Michael Grinich, CEO of WorkOS, on AI startups getting enterprise-ready at launch

In recent years, we’ve talked to SOC-2 company founders like Christina Cacioppo (Vanta) and Shrav Mehta (Secureframe) along with identity platform founder Reed McGinley-Stempel (Stytch) to learn more about B2B SaaS companies that enable other B2B SaaS companies to go upmarket and sell into the enterprise.

To learn more about how AI companies have made inroads with the enterprise so quickly, we reached out to Michael Grinich, founder & CEO at WorkOS ($99M raised, Lachy Groom) for an interview.

Key points from our conversation via Sacra AI:

What is WorkOS in short and what inspired you to build it based on your experience co-founding Nylas?

WorkOS is a developer platform that provides infrastructure for enterprise features. We provide services to other people building software, other software companies. By enterprise features, we mean all the stuff you need to add to your app to sell it to bigger customers and become enterprise ready. These are essentially security features: authentication, permissions, observability and logging, helping defend against fraud and abuse, integrations, encryption—all the stuff that's shared across every app and needed across every SaaS product. Specifically, these are things where if you don't have them, they can block your ability to go to market and sell to bigger customers.

In the same way that companies like Stripe provide aggregated APIs for finance, billing, payments, and global credit cards all into one platform, WorkOS does that for enterprise features.

The backstory is not really obvious. It's a bit of a niche problem. I had started this other company, Nylas, over ten years ago and we were working to build a next-generation email product. We launched the same month as Slack, got a bunch of users, and followed the bottom-up PLG growth model. We had a really beloved product by users, but we weren't able to commercialize it. One of the main reasons was that enterprise customers said they needed all the security stuff to use it in their company because email is so sensitive. Maybe another SaaS product could have gotten by for longer, but we hit the security and procurement wall pretty fast. That essentially stalled and then killed the commercial growth of that product.

Nylas is still around doing a bunch of email API stuff, but the initial email client failed to cross the “enterprise chasm”—the transition between when you get a bunch of early-stage customers, early adopters, enthusiasts, people excited about the product, and actually transitioning that into mass-market enterprise commercial adoption. There's a set of things you have to do in that phase to cross it. It's very challenging, and if you don't cross it, typically somebody else will and take the market if it's bigger.

There are examples. Slack versus Microsoft Teams. Teams also had distribution from Microsoft and sales, but one of the reasons they were able to go upmarket so quickly is they had all the enterprise stuff built into the product. There are many things you need to do as you cross the enterprise chasm: change your pricing, packaging, sales motion. But in addition to that, there are these core pieces of functionality and capabilities you need to add.

WorkOS provides that through an API that's really easy to integrate, with nice SDKs and usage-based pricing, self-serve developer experience. If you're in YC and just building, we have a bunch of free stuff to get started, all the way through companies doing billions of dollars in revenue. We have public companies as customers and everything in between.

WorkOS is infrastructure for all the IT stuff. We call it an OS, not because we think we're building Linux, but because the metaphor here is the operating system does all this stuff that's really complex and hard, but not unique to any application. In the traditional OS metaphor, the operating system does disk, network, display, printer drivers, file system, things every application needs as underlying fabric. WorkOS does that for B2B cloud stuff, cloud apps, API services, developer products.

Looking back to 2019-2020, enterprise readiness was about SSO and maybe SCIM being the two big things. How has this changed over time? Are those now among a subset of equally important things, or is there a new dimension that WorkOS spikes on that's a really big driver today that maybe SSO was naturally the first thing you tackled? Or has it not changed at all?

Some of the stuff is identical. For the first few years, it was actually surprisingly easy to figure out what to build. I did two things. First, I looked at all the SaaS products that were mature in the market—Box, Slack, Atlassian—and looked at the pricing page—Free, Pro, Enterprise. What's in the Enterprise column? That's all the enterprise stuff people want, generally. They're not collaboration features or core pieces. It's stuff like SSO. You can just get a list.

Then I talked to IT people. CIOs, CSOs, procurement people, the folks that actually give the back pressure, the folks who block adoption apps for security reasons. I wanted to figure out what they care about. Based on those two things, I got the list of things to build.

The third group I talked to was startups that were growing through this phase to figure out the sequencing: What do you need first? Second? Third? What are the most important things as you go upmarket?

What I've found is that in the past, something like SSO was only really needed by big giant enterprise companies. It has moved downstream. Now even commercial-type deals will require SSO. You go sell a 50 or 100 seat deal, they'll require SSO. We've done a lot of work to make setting up SSO really easy and effortless.

One of our customers here is OpenAI. They migrated off of Auth0 to WorkOS for SSO. One of the core reasons is was they wanted to take SSO and move it from their top enterprise tier into their Pro team plan. They could only do that if they could make it easy to set up and automate it. We have a bunch of tools and services that make it self-serve for configuration.

Generally, the trend here is that enterprise features that started off being exclusively used by big enterprise environments are moving downstream and being used by smaller organizations. The reason is smaller companies are adopting more products. Companies are using more SaaS apps than ever before and this was accelerated during COVID remote work and digital transformation. There's an explosion in tools, and companies need automated services for security management. This is now needed by smaller companies because they have so many tools, and there's also a higher security concern than ever before. There have been a lot of data leaks, concerns around cybersecurity generally as a theme.

There are new security features getting adopted, but more what I'm seeing is the things previously reserved for really sophisticated large enterprise customers are getting democratized and accessible to smaller organizations. That's great for us because we allow developers to have that stuff and sell it everywhere, not exclusively for the biggest enterprise customers in the world.

With all these companies, there's been this attitude that AI-native startups need AI-native products for themselves to use. You've watched a lot of this stuff over the last few years. Do you think that is the key, or how do you think about having been able to catch this new wave of AI companies?

There are some things we're building specifically for AI businesses, but generally what's happened is the areas where we find the most success are building products that were needed in the past but now they're needed even more for AI products.

An example of something we do is fraud detection and bot blocking. That's been a category for a long time. There are other products out there that help reduce fraudulent activity.

A bit over a year ago, we launched WorkOS Radar that helps detect and block activity at the login experience. It does device fingerprinting, anomalous behavior detection, account takeover, all this stuff. We turned it on and had a bunch of customers that wanted to use it immediately. One of those companies was Cursor, which has been growing very fast over the last year.

Cursor came to us and said they wanted to turn this on. We started blocking fraudulent bots and abuse. It's not like a DDoS bot attack that Cloudflare would block. It's actually free trial abuse. People signing up for free Cursor accounts and burning them down. We said okay, we can do some blocking around that for IDs. But what was happening if you dug into the fraud model more was people were using the chat completion inference endpoint for their own tasks. They were signing up for Cursor, but Cursor is giving away free inference in their app. It's not just writing code. People were using it for document summarization, generating fanfic and putting it on other websites, because a lot of these LLM systems, the cost is in the output tokens, which is fanfic with high numbers of output tokens.

This is still fraud. Free trial abuse has always existed with compute or file sharing or Dropbox, but it's a different world. AI products, what they're metering and giving away as their PLG is different and there's a different attack vector. These folks are using AI systems to create the attack, to circumvent things.

The AI wave is actually really core disruptive to a lot of pieces of the technology stack. These patterns still exist from what happened before, but you have to rebuild and reevaluate the entire product category. With Radar, we're in a good position to build something like this because we have authentication, identity traffic across a gazillion apps, millions and millions of users. We can see patterns, fine-tune things, see them emerge, and build heuristic or model-based approaches for blocking unwanted behavior. It's an example of something that in some ways you could say is new for the AI era, a new type of attack, but it's actually a significantly updated version of a need that existed in the past.

Another example, which we just announced at our user conference a couple weeks ago, is WorkOS Pipes. This is an integration service. There are things out there to help you integrate across different cloud services, aggregate stuff together. WorkOS has already been doing stuff like this. Identity aggregation and integration, directory integration, logging systems, IT stuff. But now we're taking it a step further and allowing you to integrate anything: HubSpot, Salesforce, Google Drive, Marketo, whatever.

The reason we're building that is in the past, developers creating applications needed to do integrations for sure, but it was usually just a few. You're building an app that does something with GitHub, you're going to build GitHub, maybe GitLab and Bitbucket. That's it. But in today's world, most of these products have some type of agentic behavior. They need to interface with third-party systems for that. They need to get data in and out, do actions on other things. The need for doing an integration has skyrocketed with new types of applications.

Our bet with this product is that integrations will dramatically increase for AI apps. We're trying to build the building blocks for the AI wave and build it in a way that it's useful in the previous era but really useful in the forward-looking era as well.

You talked about bots and Cloudflare and these different views on how bots are interacting with websites today. Is there a world where WorkOS is also on the other side of that, instead of stopping bots or malicious files or adversarial bots, building for bots, encouraging the right kind of behavior for agents to be responsible?

Maybe. Folks haven't asked us for it yet. The way we usually build product is pretty straightforward. We talk to a lot of customers and users and build things to help them build their products faster, get them to market sooner, and provide a better experience to their customers. More reliable, more robust, more secure.

The way software will represent itself as a bot, there's interesting work being done around new standards, systems for agentic identity. There's the Web Bot Aut project and BrowserBase is doing some interesting stuff here. This idea of a browser user identifying itself as a bot or agent in a way that can be allowed by the consumer. People are exploring this.

Ultimately, a lot of bots and agents will behave like people. We already have the rails for how people operate. There's this old post about why train tracks are that specific distance apart and if you trace it back, it's actually because the ruts in the road keep going back to chariots with the Romans. That's the width of the chariot, and the ruts were in the road, so people made carts that fit that, and it just continued to compound over time.

When I look at how we do automation and security for people, it's a close step to how we would do it for agenting systems. Now, agents pose a bunch of new interesting challenges. There's going to be a lot more of them than people. Also, you need to granularly scope their permissions down. Needs to be more fine-grained, scoped. Also, they'll likely get provisioned and then dissolved very quickly. Think about every hour hiring 10 contractors in your company and then offboarding them. It's possible today, you could do it with stuff, but it'd be really, again, it's like going back to that Radar thing, the pattern existed in the past, but now with the increased volume or different characteristics, we have to retool the thing.

Or the stuff around integrations. We just have more of it in a different way. There's going to be something like that for how agents use software, how bots represent themselves online. It'll mimic people but will be slightly different.

Our goal for WorkOS is not necessarily to throw a new standard out there and say, "Hey, everyone, you've got to do it this way." It's to integrate everywhere and create the best possible experience for developers to build on top of. There's an opportunity to do that for identity for agentic systems or fine-granular permission scope, non-human identity. We have a bunch of experiments we've built around there.

What will be successful in my mind will be less of a divergence from what we have today so we can ride the rails of the existing system. We can drive our car in the ruts of the existing system without having to, it's like the MCP Auth stuff is just like OAuth for a long time. Let's come up with something new. And it's like, no, guys, we can actually just do this. We've got to change it a little bit, but it's better for all the warts that OAuth has. It's better to be 95% similar to the existing world and 5% different than to be 70% different and everyone's like, "What the, how do I use this thing?" It just dies on the vine when you do it that way.

That upsets a lot of purists. You see that in the IETF conversations and the standards bodies and the message boards and the GitHub issues. People are like, "It should be a different primitive. It should be different." But who we're working with are very pragmatic. We live and breathe actual things that could help people ship. The reality of that for agenting systems will be that it's more similar than different.

Feature flags. OpenAI acquired Statsig for feature flags and A/B testing. Help us understand the opportunity with feature flags and the intersection with AI? Help us dig in here and help us understand how these relate to evals?

Feature flag stuff is probably less of a thing that AI absolutely needs or is different than the existing world. Feature flags have been around forever as a way to run software. Even command line flags, start a program and give it certain options. That's been around since early Unix days.

What we saw was a couple things. One, we were using all these different feature flag platforms, and we didn't like any of them. They're all kind of clunky, they're not really built for B2B software. WorkOS is not for consumer products, not for games, not for social experiences, not for e-commerce. It's not for things where you're running giant tests across a gazillion different variables. It's for people building software for the workplace. It's WorkOS.

When you need to use feature flags for that kind of thing, you're not doing an A/B test, a multivariate thing. You're using it for change management. You're using it to roll out new versions of things for very specific customers in early betas and working with them. You're essentially using it for product entitlements. That's where it ties into billing. We found that none of the platforms are very good at doing this. They were more tuned for running consumer product experiments rather than building the B2B use case. We said, "Let's try to build something here."

Similar to our work on Radar, given the place we're in around having the user and org object, that's primarily what you target feature flags on in the B2B space. You don't say 5% of all my customers, you say just this one organization I want to turn this feature on for. Because we can go narrower, we can build a simpler, easier product to use that matches the behavior pattern a lot more closely and can tie into the whole WorkOS ecosystem in a more natural way.

It's the first version we launched this summer. We had no idea Statsig was going to get bought. The response already has been really positive. People tell us, "Yeah, this should just be in WorkOS. I don't need to be paying for another thing. It just feels like a part of the platform."

Feature flags are somewhere between a feature and a product of ours. It's bigger than a feature because you can use it by itself, it's got a bunch of stuff in it. It's not just a small bit, but it might be smaller. Feature flags as a category, my suspicion is it might be smaller than a whole company's worth of product. To be lasting and durable there, you need to have multiple things in it. AWS is powerful not just because they have storage, but because they have storage and compute and network and CDN and DNS and all this stuff. Feature flags are one of those pieces.

The access model is pretty much isomorphic to role-based access control. What is role-based access control? You tag users based on some attribute or group, some role, and then they get a permission associated with that that gets turned on or off. Role-based access control is essentially customer-managed feature flags. They're giving the customer the ability to turn on and off features for their users, which are permissions as features. Feature flags are just the developer can turn those on and off and it's opaque to the end customer. The data model is actually identical. We already had the rails for shipping it to customers.

I don't know if it'll be more relevant for the AI space. All I know is within enterprise, change management is a huge thing. Everyone talks about shipping all the time. We ship every single day. The bigger the enterprise customer you sell to, the more they want to control the rollout timeline for new features.

Salesforce does this. If you buy Salesforce and they come out with their fall release in November at Dreamforce, here's the big release, show it, it's available, but they give you the power to turn it on in the app. They don't just ship it to everyone. It's not like Gmail or Meta. The reason is because IT people freak out when things update. If you updated, changed the Salesforce UI and there are gazillions of salespeople using it, they're like, "What the hell? My buttons moved. I need to get work done."

It's funny, this idea of change management. Small startups are like, "No, we ship every day. We just ship new features to whoever." It's actually an anti-pattern inside of enterprise. The whole goal for WorkOS is to enable developers to smoothly move into that. The goal for feature flags is actually less around product experimentation and more around change management for enterprise functionality and giving that power to the customer long term.

Gross margin is a recurring issue for AI companies. Going enterprise helps with long-term contracts, full packages that involve not just credits and whatnot. Is gross margin pressure or the desire to increase gross margin a tailwind for WorkOS?

It's an interesting observation that it might be for gross margin. I hadn't thought about it that way. I don't really know our customers' margins. I don't get into that detail of their business.

What I do know is there's something very different, many things very different, about the AI wave. But one thing in particular that's really different is the speed at which these products grow just generally, and then the speed at which they get pulled into the enterprise. I think it's because larger customers are realizing they need to adopt these products to be competitive. You're seeing everyone say, "We need agents, we need ChatGPT, we need Perplexity, Cursor" in order to be competitive, to write code, to build new things. There's a more rapid uptake from SaaS products by the enterprise than ever before in this AI wave.

These businesses for a little while were flexible on the enterprise security requirements. I remember talking to the Anthropic guys, and the first year they're like, "We've sold into all these huge companies without SSO." Then about a year later, they were like, "Everyone's demanding this or they're going to churn" because there's so much sensitive data, because the AI tools have the most high scrutiny of security requirements. It's the price of admission today.

These products grow faster and it's less if will WorkOS help them charge more and more around can they just get any of these enterprises without these features or not. It's a non-starter. They've gone from maybe being sort of a nice-to-have or you can live in this PLG land for a long time to being needed almost immediately.

I mentioned this at our user conference. The previous era of SaaS products like Figma or Dropbox, they took five, six, seven years to go after enterprise, a really long time. What we're seeing with these AI companies is they choose to go to market to enterprise within six to 12 months, essentially immediately upon launching the company. That's due to the competitive nature of the market, the pull, and the need once you get product-market fit to just go win. We're really the ticket to help them accelerate into that environment.

It seems the decision that a lot of companies make based on their margins is really based on their own growth plans, their own idea of where model prices or token prices will come down, very specific to the product use cases. But certainly unifyingly across all of them, they all feel the intense need to become enterprise ready to win the category, and that if they don't do it, someone else is going to come do it and eat their lunch.

Sometimes people think WorkOS is for saving engineering time in terms of money, saving dollars spent for engineering. It's actually time. WorkOS is a time machine. Helps you get to enterprise way faster. Even if you're OpenAI, Cursor, Anthropic, they've got some of the smartest engineers in the entire world, more money than anybody else. The thing they don't have is time. We're all running on the same clock. WorkOS is a time accelerant, and that's a pretty magical thing for these businesses.

Are you feeling any pull from companies that are selling into government?

Not yet. We've had some customers start asking us about it. We will be beginning some work next year on FedRAMP. We plan to become FedRAMP compliant. It's always been on the list since 2018.

Most government, municipal and state, can buy SaaS just as is with SOC 2 and stuff. The FedRAMP stuff is really when you get into very constrained environments like defense teams. Generally, these AI companies are not selling into that today. Gamma, one of our customers that just announced a big fundraising, and Gamma is not selling to the DoD today. There's not like the Pentagon making slides with Gamma. Maybe someday Grant would like to do that, but not yet.

Our goal for WorkOS is for it to work everywhere. We have people today building apps for healthcare, a lot of stuff for financial institutions, regulated industries elsewhere. For us to be able to support government customers is just another thing we'll do.

If you had to look at WorkOS five years out and everything goes the way you want, how would you describe what WorkOS is at that point?

Well, I can tell you the things that won't change. Maybe that's a good place to start.

One thing that won't change is we will be building things for developers. That is the heart of the company, creating things for other people building things. We want WorkOS to be the best company to create these tools that other developers can use, this infrastructure developers can build on top of to build products and ship them really fast, to take the toil and frustration out of building things and provide these excellent components so developers can stay in that creative flow state.

I'm always inspired by people who make really good musical instruments. You don't have to fiddle with the knobs or think about the tuning or get lost in the tech of it and just start making music. Things that let you stay in that type of experience. That's our lifeline.

We do this for workplace tools. There are great platforms for other types of products. Unity for building games, different platforms, but it's still really, really hard to build products for the workplace. It's kind of nuts. You can build a game pretty fast, but to build an app and go get it into the hands of someone at one of these big companies, it's this huge slog. Think about how many tens of millions of dollars it cost Notion to get built. If we want to get more products like that into the world, we have to make it faster and easier for them to get built. We want to democratize the access to those tools to help people move faster.

My hope is that in five years, not only are we still focused on developers, but they can do more stuff faster with our products, specifically delivering it to people that will help make their lives better, help make their work better, help them be more creative.

The last thing is today, the way the enterprise software world works is because it's so complicated to build this stuff, companies focus on it for a long time. They're usually the mature, entrenched ones. The effect is that the biggest companies have the worst software, the worst tools. It shouldn't be like that at all, and they don't want it that way. It's not like these IT guys in these huge companies are like, "Yeah, we want to use legacy bad software." Their hands are kind of tied because, for example, for audit logging for FINRA compliance, if you don't log conversations between traders, between brokers, you break the law. You go to jail. They have to have logging between these systems full stop. That forces them to pick products based on enterprise compatibility and not based on the best-of-class product, the best product experience for the person actually doing the work. That's the thing we need to do away with.

What I hope is that we can create the type of platform that enables enterprise companies to be able to buy anything, to use anything. It enables developers to be able to sell or get usage in any of those environments. So the differentiation in the market is no longer the presence of these enterprise features or the compliance functionality behind it. Just level playing field for everyone. If that happens, better products will get built. Enterprises will be happier, entrepreneurs will be successful. It'll be this increase of creativity, this explosion of new capabilities and tools. That's what's happened in the era of early web software, happened in PC, happened in mobile, happened in cloud with AWS.

What we're trying to do is have that same type of transformation occur but with the sticky bit around the enterprise stuff. The same experience I had at Nylas trying to make that product successful, trying to cross the enterprise chasm. We want to close that gap. We want to build a bridge so no one ever gets stuck as they go to market. That's an opportunity for us to build a really successful, thriving business. But the more exciting thing to me is the effect that will have on the wider software industry and the democratization it will have on developers being able to build stuff. Two people, three people in a coffee shop hacking on some stuff can go sell it to Deloitte or United Airlines or Disney or Fidelity. Today that's not possible. I hope in the future that is possible.

This transcript is for information purposes only and does not constitute advice of any type or trade recommendation and should not form the basis of any investment decision. Sacra accepts no liability for the transcript or for any errors, omissions or inaccuracies in respect of it. The views of the experts expressed in the transcript are those of the experts and they are not endorsed by, nor do they represent the opinion of Sacra. Sacra reserves all copyright, intellectual property rights in the transcript. Any modification, copying, displaying, distributing, transmitting, publishing, licensing, creating derivative works from, or selling any transcript is strictly prohibited.