PropelAuth Logo
Back to Blog

How graph8 Uses PropelAuth to Power Their AI-first GTM Operating System

How graph8 Uses PropelAuth to Power Their AI-first GTM Operating System

Before founding graph8, Thomas Cornelius and his teams built large-scale financial systems — high-volume transaction engines processing billions of operations, POS systems, CPQ platforms, subscription billing infrastructure, and online-to-offline commerce systems. These environments demand correctness, authorization integrity, permission consistency, and full auditability, foundational principles that deeply shaped the way graph8 approaches software architecture.

Those first-principles lessons carried forward into GTM. After building Adility, eTeam, Helpware, Armatic, and CIENCE, Thomas founded graph8, an AI-first, API-first GTM operating system that processes 50B+ intent signals monthly, maintains 75M+ U.S. B2B contacts, and unifies outbound, inbound, enrichment, sequencing, analytics, email, dialer, and voice AI into one multi-app ecosystem.

Image in article: How graph8 Uses PropelAuth to Power Their AI-first GTM Operating System
graph8 unifies outbound, inbound, enrichment, sequencing, analytics, email, dialer, and voice AI into one multi-app ecosystem.

PropelAuth is the identity backbone across all of it.

We had the opportunity to catch up with Thomas and go more in-depth about their journey with PropelAuth.

How did you find out about PropelAuth?


We discovered PropelAuth while searching for an identity provider built for real SaaS architectures, not single-page apps. Our requirements around multi-app identity sharing, secure desktop app OAuth, clean token exchange, and predictable organization modeling ruled out most providers.

PropelAuth consistently appeared in engineering discussions as the only solution treating identity as a systems-level problem, not a set of UI widgets.

What were you looking for in an auth provider?

Our non-negotiables:

1. Identity must unify many apps, not just one.

graph8 operates a suite of applications:

  • React SaaS platform
  • Electron/VS Code-based desktop IDE (graph8 Studio)
  • FastAPI microservices
  • Sequencer, Calendar, Universal Inbox, Voice AI
  • Marketplace
  • AI-driven backend agents

Identity had to be portable and consistent — not siloed per app.

2. Organizations must be first-class primitives.

Our old Ruby-based org/user mounting logic was fragile, implicit, and impossible to scale across multiple apps.

We needed org boundaries enforced in the identity layer, not scattered across services.

3. Authentication must work cleanly in distributed systems.

We rely on:

  • Temporal for long-running workflows
  • ClickHouse for high-volume analytics
  • Multiple backend services that need cross-service identity context

We needed clean token propagation, predictable validation, and no custom impersonation glue.

4. Developer experience must be stable, minimal, and predictable.

Identity cannot introduce hidden state, race conditions, or inconsistent behavior.
SDK correctness was mandatory.

5. Desktop application auth must be first-class.

Most auth providers break when you introduce Electron, secure IPC, deep links, and multi-app flows.

PropelAuth supported this without friction.

PropelAuth was the only provider hitting all five principles.

What other services were you considering?

We evaluated Auth0, Clerk, and Stytch.

Technical concerns:

  • Auth0: overly abstracted, expensive, unpredictable in event-driven backends, and required workarounds for multi-app org modeling.
  • Clerk: frontend-centric; weak org features; no strong backend token exchange story.
  • Stytch: flexible but required us to rebuild org logic and standardize permissions ourselves.

Only PropelAuth provided native multi-app, multi-org identity.

Why did you decide against building your own auth?

We had already lived the downside. Our previous environment:

  • each Ruby service authenticated differently
  • custom JWT flows
  • hand-rolled invites
  • manual org resolution
  • ad-hoc roles
  • inconsistent impersonation logic
  • OAuth duplicated across services
  • no unified audit trail

We spent senior engineering time maintaining infrastructure that delivers zero competitive advantage.

Auth is the highest-leverage place not to write custom code.

PropelAuth gave us a clean, stable identity plane instantly.

What was your previous experience with auth?

Our team didn’t build identity providers, but we built financial systems where identity directly impacts money movement and risk:

  • permissions tied to financial outcomes
  • strict audit requirements
  • cross-service authorization consistency
  • session correctness
  • user + org context for approvals, refunds, escalations

This background made us extremely sensitive to brittle, inconsistent, or overly custom auth layers.

When we later expanded graph8 to multiple applications, we saw the same pattern: every product required consistent identity, and our Ruby-based approach simply could not scale.

PropelAuth restored the reliability we expect from systems that, in our past life, touched real financial flows.

Tell me about your implementation process.

We approached the migration systematically:

1. FastAPI Backend Integration

PropelAuth’s Python SDK integrated cleanly:

  • token verification
  • org + user claim injection
  • no custom middleware
  • consistent across all services

This replaced our legacy auth layer overnight.

2. Next.js + React SaaS Apps

Front-end authentication became deterministic:

  • simple React hooks
  • consistent session state
  • role-based UI derived directly from claims

3. Desktop IDE (Electron + VS Code Fork)

This was historically the hardest part of identity — but PropelAuth made it practical.

We implemented OAuth using secure IPC and Electron main-process token exchange:

  • avoided CORS
  • avoided exposing secrets to the renderer
  • unified SaaS + desktop login
  • consistent session lifecycle across environments

4. Identity-Aware Temporal Workflows

We rely heavily on Temporal for enrichment, sequencing, and AI-assisted operations. PropelAuth made it easy for our FastAPI services to validate user and organization claims before dispatching a workflow.

Temporal is identity-agnostic, but because PropelAuth provides clean, predictable tokens and org modeling, we can pass fully validated identity context into workflows — ensuring:

  • correct job attribution
  • permission correctness
  • consistent auditability

This reduced custom impersonation logic and aligned workflow identity with the rest of the platform.

5. Multi-App Identity

With PropelAuth, identity is now a platform primitive:

One login. Many apps. Zero drift.

This was impossible in our previous architecture.

6. Documentation

The documentation worked exactly as described — no surprises, no inconsistencies.

This is rare in identity systems.

“PropelAuth took one of the hardest parts of our platform, multi-app identity, and turned it into something predictable. It freed senior engineers, accelerated product delivery, and gave us an identity backbone we can build our entire GTM operating system on.”

Thomas Cornelius, Founder of graph8

How has PropelAuth helped you grow your business?

1. Increased platform velocity

We shipped new applications (Calendar, Sequencer, Marketplace) without touching custom auth code.

2. Reduced architectural overhead

Identity propagation across microservices, desktop apps, and AI agents is now standardized.

3. Freed senior engineers

Our principal engineers now focus on:

  • AI architecture
  • high-scale enrichment
  • event streaming
  • IDE automation
  • multi-app consistency

Instead of auth plumbing.

4. Unlocked ecosystem consistency

Identity is no longer a patchwork — it’s a stable system-level primitive.

5. Enabled enterprise readiness

We gained org-level roles, auditability, and straightforward SSO paths.

Quantified Impact

  • Reduced identity-related engineering work by 30–40%
  • Eliminated org-mounting inconsistencies entirely
  • Reduced new module auth integration from weeks to hours
  • Reduced identity-related support questions to near zero

Are there particular PropelAuth features you use heavily?

  • Backend token validation (FastAPI + Electron main process)
  • Organization + user claims
  • Cross-app session portability
  • Role-based authorization
  • Stable, predictable Python + JavaScript SDKs
  • Direct token exchange patterns for desktop environments

What are you looking forward to accomplishing next?

  • Multi-app enterprise SSO
  • Agentic automation using “run-as-user” identity context
  • Identity-aware Temporal workflows at larger scale
  • 100% unified identity across:
    graph8 Studio, Sequencer, Calendar, Inbox, Voice AI, Credits, Marketplace, Enrichment
  • Cross-application permission consistency
  • API key management for an upcoming plugin ecosystem
“PropelAuth is the reason identity is no longer the hardest part of our platform.”
Thomas Cornelius, Founder of graph8

PropelAuth is the identity foundation that allows graph8 to scale into a true GTM operating system.

To learn more about how graph8 can get your AI front office set up in minutes, check out their website.

To learn more about how PropelAuth can help you launch and grow your startup, check out our website.

Related Posts