News
March 19, 2021

Rafael Burlet

Why do we use ZITADEL?

We just released the first stable version of Velox. Part of this release is the integration with ZITADEL, the swiss IAM solution of choice. That’s why we thought it would be interesting to elaborate on the solution a bit more.

What you’ll learn in this article

What is IAM and why do I need it?

IAM stands for Identity and Access Management. You’ve probably already used one of the well-known providers but didn’t notice, as these systems mainly work in the background.

IAM is a critical part of every enterprise’s security strategy because it’s tightly linked to the security and productivity of today’s digitally connected environments. For example, compromised credentials are often used as an entry point into enterprise networks. By using an IAM solution, you can safeguard your information assets from ransomware, phishing, hacking and other malware vulnerabilities.

On the other hand, your users might have more access privileges than they should have. In this case, an IAM system adds an additional layer of protection by taking care of users' access rules and policies throughout the whole organization. This greatly reduces the complexity and cost to safeguard your users and their credentials, while at the same time enabling your employees to be more productive in all environments due to Single Sign-On capabilities.

What is ZITADEL?

ZITADEL is a modern Swiss-based IAM solution, developed by our reliable partner CAOS AG. The vision of CAOS is to offer cloud-optimised Identity & Access Management (IAM) as Software-as-a-Service (SaaS) in Europe. The free and uncomplicated entry, the inclusion of unlimited identities, and dynamically purchasable options enable extremely flexible scaling. With this IAM-as-a-Service offering, CAOS is the only Swiss and European provider of such a solution and can meet the highest standards of privacy, data protection and customer proximity.

zitadel control interface
Zitadel Control

Main features

  • Authentication integration with OpenID Connect
  • Role-based access management
  • Single Sign-On
  • Multi-factor and Passwordless security
  • Self-service for our customer
  • One IAM system for all of your identities
  • Machine to Machine Authentication and Authorization
  • Audit Trail up to 13 months

But they don’t stop here, checking out their roadmap reveals powerful features coming up. This is just amazing, great job guys!

Upcoming features

  • Support for Private-Labeling / Corporate Identity
  • SAML 2.0
  • Outbound Webhooks
  • More multifactor methods (SMS-TAN)
  • LDAP /& ADDS Support

Why did we decide to use ZITADEL?

There are numerous reasons why ZITADEL is the perfect solution in combination with VELOX.

First of all, it’s really easy to integrate, because they offer their Software as a Service. This allows an improved time to market with any project it is integrated with.

Second, ZITADEL can as well be self-hosted within your own infrastructure, which allows for a maximum amount of control, security and flexibility without the need to integrate multiple solutions.

Third, it’s open-source license (Apache 2.0) allows more insight and control than proprietary projects.

Last but not least, it’s Swiss made and also hosted in Switzerland which is crucial for companies with restrictions to keep their data in Switzerland. This is an important requirement, as many companies we work with are forced to keep their data in Switzerland or at least in their own infrastructure.

Therefore it is essential that the IAM solution coupled with VELOX is able to support this scenario and is not pure SaaS oriented.

Final thoughts

The integration of ZITADEL into Velox was a huge success, and we were impressed by how easy it was to migrate from Okta to ZITADEL. Now, we couldn’t live without it anymore, but that’s a good thing as we can rest assured that our internal- and our customers’ logins are protected.

More from VELOX

Get updates on VELOX

Velox is the leading open-source headless B2B ecommerce foundation for tailor-made, future-proof implementations.