Loading...

Software Engineer, Identity & Access

Lovable at a glance

lovable.dev
  • Founded 2023

SEC filings mentioning "Lovable": 152search EDGAR

Source: Wikipedia

Lovable

TLDR;
You’ll own the identity layer that powers every Lovable app — from auth flows and session management to RBAC, API keys, and multi-tenancy isolation. This is a high-trust, high-impact role at the intersection of security, product, and platform engineering, shaping how millions of end users authenticate into AI-generated applications.

About Lovable & the Apps Platform

Lovable is an AI-powered software creation platform. Millions of users use Lovable to go from idea to working application, generating hundreds of thousands of apps every day.

The Lovable Apps Platform is what makes those generated apps actually run in production. The moment a user hits deploy, the Apps Platform takes over — provisioning the database, handling user auth, storing files, serving the app over a custom domain, capturing logs, and metering usage. It’s the full backend and hosting layer for every app built on Lovable, designed so creators never have to think about infrastructure to ship something real.

The Apps Platform is growing fast, and we’re investing heavily in each layer of the stack — building deeper ownership over the services that power our users’ apps so we can move faster, scale better, and shape the product experience us and our users actually want.

The Role

We’re looking for a senior identity and access specialist to own authentication, authorization, and user management across the Lovable Apps Platform. You’ll build the identity layer that both Lovable’s own platform and every user-generated app depend on — from auth flows and session management to RBAC, API keys, and multi-tenancy isolation.

Identity is the front door to every Lovable app. As we move from a bundled auth stack to our own composable identity layer, we need someone who can build a system that’s both developer-friendly and security-hardened. You’ll shape how millions of end users authenticate into AI-generated applications — and how Lovable’s own platform manages access, secrets, and trust. This is a high-trust, high-impact role at the intersection of security, product, and platform engineering.

What You’ll Do

  • Design and build the Apps Platform’s identity and access management system, covering both platform-level auth (Lovable users) and app-level auth (end users of Lovable-generated apps)

  • Implement authentication flows: OAuth 2.0/OIDC, magic links, social login providers, MFA, and session management

  • Build a robust authorization model: RBAC, row-level security, API key management, and fine-grained permissions

  • Own multi-tenancy isolation — ensuring that user apps, data, and credentials are securely separated

  • Manage secrets infrastructure: secure storage, rotation, and access control for database credentials, API keys, and service tokens

  • Migrate identity services from the current bundled setup to a fully owned, composable identity layer without breaking user sessions

  • Operate auth as a production service: monitoring, alerting, incident response, and capacity planning for a system on the critical path of every request

  • Collaborate with the AI and product teams to ensure that generated apps get secure-by-default auth without requiring user expertise

What We’re Looking For

  • Deep expertise in identity and access management: OAuth 2.0, OIDC, SAML, JWT, session management, and token lifecycle

  • Experience building or operating auth systems at scale — ideally in a multi-tenant SaaS or PaaS context

  • Strong security mindset: you treat credential leakage, privilege escalation, token theft, and tenant isolation as first-class concerns

  • Experience with RBAC/ABAC models and row-level security in Postgres

  • Familiarity with identity providers and auth services (Auth0, Supabase Auth, Clerk, Firebase Auth, Keycloak, etc.)

  • Comfortable with TypeScript across backend services and API layers

  • You’ve migrated auth systems or transitioned between identity providers in production without breaking user sessions

  • Operational instincts: you think in uptime, latency percentiles, and blast radius — auth outages take down everything downstream

  • You’re based in Stockholm or ready to relocate – this is an on-site, 5-days-a-week role.

Nice to Have

  • Experience with secrets management tools (Vault, AWS Secrets Manager, or similar)

  • Background in compliance-relevant auth work (SOC 2, GDPR, HIPAA)

  • Familiarity with Supabase Auth internals (GoTrue) or similar open-source auth servers

  • Experience designing auth for AI-generated or low-code applications

  • Familiarity with managed cloud services (AWS, GCP) and the tradeoffs of buy-vs-build for identity infrastructure

Our tech stack

We’re building with tools that both humans and AI love. Lovable software engineers are capable of working across the whole stack. Examples of tech in our stack include:

  • Frontend: React and Typescript.

  • Backend: Golang and Rust.

  • Cloud: Cloudflare, GCP, AWS, Modal.

  • Data: Clickhouse, Firestore, Spanner, BigQuery.

  • DevOps & Tooling: CI/CD pipelines, OTEL, Kubernetes, Terraform.

And always on the lookout for what’s next!

About your application

  • Please submit your application in English – it’s our company language so you’ll be speaking lots of it if you join

  • We treat all candidates equally – if you’re interested please apply through our careers portal

To apply for this job please visit jobs.ashbyhq.com.

What people say about Lovable

Recent news

Aggregated from public discussions and news; opinions are the authors’ own.

Working in Stockholm, Sweden

Weather right now in Stockholm, Sweden: checking… · Local time: · Air quality: · Daylight: · UV index: · Wind:

Stockholm is the capital and most populous city of Sweden, as well as the largest urban area in the Nordic countries. Approximately 1 million people live in the municipality, with 1.6 million in the urban area, and 2.5 million in the metropolitan area. The city stretches across fourteen islands where Lake Mälaren flows into the Baltic Sea. Outside the city to the east, and along the coast, is the island chain of the Stockholm archipelago. The area has been settled since the Stone Age, in the 6th millennium BC, and was founded as a city in 1252 by Swedish statesman Birger Jarl. The city serves

🇸🇪 Relocation safety for Sweden: Very Safevia Warnely, CC BY 4.0

National unemployment rate in Sweden: 8.7%via World Bank

  • Elevation 30m (98 ft)

Job details above are provided by the employer/source. The sections on this page are compiled from public data sources with AI assistance.

Accommodations: if you need a workplace accommodation to apply for or perform this job, see ADA.gov or EEOC.gov for guidance on your rights and how to request one.

Add application deadline to calendar

Keep exploring on Get A Job.ai

Not quite the right fit? Your next opportunity is a click away.

Hiring instead? Post a job and reach candidates searching right now.