back arrowBack to Blog

Auth Thoughts

The Power of Descope Flows: Self-Service Onboarding

Power of Flows 1 thumbnail

This is Part 1 of the “The Power of Descope Flows” blog series that will cover how our drag-and-drop authentication platform can be used to add, modify, and update authentication on any app or website. In this blog, we cover how we added Flows to our console and company website for frictionless and self-serve user onboarding.

Starting a Product-Led Growth (PLG) motion has many challenges. One of them is creating a frictionless self-service onboarding flow for new users. An effective PLG motion in action has users discovering, trying, and finding value from the product on their own with no manual hand-holding. Automation, scale, and in-context support are vital to nudge users toward finding the “aha” moment with any PLG-first product. Descope uses Descope to achieve this.

Descope Website Login
Fig: Descope Flows on our company website

At Descope, there was no debate about whether or not we should use our own authentication capabilities. We have always been firm believers in the “Drink your own champagne” approach. Some call it “Eat your own dog food”, but like most humans, we prefer champagne to dog food, not to mention we really believe our product is more champagne than dog food.

As such, signing up and signing in to the Descope console – where app developers manage their Descope deployment – is done using our own platform with the Descope Flows functionality.

This benefits us in few ways:

  • We control it: We trust our team more than we trust anyone else. So it was a very obvious choice to rely on our DevOps and Engineering teams to ensure our onboarding journey starts smoothly, performs reliably, and gives users a great first experience.

  • We get feedback at scale: Using our own product means we can provide valuable data-driven feedback to our product management team to explain what is working and what is not. Our use case is very similar to that of all our customers, so we believe this will help us improve the product dramatically.

  • We don’t pay for it: Yes… as a startup we are very conscious about cost, so having free stuff is always good. And since we develop it, we don’t pay for it!

Implementing Descope Flows into our product sign-in page was straightforward. Our engineering teams that developed our console had a very easy job. Partly because Descope is easy to use, but also partly because they built the whole thing.

Descope App Login
Fig: Descope Flows on our app sign-in screen

The real magic started when we needed a sign-up interface for our website and for our documentation site. This is really where Descope Flows shone for us. But let’s take a step back to understand what we wanted to have in our website.

Understanding requirements

Our user funnel starts from our website as the first touchpoint. This is where interested developers go after interacting with our social posts and ads, speaking to us at conferences, searching for relevant terms on the Internet, or hearing about us from their favorite influencers. And right there, we wanted to have a sign-up box where the developers can register and start their Descope journey. 

The conventional approach would have been to put a sign-up form on the website and handle the provisioning process for interested users elsewhere as an automated process. But that would result in an inherent delay between the time of the sign-up request and the time the user can actually sign in to our console. Moreover, this would end up being another moving part in the funnel that would need to be monitored and could break. 

For us, the unconventional but obvious choice was using Descope Flows.

Drag and drop the mic

Descope Flows is a visual no-code interface to build screens and authentication flows for common user interactions with any application. Descope Flows simplifies authentication work for developers by abstracting away the implementation details of authentication methods, session management, risk management, and error handling. This helps get apps in front of users faster and safer than before.

The three main components of Descope Flows are:

  • Flow Builder: A “no-code” drag-and-drop interface that gives you the tools to define authentication-related application logic in a visual workflow.

  • Screen Builder A widget-based interface that enables you to build user-facing sign-in and sign-up screens from the Descope UI.

  • Styles: A centralized repository that helps you create and scale user-facing screens while adhering to your brand’s guidelines, as well as making it easy to propagate any brand updates to all your user-facing screens.

Descope Flows provides a visual component that handles the authentication end-to-end. With it, app developers can basically offload the entire effort of designing the sign-up or sign-in components as well as the actual authentication process. The end state of the Flow is a session token that can be used to validate the user in the application backend.

Descope Flows example
Fig: An example of Descope Flows

On our website pages, we embedded our Flow in the areas where there are usually sign-up forms. With 5 lines of code, the website could now act as an extension of our console application by signing up new users and redirecting them to our console where they are already provisioned and signed in. 

The experience is quick and smooth:

  • Learn about Descope on our site

  • Sign up for our platform right there 

  • Be redirected to the console where you are already signed in 

Mic dropped!

Mic Drop

From that point, we can control the authentication journey to our console app from all places – the console itself, our website, and any other destination we want (e.g. our Docs portal). And any change we want to implement can be done in a visualized manner with no code involved. You want to add OTP? Drop a box and connect it. You want to add GitHub OAuth authentication? Add a button to the sign-in page. You want to enable biometrics? Just add it to the Flow. As easy as 1-2-3 and a lot more secure than the “123..” type of passwords.

The day we emerged from stealth gave us proof of this value. Halfway though launch day, we realized we didn’t really need to ask new users for their names if they use OAuth (Google or GitHub) to sign up. Their name is within the scopes required by OAuth and we get it as soon as they sign up. It took us 2 minutes to edit the Flow – we disconnected the OAuth action from the New User condition, and reconnected it to the end. Done.

Fig: Modifying auth flows on the fly

Descope Flows is truly “drag and drop auth”. It’s a powerful and easy way to authenticate users from any place you need! Stay tuned for more write-ups on how we are using Descope Flows to fuel our PLG motion.

If you'd like to start your own Descope journey, sign up for our platform and join AuthTown, our open user community for developers to learn about authentication.