ZITADEL comes with all the features included to leverage your team, your customers and your software to make use of one of the most advanced identity and access management systems on the market today. And best of all, ZITADEL does this with the convenience of single sign-on, powerful and yet simple to use APIs as well as a completely transparent traceability of all process steps using an event-based audit trail.
Passwordless (FIDO2) identification of a user or by presenting user name and password. ZITADEL can enforce policies for passwords for increased security by storing rules which check the composition of a password, such as minimum length or characters to be included.
With the authentication of a user by ZITADEL, the authorizations and its business functions in terms of roles for the use within an application are determined. This ensures that a user is basically authorized to use the application, but can only use the functions that are intended and assigned for just the role the user has.
Single Sign On
Users log in once and access every possible service without re-entering authentication factors. ZITADEL enables this via standard protocols such as OpenID Connect. Services that cannot be directly integrated can be integrated with identity aware proxys or web application firewalls (WAF). Session management is therefore handled identity-based in identity access management (IAM) and no longer solely in the application. In addition, cloud applications can also be easily connected in this way.
Multi-factor and Passwordless
With ZITADEL you can easily integrate multi-factor or passwordless authentication into your application. All you have to do is point to ZITADEL with a federation protocol and define the level of required authentication quality. Step-up authentication also works, whereby the user only has to enter the MFA attribute or gesture.
ZITADEL offers the possibility to configure different social logins. Google is already stored as default, but any OIDC compliant provider can be configured via ZITADEL Console.
Self-service for your customer
Connect your services to ZITADEL and have the simple option of allowing your customers to manage the roles themselves. This eliminates ticket-based processes and relieves your organization. This function is particularly interesting for providers of SaaS services, as it saves you having to use your own IAM.
One IAM system for all of your identities
With ZITADEL you can manage identities of customers, business partners, employees, machines, and IoT devices in the same system. Synchronization with various systems such as LDAP and cloud directories is made possible with the “Bridge” element. This way you can integrate ZITADEL into your existing landscape.
Machine to machine
In addition, protect the transactions, service calls and API calls between your services. ZITADEL offers the possibility of authenticating machines and thus protecting calls to services against unauthorized access and manipulation.
Traceability is an important basis for an IAM, which is why ZITADEL offers you an audit trail of all operations of an account and its actions. The audit trail is firmly anchored in the ZITADEL because the internal data model does not save it separately but derives it from an event stream. In contrast to the other IAMaaS services ZITADEL offers an audit trail with up to 13 months of recording time frame.