id',
'avatar',
'organization_id', // For SSO users
];
protected $hidden = [
'remember_token',
];
// Helper: Check if user dari SSO
public function isSsoUser(): bool
{
return !is_null($this->organization_id);
}
// Helper: Check if user punya passkey
public function hasPasskey(): bool
{
// Implement based on your passkey tracking
// WorkOS handle passkeys, tapi kamu bisa track locally
return cache()->remember(
"user.{$this->id}.has_passkey",
3600,
fn() => $this->checkPasskeyViaWorkOS()
);
}
}
Error Handling
// app/Exceptions/Handler.php
use Illuminate\\Auth\\AuthenticationException;
use WorkOS\\Exception\\WorkOSException;
public function register()
{
$this->renderable(function (WorkOSException $e, $request) {
// Log WorkOS errors
Log::error('WorkOS Error', [
'message' => $e->getMessage(),
'code' => $e->getCode(),
'user' => Auth::id(),
]);
if ($request->expectsJson()) {
return response()->json([
'error' => 'Authentication service error',
], 503);
}
return redirect()->route('login')
->with('error', 'Authentication service temporarily unavailable.');
});
}
Monitoring dan Logging
Track Auth Events:
// app/Listeners/LogSuccessfulLogin.php
use Illuminate\\Auth\\Events\\Login;
use Illuminate\\Support\\Facades\\Log;
class LogSuccessfulLogin
{
public function handle(Login $event)
{
Log::info('User logged in', [
'user_id' => $event->user->id,
'email' => $event->user->email,
'ip' => request()->ip(),
'user_agent' => request()->userAgent(),
'method' => session('auth_method', 'unknown'),
]);
}
}
WorkOS Dashboard Monitoring:
WorkOS dashboard provides:
- Login attempts (success/fail)
- Active sessions
- SSO connection status
- Error logs
Check regularly, especially setelah deploy changes.
Performance Optimization
Cache User Lookups:
// WorkOS user sync bisa di-cache
public function getUserFromWorkOS($workosId)
{
return cache()->remember(
"workos_user.{$workosId}",
3600, // 1 hour
function () use ($workosId) {
// Fetch from WorkOS API
return $this->workos->users->get($workosId);
}
);
}
Session Driver:
# For production dengan traffic tinggi
SESSION_DRIVER=redis
CACHE_DRIVER=redis
# Redis config
REDIS_HOST=127.0.0.1
REDIS_PASSWORD=null
REDIS_PORT=6379
Deployment Checklist
PRE-DEPLOYMENT CHECKLIST:
Environment:
□ APP_ENV=production
□ APP_DEBUG=false
□ APP_URL dengan https://
□ Production WorkOS credentials (sk_live_)
Security:
□ HTTPS enforced
□ Session secure cookie enabled
□ CORS configured properly
□ Rate limiting enabled
WorkOS Dashboard:
□ Production environment active
□ Redirect URLs updated untuk production domain
□ Social login credentials updated (production OAuth apps)
□ SSO organizations configured
Testing:
□ Social login works
□ Passkey registration works
□ Passkey login works
□ SSO flow works (kalau applicable)
□ Logout works
□ Session expiry works correctly
Monitoring:
□ Error logging configured
□ Auth event logging active
□ WorkOS dashboard accessible
Mini Tips
"Setup alerts untuk failed authentication attempts yang unusual. Spike dalam failed logins bisa indicate brute force attack atau configuration issue. WorkOS dashboard punya built-in monitoring, tapi integrate juga dengan your own alerting system (Slack, email, etc.)."
Bagian 8: Penutup dan Next Steps
Let's recap apa yang sudah kita build.
Dalam artikel ini, kamu sudah learn dan implement:
COMPLETED IMPLEMENTATION:
✅ Fresh Laravel 12 dengan WorkOS AuthKit starter kit
└─> Modern stack, official integration
✅ WorkOS account dan credentials configured
└─> Connected, ready for auth
✅ Social Login (Google, GitHub)
└─> 1-click signup/login enabled
✅ Passkey Authentication
└─> Passwordless dengan biometrics
✅ SSO untuk Enterprise
└─> SAML/OIDC ready, Admin Portal configured
✅ Production best practices
└─> Security, performance, monitoring
Apa yang Kamu Dapat
Bandingkan effort dengan hasil:
TRADITIONAL APPROACH:
───────────────────────
Time: 3-4 weeks
Effort: High (multiple packages, custom code)
Security: Variable (depends on implementation)
Maintenance: Ongoing
Enterprise-ready: Requires additional work
WORKOS AUTHKIT APPROACH:
───────────────────────
Time: 2-4 hours
Effort: Low (configuration, minimal code)
Security: Enterprise-grade (SOC 2 certified)
Maintenance: Zero (WorkOS handles)
Enterprise-ready: From day one
Dalam hitungan jam, kamu punya authentication system yang lebih robust, lebih secure, dan lebih scalable dari yang kebanyakan developer build dalam berminggu-minggu.
When to Use WorkOS AuthKit
Perfect fit untuk:
- SaaS applications (B2B atau B2C)
- Apps yang perlu enterprise features (SSO)
- Products yang prioritize modern auth (passkeys)
- Startups yang mau enterprise-ready dari awal
- Teams yang mau focus di core product, bukan auth
Consider alternatives kalau:
- Very custom authentication requirements
- Offline-first applications
- Budget extremely tight untuk SSO
- Regulatory requirements yang mandate self-hosted auth
Next Steps untuk Practice
Immediate (This Week):
- Build sample project dengan full WorkOS integration
- Test semua auth flows: social, passkey, magic auth
- Setup fake organization dan test SSO flow
- Deploy ke staging environment
Short-term (This Month):
- Implement di real project atau portfolio piece
- Explore WorkOS dashboard features in-depth
- Setup monitoring dan alerting
- Read official docs untuk advanced features
Long-term:
- Integrate RBAC (Role-Based Access Control)
- Implement Directory Sync (SCIM) untuk enterprise
- Add Audit Logs untuk compliance
- Explore WorkOS Radar untuk fraud detection
Resources untuk Learning Lanjut
OFFICIAL DOCUMENTATION:
Laravel:
└─> laravel.com/docs/12.x/starter-kits
WorkOS:
└─> workos.com/docs
└─> workos.com/docs/user-management
└─> workos.com/docs/sso
GitHub:
└─> github.com/laravel/workos
└─> github.com/workos/authkit
AuthKit:
└─> authkit.com (demo dan playground)
COMMUNITY:
Laravel Discord
└─> discord.gg/laravel
WorkOS Slack
└─> Community support dan discussions
BuildWithAngga
└─> buildwithangga.com (tutorials dalam Bahasa Indonesia)
Closing Thoughts
Authentication itu foundation dari setiap aplikasi. Tanpa auth yang solid, semua fitur lain jadi meaningless.
Dulu, building auth yang proper itu time-consuming dan error-prone. Gue personally udah spend countless hours debugging OAuth flows, fixing session issues, dan implementing SSO dari scratch. It was not fun.
Sekarang dengan Laravel 12 dan WorkOS AuthKit, authentication bukan lagi bottleneck. Setup dalam jam, bukan minggu. Enterprise-ready dari awal. Security handled by experts.
Yang gue suka dari approach ini adalah philosophy-nya: use the right tools, focus on what matters. Auth infrastructure bukan core competency untuk kebanyakan apps. Better delegate ke yang memang expert di bidang itu.
Gunakan waktu yang kamu save untuk build features yang bikin app kamu valuable. Solve problems yang unique untuk users kamu. Iterate faster.
Tools exist to make our lives easier. WorkOS AuthKit adalah salah satunya.
Sekarang go build something amazing.
See you di tutorial selanjutnya. Keep building! 🚀
