Bilt’s continual expansion surfaces certain challenges. How do you choose a CIAM solution that checks all your boxes, while still being flexible, performant, and affordable?
Summary - Bilt Chooses FusionAuth
Key Takeaways
- Mission-critical scalability for fintech platforms: FusionAuth’s single-tenant architecture enables financial platforms like Bilt to handle millions of concurrent users during peak periods (like rent due dates) without performance degradation or security risks inherent in shared infrastructure.
- Google Cloud native deployment advantage: FusionAuth’s downloadable software model allows complete integration with GCE-managed instance groups and CI/CD pipelines, ensuring all user data remains within your chosen cloud environment for compliance and control.
- Predictable cost structure for cyclical traffic: Unlike usage-based pricing models that penalize growth, FusionAuth’s transparent pricing eliminates the Identity Provider tax, providing cost certainty even during predictable traffic surges common in financial applications.
- Enterprise-grade security without vendor lock-in: FusionAuth delivers the robust security features required for financial platforms while maintaining deployment flexibility, allowing organizations to avoid the rigid constraints of pure multi-tenant SaaS solutions. FusionAuth customers own their data, and they can access it as needed.
- Developer-centric integration capabilities: FusionAuth’s API-first design enables seamless automation of deployments and authentication management across multiple environments, reducing development overhead and accelerating time-to-market for new features.
Definitions
- Single-tenant architecture: A deployment model where each customer has their own dedicated instance of the authentication system, eliminating the security and performance risks associated with shared infrastructure while providing complete control over data residency and customization.
- Identity Provider (IdP) tax: Hidden costs in authentication solutions that scale unpredictably with user growth, often making successful businesses pay disproportionately more for the same core functionality, which FusionAuth’s transparent pricing model specifically avoids.
- CIAM (Customer Identity and Access Management): Specialized identity management systems designed for customer-facing applications that require scalability, user experience optimization, and integration flexibility, distinct from employee-focused IAM solutions.
- API-first design: An architectural approach where all functionality is exposed through comprehensive APIs before building user interfaces, enabling seamless automation, custom integrations, and programmatic management of authentication workflows.
- Deployment sovereignty: The ability to maintain complete control over where and how your authentication infrastructure runs, including data residency, version control, and integration with existing CI/CD pipelines, which is critical for regulated industries like fintech.
Frequently Asked Questions
Q: Can FusionAuth be deployed using Docker or Kubernetes on Google Cloud Platform?
A: Yes, FusionAuth integrates seamlessly with Google Cloud infrastructure, including GCE-managed instance groups, Docker containers, and Kubernetes orchestration. As demonstrated in Bilt’s implementation, FusionAuth’s downloadable software model allows complete integration with existing CI/CD pipelines while keeping all user data within your Google Cloud environment for compliance and operational sovereignty.
Q: How does FusionAuth handle cyclical traffic surges common in fintech applications?
A: FusionAuth’s single-tenant architecture and transparent pricing model are specifically designed for applications with predictable traffic patterns. Unlike usage-based pricing that penalizes growth, FusionAuth provides cost certainty regardless of user volume spikes. The platform can scale on-demand within your infrastructure to handle millions of concurrent users during peak periods like payment cycles or limited-time promotions.
Q: How does FusionAuth compare to multi-tenant SaaS solutions for enterprise financial platforms?
A: FusionAuth offers significant advantages over multi-tenant SaaS solutions for enterprise financial platforms: complete data residency control, dedicated resources eliminating “noisy neighbor” performance issues, customizable security configurations, and transparent pricing without hidden scalability costs. This makes it ideal for regulated industries where compliance, performance predictability, and operational control are non-negotiable.
Q: Can FusionAuth integrate with existing CI/CD pipelines and development workflows?
A: Absolutely. FusionAuth’s API-first design and downloadable software model enable seamless integration with existing development workflows. Organizations can automate deployments, manage authentication across multiple environments, and maintain version control just like any other piece of infrastructure. This developer-centric approach reduces operational overhead and accelerates feature development cycles.
Q: How does FusionAuth support compliance requirements for financial services platforms?
A: FusionAuth supports financial services compliance through its single-tenant architecture that ensures data isolation, customizable security configurations that can be tailored to specific regulatory requirements, complete audit trails for all authentication events, and deployment flexibility that allows organizations to meet data residency requirements. The platform’s transparency and control features are specifically designed for regulated industries where compliance cannot be compromised.
The Problem
Bilt is a housing and neighborhood commerce network founded by Ankur Jain, and operated by a team of large-scale software and infrastructure veterans. The company allows renters to earn rewards through paying their rent. With millions of users logging in from around the country (particularly when rent is due), scaling and compliance were of the utmost importance.
The company had some technical needs that were non-negotiable:
- Serve millions of users
- Deploy to GCE
- Must integrate with their CI/CD pipeline
- All data had to stay within the Google Cloud environment
As Bilt evaluated the options in the market, they found roadblocks. Many of the pure multi-tenant SaaS CIAM options looked appealing at first, but fell short on closer inspection. Some lacked the robust features that Bilt needed, or they didn’t meet the security posture required for a financial platform of Bilt’s scale. Still, others were too rigid in their deployment options, forcing user data outside of Bilt’s direct control–which was a non-starter.
Cost predictability was another sticking point. Most solutions used billing models that seemed reasonable as long as your business stayed small. But if you grew, those costs turned unpredictable and almost punitive. This was especially true with Bilt’s cyclical bursts of usage patterns (Rent Day, limited time experience drops, and more). In the end, other tools couldn’t deliver the right mix of features, flexibility, and price transparency.
The Solution
Bilt proceeded with FusionAuth for two main reasons:
- First, it’s a downloadable piece of software where they’re completely in charge of version control.
- Second, as a Google Cloud partner, deploying FusionAuth into GCE-managed instance groups was simple. This allowed Bilt’s engineers to keep full control over the authentication system, integrating it tightly with the existing CI/CD workflows. It also meant that all user data remained within the Google Cloud infrastructure.
“Our need was ultimately simple; authentication infrastructure that could handle complex user experiences. FusionAuth has been an excellent partner, delivers the necessary functionality and performance, and maintains active development cycles.” - Kosta Krauth, CTO, Bilt
FusionAuth’s dedicated architecture meant that Bilt could scale on-demand and run instances for each environment. This helped the company eliminate the risks of being limited to multi-tenant SaaS only, while also giving them straightforward scalability as their user base grew. The platform’s API-first design made it easy for Bilt’s team to automate deployments and manage authentication across multiple environments.
FusionAuth’s transparent pricing model (that doesn’t include an Identity Provider tax) was an added bonus, too. This helped the company maintain predictable costs, even as user numbers surged at the start of each month. Procurement happened via the Google Cloud Marketplace, and FusionAuth’s engineer-led support gave Bilt confidence that they’d see issues resolved quickly in partnership with authentication experts.
The Results
With FusionAuth in their authentication stack, Bilt continues to scale its rewards program. The platform handles millions of users and absorbs predictable surges in traffic without missing a beat. By keeping authentication infrastructure within its Google Cloud environment, Bilt is able to maintain operational sovereignty. The engineering team was able to integrate FusionAuth into their CI/CD pipeline, helping to accelerate development and deployment cycles. And with direct access to FusionAuth’s expert support, Bilt’s engineers could focus on building new features rather than firefighting authentication issues.
FusionAuth was a classic “built by devs, for devs” success story – a secure, scalable, and flexible CIAM platform that fit seamlessly into their cloud-native infrastructure and delivered exactly what they needed to power their business at scale.
