Why build Prefactor now?
Apr 8, 2025
4 mins
Matt (Co-Founder and CEO)
We've been speaking to a lot of investors recently as we gear up to our pre-seed round in the middle of the year. Without fail, every single investor asks the same question. Why now? Hasn't this space been "completed" already? How are you different from what is already out there? This is the written answer to those questions…
…The authentication landscape is crowded with options, from open-source libraries to enterprise platforms. Yet despite this abundance, we built Prefactor because the job isn't done.
After 100s of calls with CTOs, senior engineers and developers building modern B2B SaaS applications, we identified a persistent pattern: while existing tools handle parts of the user management puzzle, they create friction at the intersection of who can log in (Authentication - AuthN), what they can do (Authorization - AuthZ), and proving it all later (Audit).
The Core Problems with Today's Approach
Despite numerous authentication options, several critical gaps consistently slow development and increase risk:
1. The Fragmentation Nightmare
The typical approach forces developers to cobble together disparate systems: an AuthN provider for login, a separate authorization library for permissions, and yet another system for logging. This "best-of-breed" approach quickly becomes "best-of-integration-headaches" with duplicated logic, security gaps, and significant maintenance overhead.
2. Authorization as an Afterthought
Most platforms excel at authentication but treat authorization as a second-class citizen. You get basic roles and maybe groups, but implementing fine-grained, attribute-based, or relationship-based access control often means pushing critical logic deep into application code—tangling business rules with core functionality.
3. The Developer Experience Trade-off
Developers face an impossible choice: powerful standalone AuthZ solutions with steep learning curves, or simpler embedded solutions that lack necessary expressiveness. The result? Teams must choose between power, ease of integration, or a holistic view—rarely getting all three.
4. Early Complexity for Modern Applications
Today's startups need robust permissions, audit trails, and scalable identity infrastructure much earlier in their lifecycle. The old "add it later" approach no longer works, especially when compliance requirements like SOC2 enter the picture.
The Prefactor Solution: Unification Through a Powerful DSL
Our core insight is simple but powerful: Authentication, Authorization, and Audit aren't separate problems—they're interconnected facets of a single, unified User Layer. Managing them separately creates unnecessary friction.
Prefactor's fundamental differentiator is our Domain-Specific Language (DSL) designed specifically for modeling your entire user layer:
Unified Definition: Define authentication methods, authorization rules (RBAC, ABAC, ReBAC), and audit requirements within a single, consistent framework
Declarative Power: Express desired states and rules clearly without tangled conditional logic, making systems easier to understand, test, and maintain
Consistency Throughout: Apply rules consistently across login credentials, resource access, and audit events, eliminating logic drift between components
Developer-First Experience: Get the expressiveness needed for complex scenarios without drowning in boilerplate code or being limited by simplified UIs
Why Now? The Timing is Right
The need for this unified approach isn't theoretical—it's driven by converging trends:
Rising Application Complexity: Modern multi-tenant B2B SaaS applications demand sophisticated authorization models from day one
Stricter Compliance Requirements: Regulations and certifications require robust, verifiable audit trails that are simpler with an integrated system
Developer Velocity is Critical: Startups can't afford to waste weeks stitching together auth components or debugging permission logic
Market Readiness: Developers are increasingly aware of the limitations of fragmented identity systems
Beyond the Login Box
Prefactor isn't just another authentication provider. It's a fundamental rethinking of how developers build and manage their entire user layer. By unifying Authentication, Authorization, and Audit through our purpose-built DSL, we provide the powerful, consistent foundation that modern applications require.
We built Prefactor because developers deserve better tools for one of the most critical parts of their applications. It's time to move beyond fragmentation and embrace unification.