loading...
Cover image for Why I built Pathfix, the OAuth middleware for devs.

Why I built Pathfix, the OAuth middleware for devs.

ralphwjz profile image Ralph Vaz Updated on ・3 min read

I have been a developer all my life (25 years and counting) and I absolutely love it. Coding gives me a so much joy, I always say “it’s not work, it’s a hobby”.

Over the years, I have built over 8 different SaaS platforms. Ranging from a no-code app development platform to conversational chatbots.

During each build, one thing always remained a constant need. Integrations.

This is a post on why I built Pathfix.

What is Pathfix?

Pathfix is a middleware API for OAuth integrations. Engineering teams can add multiple platform integrations directly into their app, in minutes, without ever having to deal with OAuth or manage integration servers.

The Motivation

With each development sprint on my previous products, there was always a significant amount that was spent on integrations. My team collectively spent anywhere from 4 weeks to over 3 months just building out the connection to different service providers.

Why? Its simple really. Although OAuth is an industry protocol for authorization, it servers more as a guideline. Which meant, each provider had their own setup process. Each setup was different. Each connection required hours of research. Each had their own way of handling authorization tokens.

And of course, there was the SDK problem. To access the providers API endpoints, you need to run an extensive search to find the right SDK for the integration you are building.

This not only meant ‘getting lucky’ finding the right SDK, it also meant setting up a server, managing the logs, monitoring connections, and maintaining security protocols (you are accessing customer data after all!).

Standard OAuth integration elements

Let’s break this down. For you to add OAuth based integration in your platform, you will need to do the following:

  1. Setup and configure OAuth
  2. Implement OAuth flow
  3. Implement secure storage for tokens
  4. Implement logic to refresh access tokens when needed
  5. Build and implement logic to properly handle revoked refresh tokens
  6. Logic to handle reliable issues and outages
  7. Build and implement systems to track errors
  8. Find and implement the right SDKs
  9. On-going server maintenance

To add 5 integrations, this could take over 2000+ engineering hours to get done. Which is approx. $160,000 (yes, we did the math, we had to).

This is why I decided to build Pathfix.

OAuth Integrations With Pathfix

Pathfix is the only API you need to integrate with any provider. It handles all the configuration and framework required to build integrations to any platform and access any providers API endpoints. It is a pass-through server that handles user authorization and API requests between platforms.

And of course, its all white-labeled. Users never see Pathfix anywhere.

Authorizing Users
A simple one line code that enables user authorization

Sample Code for Authorization:

<div data-oauth-ui="list" data-oauth-ui-switches="checkBoxes,statusOn,disconnect" data-oauth-ui-providers="" data-oauth-ui-providerTypes=""></div>

Pass-through API
Once authorized, use the pass-through API code to access any providers API endpoints

Sample code for pass-through API:

POST https://labs.pathfix.com/oauth/method/googleanalytics/call?user_id=AcmeSaaS_end_user_id&public_key=733AC521-199E-496C-8250-FFCAD67355AB&private_key=E7804D26-0625-428F-8550-CDF073D3CF61                            
Content-Type: application/json
{
    "url":      "url_to_googleanalytics_API",
    "method":   "method_to_use_with_this_call",
    "payload":  {payload_as_requested_by_googleanalytics},
    "headers":  {header_if_requested_by_googleanalytics}
}

That’s it!

Compare it to the code and time you would need to create and maintain, Pathfix solves it in the most elegant way. With:

√ No additional code to maintain
√ Zero learning curve
√ Log monitoring
√ Secure encryption
√ Firewall settings
√ Notification engine

My site URL

Posted on by:

Discussion

markdown guide