Why we built an open source Identity & Access Management



The concepts of Authentication and Authorization play an important role for securing services and data. With the emergence of Multi- and Hybrid-Cloud Patterns a new challenge arises for secure Authentication across domains, while privacy of employee or customer information is more important than ever.

In this talk we want to explain some of the key challenges with today’s Identity & Access Management (IAM) and why we ultimately built a new open source IAM, ZITADEL, to change the traditional business-model and principles of IAM solutions for example by

  • Optimizing for day-two operations and elasticity with a cloud-native architecture
  • Including all security-related functions (like MFA, Passwordless) in the core of the product
  • Building a solid audit trail through event-sourcing
  • Encouraging automation and easy integration of lifecycle management

You will gain a better understanding of IAM concepts and themes such as

  • Federation / IAM Service
  • Human to machine interaction (SSO, Passwordless)
  • Machine to machine interaction (Service Accounts, Delegation)
  • ID Brokering
  • User and access management self-service
  • Workflow integration with APIs & Webhooks





Florian Forster, CEO of CAOS, is an IT security fanatic with extensive knowledge of electronic identities. Florian participated in the IAM workgroup of eCH, is a member of the OpenID Foundation and headed, prior to starting CAOS, an eGovernment team focussing on IAM topics.




The recording including the slides you will find here.