Programming

Reclaiming Control: Why Val Town Switched to Better Auth

Platform MigrationSelf-HostingVendor Lock-inAuthentication & IdentityService Reliability
Added
Link240
Article: NeutralCommunity: PositiveMixed
Reclaiming Control: Why Val Town Switched to Better Auth

Val Town migrated from Clerk to Better Auth to resolve issues with rate-limiting and frequent service outages. The team found that Clerk's 'no users table' philosophy was incompatible with their social platform's need for high-frequency data access. By switching to Better Auth, Val Town regained control over its session management and eliminated a major single point of failure.

Key Points

  • Farming out your users table to a third-party service creates significant risks, including restrictive rate limits and data synchronization complexity.
  • Third-party session management makes your entire site's uptime dependent on the provider's reliability, creating a single point of failure.
  • Social platforms have unique requirements, such as the need to fetch data for many users simultaneously, which standard 'frontend-heavy' auth providers may not support well.
  • Better Auth was chosen for its open-source nature, framework integrations, and its ability to let Val Town manage its own data while still providing a modern developer experience.
  • The migration was facilitated by a two-week transitional period where both authentication methods were supported simultaneously.

Sentiment

The community overwhelmingly sided with Val Town's decision to move away from Clerk and toward a self-hosted solution. While there was genuine debate about whether to use a library like Better Auth versus fully rolling your own auth versus using a SaaS, the consensus leaned strongly toward maintaining control over auth data and infrastructure. Clerk received significant criticism from multiple users sharing negative firsthand experiences, and the broader sentiment reflected a growing backlash against auth-as-a-service in favor of open-source libraries and self-hosted solutions.

In Agreement

  • Clerk becoming a single point of failure is a real and serious problem — when it goes down, your entire app goes down, which is unacceptable for critical infrastructure like auth
  • Third-party auth services that own your users table create dangerous vendor lock-in and make migrations painful
  • Better Auth represents the right approach: an open-source library that stores data in your own database, giving you control without requiring you to build auth from scratch
  • The reliability math is clear — each additional critical dependency multiplies your failure probability, so reducing dependencies on external services improves overall uptime
  • Auth SaaS companies have overstated the difficulty of self-hosted auth to justify their business model, and the industry is now correcting back toward self-hosted solutions
  • LLMs helped make the migration feasible by enabling a parallel-running transition period supporting both auth systems simultaneously

Opposed

  • Auth is genuinely complex beyond simple password hashing — SSO, SAML, SCIM, OIDC, and enterprise integrations are real requirements that consume significant engineering time
  • Rolling your own auth introduces security risks: subtle bugs like TOTP bypasses, account lockout DoS vulnerabilities, and CSRF issues are common in homegrown systems
  • For resource-constrained startups, outsourcing auth to a SaaS lets you focus on core product differentiators rather than spending engineering time on undifferentiated infrastructure
  • Some large companies like Replit are actually adopting Clerk, suggesting it works well for many use cases despite the complaints
  • Self-hosting auth means becoming your own ops team, responsible for uptime, security patches, and incident response for a critical system
Reclaiming Control: Why Val Town Switched to Better Auth | TD Stuff