Raphael Caldas is a FusionAuth community member and CEO of Inteligov. He chatted with us over email about how he and his team are using FusionAuth to meet their auth needs.
This interview has been lightly edited for clarity and length.
Dan: Can you tell me a bit about Inteligov? What is the company’s mission?
Raphael: Inteligov is a SaaS solution that helps private organizations, NGO and government branches monitor political and regulatory risks in Brazil. With our tools, our clients can monitor new bills and regulations, as well as legislative activities focused on their topics and agenda. Our mission is to facilitate the dialogue between the public and private sectors, driving social and economic improvement through a more qualified public policy landscape.
Dan: Very cool! What is an example of a legislative activity you tracked and/or an impact that knowing about it had on an organization?
Raphael: When COVID hit, Sympla, a huge Brazilian ticketing firm, had their activities severely impacted with tremendous revenue loss. They started spending around 15h per week monitoring 10 cities to understand when they could reopen events in these major centers. When we onboarded them, they started monitoring over 2,000 cities while spending only 50 minutes per week on this activity, which allowed them to reopen events more quickly and preserve their bottom line.
[FusionAuth] allowed us not only to provide custom SSO solutions to enterprise customers using Google Workspace and Microsoft Active Directory, but it also allowed us to charge for these integrations, opening up an unexpected revenue stream.
Dan: Tell me about your role at Inteligov.
Raphael: I founded the company in 2014 and have been serving as the CEO ever since.
Dan: What led you to found the company? Was there an experience where you ran into an issue that made you want to build a company?
Raphael: I’m a lawyer and learnt programming as a child. I was a consultant in government relations and used some scripts to help me gather information. When Operation Car Wash hit, I soon understood that organizations would have to rethink the way they established relationships with the government and that my more “data driven” and “auditable” approach could be beneficial.
That’s when I decided to transform that mass of scripts into a SaaS product.
Dan: How do you use FusionAuth? OAuth? User management? Social sign-on? Something else?
Raphael: We use FusionAuth for authentication in all its varieties.
Cost, functionality and the presence of an active community were the main drivers [of choosing FusionAuth].
Dan: Are you using it for mobile apps? Web apps? Internal applications?
Raphael: We use it for client facing applications on the web and also on mobile apps (but basically using a web view).
Dan: What problems did we solve for you?
Raphael: It simplifies handling multiple applications with users having a single login. It also provides social sign-on as well as the ability to easily implement custom enterprise authentication solutions.
Dan: How were you solving them before FusionAuth?
Raphael: For authentication with email/password we were using a traditional library for our framework.
Dan: Which framework are you building on?
Raphael: Our main monoliths are all built on Ruby on Rails, and we use React Native for our mobile apps.
I can’t precisely estimate how much time and money [FusionAuth] saved us, but it was a lot. We managed to provide authorization with magic links, Google, Microsoft and Slack out of the box.
Dan: Why did you choose FusionAuth over the alternatives?
Raphael: Cost, functionality and the presence of an active community were the main drivers. Even before we adopted FusionAuth, we submitted the localization for Brazilian Portuguese and the PR was readily reviewed and accepted which was really nice - since we had previous experience with projects that are simply stalled regarding user contribution.
Dan: Thank you so much for your contribution!
Raphael: Don’t mention it! Such a small thing compared to everything you guys bring to the table… And I loved the model and already suggested it to 2 or 3 software companies who struggle with i18n.
Dan: How much time and money would you say FusionAuth has saved you?
Raphael: I can’t precisely estimate how much time and money it saved us, but it was a lot. We managed to provide authorization with magic links, Google, Microsoft and Slack out of the box.
Furthermore it allowed us not only to provide custom SSO solutions to enterprise customers using Google Workspace and Microsoft Active Directory, but it also allowed us to charge for these integrations, opening up an unexpected revenue stream.
[I’ve] already suggested [FusionAuth] to 2 or 3 software companies who struggle with i18n.
Dan: How do you run FusionAuth (Kubernetes, standalone server, behind a proxy, etc)?
Raphael: We self-host FusionAuth.
Dan: Any general feedback/areas to improve?
Raphael: The experience has been really great so far. There are only 2 points brought up:
- Make it easier to use secure headers out of the box. Would be great for FusionAuth to be able to set headers (CSP, X-Frame-Options, etc).
- In a penetration test report the exposure of the
client_idparameter in the URL was pointed out as a vulnerability: information Leakage via URL query strings. Any way to handle that would be great.
Dan: Thanks for your feedback! [Ed note. Track the first request in this GitHub issue]
We love sharing community stories. You can check out Inteligov’s website if you’d like to learn more about them.
