Auth0 system implementation and transformation of the IT infrastructure

About the project

Client:

DemoUp Cliplister is a market leader in product content management for eCommerce. The platform enables brands and retailers to create, manage, distribute, and analyze assets such as photos, videos, and 3D/AR models—delivering a consistent customer experience across multiple sales channels.

Project goal:

Enhance the security of authorization and authentication systems in compliance with GDPR and ISO 27001

Implement Auth0 as a modern, scalable login solution

Modernize testing processes and optimize the development environment

Refactor the existing monolith towards a microservices architecture

From challenge

Key Challenges

Outdated, centralized infrastructure operating in a “startup mode” for 14 years

Lack of scalability and non-compliance with legal requirements (GDPR, ISO 27001)

The need to implement a new Single Sign-On (SSO) system seamlessly, without disrupting the end-user experience

Key functional and non-functional requirements

Support for both legacy and new login systems (backward compatibility)

Integration of Auth0 with existing backend applications built in Java and PHP

Migration of users and data to a cloud-based environment

Automation of testing and containerization of the development environment

Through the solution

Involvement of fireup.pro experts

The fireup.pro team assembled key specialists to deliver the project effectively and ensure a smooth transition to modern authentication and infrastructure.

Adam

System Architect

Designed the implementation concept for Auth0
Collaborated closely with the team to define the next steps and created detailed technical diagrams outlining the implementation path

Szymon

Backend Developer (Java)

Implemented validation of new Auth0-issued JWT tokens, ensuring smooth interoperability between the new and legacy systems (backward compatibility)
Adapted the existing Java backend to meet Auth0 requirements
Enabled the API to handle both legacy and new tokens simultaneously, critical for a smooth transition for Java-based applications
Integrated DemoUp’s Java API with Auth0’s API to support user registration and profile management
Extracted user data from Auth0 tokens to correctly process client-side HTTP requests

Robert

Backend Developer (PHP)

Worked closely with Szymon to integrate Auth0 with the existing PHP-based system and improve application security by removing obsolete code
Migrated user accounts from the legacy centralized database to Auth0
Refactored the PHP-based Backend-for-Frontend (BFF), moving it from on-premises to a cloud environment
Integrated required backend services with the Auth0 token system

Paweł

Frontend developer

Implemented the new Auth0 login form in the DemoUp user interface
Conducted research on Single Sign-On (SSO) and adapted the frontend to operate using JWT tokens instead of cookies
Modernized the client-facing website to meet the new authentication standards

Karol

Test Automation Engineer

Played a key role in quality assurance throughout the project
Migrated automated testing from Cypress to Playwright, significantly reducing testing time from 1 hour to 15 minutes through parallel execution
Continuously validated team changes for compliance and stability, minimizing the risk of production issues
Integrated automated tests as a core part of the Auth0 rollout, enabling real-time monitoring of application performance

Sylwek

Project Manager

Oversaw the entire project, ensuring tasks were completed on time and inter-team collaboration remained efficient
Managed one of the most complex challenges—replacing the client's legacy SSO with Auth0 without service interruptions
Led the team in implementing a six-month dual-system phase, allowing users to gradually migrate to the new login solution