11
19 Comments

I think I need to niche down - how does this strategy sound?

I'm working on https://www.justauthenticate.me - its an authentication as a service designed to be simple to integrate and easy to use. I think it can especially help solo devs or small teams who want a simple way to get users signed up and using their platform, but I'm struggling with how to market it.

Currently, the landing page presents a fairly generic "authentication as a service" value proposition. I'm thinking about two ways of focusing/nicheing down a bit.

The first idea is to double down on the "serverless" and JAMstack trend. JustAuthenticateMe fits very neatly into this paradigm of development, and I even made a serverless framework plugin that auto-authenticates your lambdas with a couple lines of configuration.

The other idea is to slightly pivot and market this as an easy way to add a second factor of authentication to an existing app. So the app would already have password-based auth and use JustAuthenticateMe for 2FA via the user's email address.

Do any of you have predictions on which of these paths might work better? I plan on running a couple ad campaigns with landing pages tailored toward each of them and seeing which one performs the best.

Thanks for your insight,

  1. 3

    Hi Grant, I'd suggest you segment based on pain. Luca's response is an interesting example. What pain has to be solved? Speed? Ease of implementation? Something else?

    Once you've identified something that you believe is a have to (it's easy to mistake nice to haves for have tos), build you personas around that.

    Which type of company is most likely to have this problem? How do they communicate? What do they look like? Where do they hang out? How many are there? What price point is right for them? etc. Make sure your messaging is based on what's in it for them.

    In essence it's just like programming;

    1. You create the framework as good as you can
    2. Debug it

    In these crazy times it's incredibly important to niche. So I think your thinking is spot on, niche down and take over the world with justauthenticate.me! :)

    1. 1

      Thank you! This is incredible advice that I will take to heart. I'll definitely take the time to answer all those questions you listed to help me figure out what direction to take.

  2. 2

    Hi Grant,
    I find that I feel the need to echo the other comments here.
    Why are you not selling - not in bulk or scale, why don't you have 10-20 paying users?
    I really feel that's the first thing you need to solve - get 10-20 paying customers ( or a 100 refusals - that'll work as well).
    Not from ads, blogs, podcast interviews, but actually go and "hustle" users into your service - do things that don't scale!
    I feel like you don't know why your customers would pay for you - and that makes sense, you're not talking to them.
    Go and find 100 people to sell this to - if 10-20 register - you're golden, learn from them and dig deeper. If 100 refuse - don't just take no for an answer, find out the "why" behind the no.
    I think the easiest way to get a million paying customers is to find 10-20 to teach you about the rest of the million - personally, slowly and painstakingly not scalable.
    Hope this helps,
    Jonathan
    PS I love your tool - and I think there's room for many flavors of authentication as a service.

    1. 2

      Thank you! This is exactly the kind of tough love and encouragement that I come to IH for.
      I'll do this.

      1. 1

        You've built a useful tool, there's NO REASON why you should have zero customers.
        I'm sure you'll figure this out in no time!
        Cheers
        Jonathan
        PS if you'd like to chat about this in a bit more detail, I'm on https://calendly.com/jonathanoron, feel free to book a meeting

  3. 2

    I use Firebase Auth for everything, since they're not going anywhere, and I find it pretty easy to setup. It's going to be really hard to compete with them as a generic auth service, so I think finding a niche is the right idea.

    I run divjoy.com, where the literal value prop is giving people all that extra boilerplate code they need, such as exposing Firebase auth via a React context provider, reading it via a React hook, passing the token to serverless functions, middleware to validate token, etc. There's still a lot of boilerplate there. Most of it relates to React, so might be worth considering focusing efforts on having a really good React library (or Vue.js, etc).

    The best example of a niche auth/db service I've seen recently is http://userbase.com with their privacy angle. Might be worth diving into their product to see what they're doing right as well.

    Last random thought: Could you do something interesting with Cloudflare Workers so Jamstack apps get authentication state added to their static files (no actual HTTP request, all done dynamically on the edge)?

    1. 1

      Thanks for your insights! I did fail to mention that the primary difference between JustAuthenticateMe and firebase auth/auth0/etc is that I'm offering passwordless magic link based auth, as opposed to traditional email/password auth. However, I think your point holds that other services like firebase aren't that bad so it will be hard to compete directly.

      I am hoping to make a template for a React or Vue app that uses JustAuthenticateMe. It would be interesting to see the amount of boilerplate involved and compare it to other providers.

      I've heard of userbase but haven't looked closely, I will check them out!

      Adding authentication state to static files sounds incredibly interesting! I hadn't thought of that before. Did you have any particular use case in mind?

      1. 2

        I think the selling point there would be faster site and simpler integration because no async fetching of auth state. That said, it would probably require users to also be hosted with Cloudflare, so that may be too much friction.

  4. 1

    The other idea is to slightly pivot and market this as an easy way to add a second factor of authentication to an existing app. So the app would already have password-based auth

    Just my opinion but I would recommend sticking with your current password-less, server-less, email based authentication as someone with their own password based auth could easily add 2FA support with existing libraries without much friction. Also I really like the landing page, gets to the point quick and the test email box really delivers it home - Pavin.

    1. 1

      Thanks for this! I appreciate the kind words. I'm leaning away from the 2FA path for the exact reasons you mentioned, but might still run a small ad campaign to get some conversion numbers with that stance.

  5. 1

    Regarding 2FA, this seems good to have multiple verification methods SMS or voice maybe as alternative to email?

    1. 1

      Yeah, if I were to go that route, I would want to support at least SMS if not authenticator apps, but that will require significantly more dev work, and I'm wary of spending too much time developing before getting a a user base. So I'd want to get people using it as is, before putting in that dev time.

  6. 1

    I am struggling with cognito and recently ran into a problem with amplify that will require a new releases for me to move forward (on windows at least) I have found the serverless authentication world not terribly well documented. I really want to remain serverless with my platform. I would be open to trying your service if it was easy to set up and well documented. Could you make a server less repo so it is easy to integrate in my AWS account? The repo I started with has very few implementations (<200).
    My platform is not working with terribly sensitive data, so they is one niche you can think about. People trust AWS, which would be hard to compete with brand wise. So your niche may be to focus on easier to implement and use.

    1. 1

      I also found Cognito poorly documented and hard to use. I think I'm learning today that "easy to set up" and "well documented" are two of the most important things I can do for developers.

      That's also a good point about non-sensitive data. As an early stage startup, I don't have the money or time to get SOC2 or HIPAA certified, which pretty much means anyone processing sensitive data won't seriously consider my solution.

      I believe JustAuthenticateMe is pretty easy to set up, but I'm the one who built it so of course I think that haha! I'd sincerely appreciate it if you gave the documentation section on the website a skim and told me your first impression. In the simplest case, it boils down to one dependency and calling jam.initAuth("[email protected]") on the frontend. On the backend, it's calling jam.verify(token).

      If you're using serverless framework, you can use the plugin I just finished to make the backend portion even easier: https://github.com/CoalesceSoftware/serverless-justauthenticateme-plugin I haven't added this to the website docs yet because I really just finished it, but I will be adding it soon.

  7. 1

    Hi Grant! At wanderio.com we use Auth0, and we are not particularly happy with it because of its complexity.

    I think there is definitely room for a managed authentication service that is simpler than that. We will have a look at JustAuthenticateMe.

    For positioning, I suggest making crystal clear what's your value prop (I might be biased but I think simplicity is a good one) and your target (startups?). Your headline might just be something more in line with "Simple authentication for startups" — I am trying to think what would resonate the most with me.

    Also, I think you can iterate a little bit on the branding and the design of the page. Your tool will be chosen by developers and they are very picky on that! Stripe famously won many customers at the very beginning (also) because they had incredible landing page and documentation.

    Best of luck!
    Luca

    1. 1

      Thanks for your story! It reminds me of my feelings when using AWS Cognito that inspired me to make JustAuthenticateMe. :)

      You bring up a particularly good point that I've had in mind startups or small teams, but haven't made that clear in any of the copy on my landing page! I also think simplicity is the main value prop.

      Yeah as far as branding/design goes, I'm an engineer doing my best haha, but will be sure to continue to iterate. Did anything in particular stand out to you that I should address?

      1. 1

        A few things I noticed:
        – The logo is a bit hard to read (to me)
        – The landing is quite heavy on text, with little visual structure
        – I was not sure if the "test the ux" input would register me or was just to try out the service. I found it a bit sneaky but I understand it is not intentional

        1. 1

          Thanks for you feedback! I'll definitely take these points into consideration. I'm certainly not trying to be sneaky, just a bit cheeky, but maybe I'll see if I can reword that call-to-action to come off a bit clearer.

  8. 0

    This comment was deleted 4 years ago.

  9. 1

    This comment was deleted 4 years ago.

    1. 1

      Sorry, I tried to explain that in one sentence and it didn't come out that well 😅.

      The github repo is here: https://github.com/CoalesceSoftware/serverless-justauthenticateme-plugin

      You add that plugin to your serverless.yml, and then you don't have to write verification code in your lambdas. The plugin inserts a Custom Authorizer so your lambdas only get called if auth passes.

      Thanks for the feedback on 2FA! Yeah I think that is the best use cases for apps that already have authentication set up, but may need an additional factor or way to verify email addresses.

Trending on Indie Hackers
How I grew a side project to 100k Unique Visitors in 7 days with 0 audience 49 comments Competing with Product Hunt: a month later 33 comments Why do you hate marketing? 29 comments My Top 20 Free Tools That I Use Everyday as an Indie Hacker 15 comments $15k revenues in <4 months as a solopreneur 14 comments Use Your Product 13 comments