CH Open Business Lunch - Why we built an open source Identity & Access Management

This post is more than a year old. The contents and recommendations in this blog could be outdated.

Outline of the Talk

  • Introduction (00:00)
  • Why did we actually start the project (07:24)
    • 2019 - the start (08:00)
    • The basic requirements of most (X)aaS project today (10:04)
    • What generally felt wrong or was missing (13:08)
    • What functions each project needs - sooner or later (28:02)
    • Challenge 1 - Identity Brokering with self-service (28:28)
    • Challenge 2 - Delegation of roles to other organizations (31:24)
    • Challenge 3 - Audit trail (34:15)
    • Challenge 4 - Analytics & Reporting (36:50)
    • Influential products to our vision (38:47)
  • What makes ZITADEL so special (39:36)
  • What else can ZITADEL do for you (43:40)


Abstract: The concepts of Authentication and Authorization play an important role for securing services and data. With the emergence of Multi- and Hybrid-Cloud Patterns a new challenge arises for secure Authentication across domains, while privacy of employee or customer information is more important than ever.

In this talk we want to explain some of the key challenges with today’s Identity & Access Management (IAM) and why we ultimately built a new open source IAM, ZITADEL, to change the traditional business-model and principles of IAM solutions for example by

  • Optimizing for day-two operations and elasticity with a cloud-native architecture
  • Including all security-related functions (like MFA, Passwordless) in the core of the product
  • Building a solid audit trail through event-sourcing
  • Encouraging automation and easy integration of lifecycle management

You will gain a better understanding of IAM concepts and themes such as

  • Federation / IAM Service
  • Human to machine interaction (SSO, Passwordless)
  • Machine to machine interaction (Service Accounts, Delegation)
  • Identity Brokering
  • User and access management self-service
  • Workflow integration with APIs & Webhooks

Speaker: Florian Forster, CEO of CAOS, is an IT security fanatic with extensive knowledge of electronic identities. Florian participated in the IAM workgroup of eCH, is a member of the OpenID Foundation and headed, prior to starting CAOS, an eGovernment team focussing on IAM topics.

CH Open & CAOS

CH Open is the Association for the promotion of Open Source Software and Open Standards in Switzerland. CAOS manages the open source products ZITADEL and CAOS, and is member of the association since 2021.

Further resources

Liked it? Share it!