That's awesome! The thing that would make it valuable to me would be to send links to friends or family that have never heard of Cloudflare. If it got tied into Cloudflare Teams or something that added even the tiniest bit of friction it would significantly devalue it IMO. For example, I'd consider OAuth "log in with X platform" to be too much friction. Signing up for an account somewhere would never happen, at least for my use case.
The ideal scenario for me would be if I'm on the phone or video conferencing with someone and can send a link to their email that would grant them instant access with a single click, plus repeat access by doing the one-time-pin flow.
Do you know of any Cloudflare products that would let me build something like that one-time-pin auth flow into a user facing app driven by Workers? Most of the info I can find seems to assume it's going to be used to protect internal resources for companies and the pricing would never work for a user facing app. I might just be missing it though. It took me a while to figure out MS has Azure B2B vs Azure AD which is a similar scenario.
Just rouging it out in my head, I think (I'm probably getting some of it wrong) I could build something like that that's really inexpensive to run using Workers. I'm thinking something like 1 invocation for "unauthorized", a second for the auth request + JWT generation + email link, and a +1 per request cost for a worker to check the JWT / resource request.
IIRC Workers are $0.50/million runs with KV to match, so I could do _a lot_ of authenticating for $5. Compare that to something like Cognito where it's $275 USD for your second 50k users and the one-time-pin style auth running on Workers starts to feel like a good option for low value accounts that don't require a sophisticated auth system with 2FA, etc..
I say that in the context of thinking about a product where people would log in so infrequently they'd probably be doing a password reset anyway. Or they could just be like my parents where every login is a password reset. Lol.
The ideal scenario for me would be if I'm on the phone or video conferencing with someone and can send a link to their email that would grant them instant access with a single click, plus repeat access by doing the one-time-pin flow.
Do you know of any Cloudflare products that would let me build something like that one-time-pin auth flow into a user facing app driven by Workers? Most of the info I can find seems to assume it's going to be used to protect internal resources for companies and the pricing would never work for a user facing app. I might just be missing it though. It took me a while to figure out MS has Azure B2B vs Azure AD which is a similar scenario.
Just rouging it out in my head, I think (I'm probably getting some of it wrong) I could build something like that that's really inexpensive to run using Workers. I'm thinking something like 1 invocation for "unauthorized", a second for the auth request + JWT generation + email link, and a +1 per request cost for a worker to check the JWT / resource request.
IIRC Workers are $0.50/million runs with KV to match, so I could do _a lot_ of authenticating for $5. Compare that to something like Cognito where it's $275 USD for your second 50k users and the one-time-pin style auth running on Workers starts to feel like a good option for low value accounts that don't require a sophisticated auth system with 2FA, etc..
I say that in the context of thinking about a product where people would log in so infrequently they'd probably be doing a password reset anyway. Or they could just be like my parents where every login is a password reset. Lol.