ZITADEL comes with all the features included to leverage your team, your customers and your software to make use of one of the most advanced identity and access management systems on the market today. And best of all, ZITADEL does this with the convenience of single sign-on, powerful and yet simple to use APIs as well as a completely transparent traceability of all process steps using an event-based audit trail.
Identification of a user through his user name and password. ZITADEL can enforce policies for passwords for increased security by storing rules which check the composition of a password, such as minimum length or characters to be included.
With the authentication of a user by ZITADEL, the authorisations and its business functions in terms of roles for the use within an application are determined. This ensures that a user is basically authorised to use the application, but can only use the functions that are intended and assigned for just the role the user has.
Single Sign On
Use the convenience of a single sign-on solution for every possible service. ZITADEL enables this via standard protocols such as OpenID Connect. Services that cannot be directly integrated can be integrated with identity aware proxys or web application firewalls (WAF). Session management is therefore handled identity-based in identity access management (IAM) and no longer solely in the application. In addition, cloud applications can also be easily connected in this way.
With ZITADEL you can easily integrate multi-factor authentication into your application. All you have to do is point to ZITADEL with a federation protocol and define the level of authentication quality. Step-up authentication also works, whereby the user only has to enter the MFA attribute.
Self-service for your customer
Connect your services to ZITADEL and thus have the simple option of allowing your customers to manage the roles themselves. This eliminates ticket-based processes and relieves your organisation. This function is particularly interesting for providers of SaaS services, as it saves you having to use your own IAM.
One IAM system for all of your identities
With ZITADEL you can manage identities of customers, employees and machines in the same system. Synchronization with various systems such as LDAP and cloud directories is made possible with the “Bridge” element. This way you can integrate ZITADEL into your existing landscape.
Machine to machine
In addition, protect the transactions, service calls and API calls between your services. ZITADEL offers the possibility of authenticating machines and thus protecting calls to services against unauthorized access and manipulation.
Traceability is an important basis for an IAM, which is why ZITADEL offers you an audit trail of all operations of an account and its actions. The audit trail is firmly anchored in the ZITADEL because the internal data model does not save it separately but derives it from an event stream. In contrast to the other IAMaaS services ZITADEL offers an audit trail with up to 13 months of recording time frame.
ZITADEL will be improved constantly, the following features will be integrated as next:
- OpenID Connect relying party support
- More multifactor methods
- SAML client authentication