Zitadel targets developers with open-source identity management platform

We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 — 28. Join AI and data leaders for insightful talks and exciting networking opportunities. Register today!

Zitadel, an identity management platform, announced $2.5 million in seed funding to enhance its open-source identity management platform for developers.

According to Florian Forster, cofounder and CEO of Zitadel, the Zitadel platform is designed to help developers integrate identity management into their software, forming the basis for the company’s SaaS product. Forster said it offers secure login, authorization and user self-service to help developers focus on building their business features, while Zitadel focuses on providing the necessary features around user and access management for B2C and B2B cases.

Passwordless authentication

Passwords aren’t ideal because they can be forgotten or lost. According to a study, 73% of users reset at least one password every 90 days because they forget it. This explains why more than 60% of employees use the same password for work and personal apps. Although 91% of respondents in a recent survey were aware of the dangers of password reuse, 59% acknowledged doing it regardless. It’s no surprise that passwords have been a popular target for cybercriminals with a report citing that password issues accounted for more than 81% of all cyberattacks.

Passwordless authentication replaces passwords with alternative authentication factors such as biometrics, which may include fingerprints, palmprints, thumbprints, retina or iris scans, or voice or facial recognition. In fact, biometrics are proving to be better than passwords, Forbes reports, not only because they provide greater privacy and security, but also because they’re easier to use across a myriad of desktop, mobile and server devices.

Many enterprise security leaders are still looking for ways to balance trust and responsibility with cost and user experience (UX) when it comes to identity and access management (IAM). Biometric authentication, according to Gartner, offers a better chance of achieving that balance than traditional approaches such as passwords or tokens.

A developer-focused solution

There were several developer-specific challenges the Zitadel team set out to solve: Due to consolidation in the identity market, Forster told VentureBeat in an email interview that “there is currently a lack of developer-oriented identity tools that provide an easy integration into software projects.” As a result, developers might spend a considerable amount of time making their own authentication and authorization systems. There is also a rising demand for open-source tools that are written in modern programming languages such as Go. 

Forster claims Zitadel, which was built mostly in the Go programming language, tackles these challenges by providing integrations in a variety of languages and frameworks. He added that this flexibility allows developers to take advantage of the company’s prebuilt capabilities to boost productivity. In addition, the company claims its capabilities address existing open-source projects that were not built for a cloud-native and serverless environment.

Cloud hosting and self-hosting

Zitadel’s platform is available for both self-hosted and cloud-hosted options. And while traditional hosting has a number of advantages that will keep it relevant for many years, Zitadel claims that its cloud-hosted offering allows anyone to build a Zitadel instance in under five minutes and without using a credit card.

Also, Zitadel says that its cloud allows users to define the country or geopolitical region in which their data is stored, as part of its continued commitment to give GDPR assistance to its customers. While the GDPR is meant to safeguard the personal information and secure the data of EU citizens and residents, it can also apply to corporations, NGOs and universities outside the EU, like in the U.S. 

Competition in identity management 

Every user engagement online begins with the user’s identity, and any login must strike a balance between user convenience, privacy and security. While there are different companies that provide IAM services, Forster said Zitadel’s most relevant competitors are Auth0/Okta and Keycloak, because they also focus on developers and a passwordless approach.

However, Forster said Zitadel combines the traits of multiple providers in this space. He noted that Zitadel is modern and flexible like Auth0 and open source like Keycloak. He said that compared to Auth0, users get the freedom to run Zitadel on any infrastructure efficiently. Also, developers seeking an open-source alternative, like Keycloak, get an identity management platform built on a future-proof technology stack. All of these, Forster said, are accomplished while supporting a number of well-known protocols such as OpenID Connect, OAuth, SAML 2.0 and FIDO.

In a press release, Zitadel said it has enhanced the solution’s enterprise-readiness. Multi-tenancy, infinite audit trails, better self-hosting and serverless deployment support are among the new features, as is the possibility to extend Zitadel’s functionality with bespoke WebAssembly code.

The funding, led by Nexus Venture Partners, will be used to recruit the needed skills and resources to build a community around the open-source project.

VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn more about membership.