You want auth that's quickly set up like Auth0 but open source like Keycloak? Look no further — ZITADEL combines the ease of Auth0 and the versatility of Keycloak.

We provide a wide range of out of the box features like secure login, self-service, OpenID Connect, OAuth2.x, SAML2, branding, Passwordless with FIDO2, OTP, U2F, and an unlimited audit trail to improve the life of developers. Especially noteworthy is that ZITADEL supports not only B2C and B2E scenarios but also B2B. This is super useful for people who build B2B Solutions, as ZITADEL can handle all the delegated user and access management.

With ZITADEL you rely on a battle tested, hardened and extensible turnkey solution to solve all of your authentication and authorization needs. With the unique way of how ZITADEL stores data it gives you an unlimited audit trail which provides a peace of mind for even the harshest audit and analytics requirements.

---

🏡 Website 💬 Chat 📋 Docs 🧑‍💻 Blog 📞 Contact

Get started

ZITADEL Cloud (SaaS)

The easiest way to get started with ZITADEL Cloud.

It's free for up to 25'000 authenticated requests. Learn more about the pay-as-you-go pricing.

Install ZITADEL

• We provide installation guides for multiple platforms here

Quickstarts - Integrate your app

Multiple Examples can be found here

If you miss something please feel free to join the Discussion

Why ZITADEL

• API-first
• Strong audit trail thanks to event sourcing
• Actions to react on events with custom code
• Branding for a uniform user experience
• CockroachDB or a Postgres database is the only dependency

Features

• Single Sign On (SSO)
• Passwordless with FIDO2 support
• Username / Password
• Multifactor authentication with OTP, U2F
• Identity Brokering
• Machine-to-machine (JWT profile)
• Personal Access Tokens (PAT)
• Role Based Access Control (RBAC)
• Delegate role management to third-parties
• Self-registration including verification
• User self service
• Service Accounts
• OpenID Connect certified => OIDC Endpoints, OIDC Integration Guides
• SAML 2.0 => SAML Endpoints, SAML Integration Guides
• Postgres (version >= 14) or CockroachDB (version >= 22.0)

Track upcoming features on our roadmap.

Client libraries

Language	Client	API	Machine auth (*)	Auth check (**)	Thanks to the maintainers
.NET	zitadel-net	GRPC	✔️	✔️	buehler 👑
Dart	zitadel-dart	GRPC	✔️	❌	buehler 👑
Elixir	zitadel_api	GRPC	✔️	✔️	jshmrtn 🙏🏻
Go	zitadel-go	GRPC	✔️	✔️	ZITADEL
Rust	zitadel-rust	GRPC	✔️	❌	buehler 👑
JVM	🚧 WIP	❓	❓		TBD
Python	🚧 WIP	❓	❓		TBD
Javascript	❓	❓	❓		Maybe you?

(*) Automatically authenticate service accounts with JWT Profile.
(**) Automatically check if the access token is valid and claims match

How To Contribute

Details about how to contribute you can find in the Contribution Guide

Contributors

Made with contrib.rocks.

Showcase

Passwordless Login

Use our login widget to allow easy and secure access to your applications and enjoy all the benefits of passwordless (FIDO 2 / WebAuthN):

• works on all modern platforms, devices, and browsers
• phishing resistant alternative
• requires only one gesture by the user
• easy enrollment of the device during registration

Admin Console

Use Console or our APIs to setup organizations, projects and applications.

Register new applications

Delegate the right to assign roles to another organization

Customize login and console with your design

Security

See the policy here

License

See the exact licensing terms here

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.