Interview with Aviad Mizrachi, CTO of Frontegg

“Plug-and-play user management allows companies to focus on their innovative tech”

Sarah Schlothauer
© Shutterstock / Alphavector

Aviad Mizrachi, the co-founder and CTO of Frontegg, spoke with JAXenter about users changing expectations from modern applications and the challenges that developers face when bringing a product to market. He described Frontegg’s approach to unlocking innovation with its user management infrastructure and the efforts the company has taken to ensure a stellar Developer Experience. Aviad provided some tips for developers and users to prevent hacks and leaks, and offered some advice on finding the middle ground between simplicity and robustness.

JAXenter: What do developers like to spend their time building and what do they actually spend most of their time on?

Aviad Mizrachi: Most developers I know like to focus on innovation and solving complex problems. They like to think about requirements, design them and make sure that they are bringing added value to the product they are working on.

You can roughly divide the product capabilities that developers work on into two categories: the “core” of the product and the “must” of the product. The “core” are the features that are directly related to the value proposition of the product and this is where most of the innovation and complex problem-solving lies. The “must” are the non-core capabilities that exist on every product and cannot be separated from the product — things like hosting, authentication, authorization, and many other user management capabilities.

It’s safe to say that a lot of developers want to be working on the “core” but end up spending a lot of their time on the “must”, which often contributes to developer burnout.

JAXenter: How have users’ expectations changed in recent years in regards to the experience SaaS apps offer?

Aviad Mizrachi: I think there is a process going on in the market of what I refer to as “SaaS standardization”. Users have gotten used to having a great experience and having the ability to control each aspect of the product without the need to talk with anyone. That brought the expectations up from the “MVP (minimum viable product) mode” we used to get from newer applications, which requires startups to invest a lot in the non-core parts of the products in order to be able to compete in the market.

JAXenter: What are some of the major product capabilities that need to be developed in order to bring an application to the market in addition to the core product offering?

Aviad Mizrachi: If you ask any developer, the first part of every product, after choosing the shell and infrastructure, will be to build the authentication and user management parts. Some applications contain deeper user management infrastructure and some start with a leaner approach, depending on the type of the product. Some products require dashboards, some require notifications and integrations and, in today’s self-service PLG world, some require self-service billing and subscription management.

It’s easy to see how the long and growing list of non-core requirements that are necessary for bringing a new product to market puts a significant burden on the development team, as well as on R&D as a whole. You can say that this is starting to become an innovation barrier, raising the cost of entry for new products to come to market.

JAXenter: How does Frontegg solve some of these new challenges that developers and SaaS startups face?

Aviad Mizrachi: Frontegg’s infrastructure for plug-and-play user management allows companies to focus on their innovative tech, taking care of the entire user management part of the application. From the user signup, through the authentication strategies and SSO, to the security policies for each of the users and organizations, all the way to completing the flow with subscription and billing management. Developers working with Frontegg can completely offload these tedious tasks and focus on their core value proposition.

We’ve put a lot of effort into making the integration of Frontegg extremely simple, so it can be plugged into any application in a few hours to a few days, depending on the complexity of the use case. This is in contrast to weeks or even months that it takes to build a homegrown solution for the same product capabilities. We also offer a very comprehensive free tier so companies can bring their innovative products to market without facing difficult resource barriers, and can then scale up with us.

JAXenter: Developer experience is in the spotlight now with developer-first companies focusing on making sure their products and platforms are not just functional but a joy for developers to use. What efforts has Frontegg taken to provide a great DX?

Aviad Mizrachi: Developer experience is a continuous effort. At Frontegg we are always listening to the developers working with the platform to get change requests and feedback. Our developer success team spends a significant part of their time adjusting the docs, building new sample applications and demos, and making sure that there is no community question that remains unanswered.

JAXenter: It seems like massive hacks and leaks are in the news every day, what security capabilities should modern applications support in order to ensure they are keeping their users safe?

Aviad Mizrachi: The best advice I got a few years ago was to “deny by default”. Even if it makes our job as developers harder, there is no easy recovery from leaks or account takeovers. The best tip for users would be multi-factor authentication (MFA) everywhere. MFA might be a UX pain, however, it extends security and dramatically reduces the chances of your account being hijacked. An additional tip is to remove the dependency on passwords. Most users reuse their passwords on multiple sites so it only takes one breach on one site to hack into all the others.

JAXenter: There’s often competition between the need for developers to provide the simplest and quickest solution for the current need, versus building something more robust that anticipates future requirements. How do you go about balancing these two and what advice would you give to other developers and R&D leaders?

Aviad Mizrachi: Obviously when developers look for solutions, the first instinct will be to have a homegrown solution over which they have full control. However, in most cases (unless the requirement is super easy and quick), they find themselves a few months down the road stuck working on non-core parts of the product and having to support more and more features.

When you are building your “presentation mode” MVP it totally makes sense to develop something quick and non-robust. However, if this is something that is aimed to go to customers I would advise you to think about the roadmap 12–18 months from today. This roadmap will include some “non-core” requirements on top of additions to the product definitions. These parts will require constant context-switching from developers and make their day-to-day frustrating.

Therefore, I would advise that before building a homegrown or ad-hoc solution, always consider if there’s an existing solution out there, whether it’s an open-source library or a third-party API. Even if the current need is relatively simple and integrating a robust solution seems like overkill, you need to take into account ongoing maintenance and future requirements. Additionally, when selecting an existing solution to integrate, taking the time to consider whether the capabilities that are supported match your future needs can save a lot of work down the road.

Sarah Schlothauer

Sarah Schlothauer

All Posts by Sarah Schlothauer

Sarah Schlothauer is the editor for She received her Bachelor's degree from Monmouth University, West Long Branch, New Jersey. She currently lives in Frankfurt, Germany with her husband and cat where she enjoys reading, writing, and medieval reenactment. She is also the editor for Conditio Humana, an online magazine about ethics, AI, and technology.

Inline Feedbacks
View all comments