The HOW behind Zitadel with Fabienne Bühler, Co-Founder & CPO

Curious who helps drive Zitadel’s product roadmap from theory to reality? I recently sat down with Fabienne Bühler, Co-founder and Chief Product Officer (CPO) at Zitadel, to discuss her strategy to build an impactful open-source identity and access management (IAM) platform with Zitadel.

We also transcribed the conversation if you prefer to read through a quick summary instead.

Getting to know Fabienne

Fabienne—Fabi to the team—brings a solid software engineering background that proved invaluable when co-founding Zitadel. As the company grew, she shifted into product management and now serves as Chief Product Officer (CPO). In this role, Fabi connects the dots between critical product paths, keeping both the team and our customers front and center. When she is not at her desk, you will find her hiking through the Swiss mountains or relaxing by the lake—making the most of Switzerland's natural playground.

Early Days: The Founding Story of Zitadel

In 2019, Fabi joined forces with Florian Forster, Maximilian Panne, Stefan Benz, Silvan Reusser, Elio Bischof, Livio Armstutz, and Max Peintner to launch Zitadel. The spark? While building an identity solution for a Swiss public sector company, they spotted a gap in the market for a robust open source IAM solution. They set out to create something different—a platform that nailed self-hosting, multi-tenancy, and flexibility. And Zitadel was born.

Fun fact: Before there was a proper office, the team turned coffee shops into their headquarters. They even commandeered a local bar during daylight hours—wrapping up their coding sessions just before the evening crowd rolled in!

The Daily CPO Routine at Zitadel

Fabi shares that the daily rhythm as CPO at a fast-growing startup like Zitadel varies and she often needs to strike a balance between product delivery and product discovery. She is constantly in the mix — jumping between Discord conversations, GitHub discussions, and sales calls to understand how customers are putting Zitadel to work in the wild.

Fabi enables the product ecosystem by connecting the stakeholders across our growing organization and community, making sure everyone is in the loop and the right teams tackle the right challenges. This hands-on approach shapes how we build our product roadmap—always grounded in what users actually need.

The Reality Check: What IAM Implementation Actually Looks Like

When talking about IAM implementation pitfalls, Fabi does not mince words: identity management looks deceptively simple until it isn’t. You can start with the basic usernames and passwords, but as your business grows, complexity snowballs fast.

She recommends scoping your organization’s requirements, keeping both long and short term for your identity needs. Then evaluate if you want to build and maintain all the identity infrastructure yourself? Building an IAM platform is one challenge, but keeping it running smoothly is an entirely different challenge. This is where partnering with a team like Zitadel is pragmatic. We meet wherever you are in your journey—whether you are a small team looking for cloud solutions or an enterprise that needs data ownership and self-hosting.

Zitadel’s Unique Market Advantage

Fabi excitedly shares that Zitadel offers many advantages to businesses looking to implement or migrate their identity infrastructure:

• Multi-tenancy that actually works: We built multi-tenancy into Zitadel’s DNA from day one—not as an afterthought or a hacky add-on you will find in some of the alternatives in the market today. If you are juggling complex org structures, you need an IAM solution that was designed for it, not patched together.
• Build whatever you need: Out of the box, Zitadel handles your standard authentication needs. And this is when it gets more exciting—webhooks, actions, APIs, and pre-built connectors enable you to tackle any edge cases to meet your business needs. No matter the complexing of your use case, the Zitadel team and the platform has you covered.
• Deploy it your way: Whether you want the simplicity of our cloud offering (zero maintenance headaches) or need self-hosting for data residency requirements, our Zitadel platform supports it. Fabi highlights how you own your identity data either way—without burning resources to maintain a custom-built system.

Choosing the Right Feature for the Product Roadmap

Fabi articulates that building a roadmap is not just about picking features—it is about balance. She breaks it down: “We listen to our community members, enterprise customers, and open source contributors, and share that feedback publicly. Stemming from our roots in open source, transparency is critical for us.”

Then comes the harder aspect of aligning the feedback with features. Every decision needs to align with Zitadel’s vision while delivering real value to our entire ecosystem. It is a constant balancing act and that openness keeps us honest.

Zitadel’s 2025 Product Roadmap

Fabi shares her excitement for 2025—it is all about making developers’ lives easier! Here’s what’s cooking:

• Better APIs everywhere: We are overhauling our APIs from the ground up. Better integrations, clearer documentation, and smoother developer experience to ensure your API calls are frictionless.
• Developer-friendly SDKs: Starting with Python, we are building SDKs that streamline your integrations.
• Smoother Onboarding: No more wrestling with configs for hours. We are rebuilding onboarding so you can go from zero to authenticated in minutes.
• Enterprise-readiness
  • Performance, at scale: Performance improvements built to support organizations managing millions of users.
  • Groups management: Groups, one of your most requested features, is coming soon. This enables you to manage user groups at scale.
  • Actionable Analytics: Monitor logins, daily active users (DAUs), monthly active users (MAUs), and identify potential issues before they escalate.
  • AI-powered threat detection: This leverages anonymized data to proactively identify security risks.

Quarterly Release Schedule for Zitadel

We have made a strategic shift to a quarterly release cycle, and here’s why it matters: our customers get predictable updates and a clearer path to staying current. Plus, it helps us tackle a real problem—too many legacy versions of Zitadel floating around in production.

For our team, this gives more time to prepare for releases and limit the possibility of a chaotic product roadmap. As Fabi points out, we can now share release candidates with the community a full month before releasing the stable release. This means better testing, clearer documentation, and a smoother plan for deprecating outdated features.

The bottom line is that you get more reliable updates and we deliver higher quality releases.

Evolution of Zitadel’s Licensing Model

Zitadel launched under Apache 2.0 license—a great choice for building community and getting our code into developers’ hands. But as Fabi explains, our commitment to open source has not wavered; it has actually grown stronger. The move to AGPL 3.0 was about protecting what we have all built together. This license ensures that the years of work from our core team and community contributions stay open and benefit everyone.

What does this mean in practice? If you are building with Zitadel, you are contributing back—either through code or through financial support. This creates a sustainable model that keeps the project healthy and the community thriving.

Note: Learn more about the AGPL 3.0 licensing change in this blog post.

Contributing to the Zitadel Ecosystem

Fabi highlights that there are many ways one can contribute to the Zitadel community, regardless of your technical background . Our GitHub issues are a goldmine for contributors—you will find everything from documentation updates, typo fixes to SDK examples, and bug squashing. Not a coder? Join our Discord community and help someone troubleshoot their setup or share product feedback that makes a real difference.

We are also constantly looking for beta testers through our community newsletter. Your hands-on feedback helps us catch issues and refine features before they hit production. Sometimes the best contribution is telling others about your experience with Zitadel.

Fabi still remembers the team's excitement when that first pull request landed. Watching the community help each other and grow together remains one of the most rewarding parts of building Zitadel. Every contribution—big or small—keeps that spirit alive.

Envisioning the Future at Zitadel

Fabi outlines Zitadel’s vision in three strategic phases:

1. Build the foundation right: We are creating a comprehensive platform that unifies authentication and authorization. Seamless integration with your existing business tools is critical—we know switching costs are real, and integration complexity impedes adoption.
2. Enable powerful customization: Our APIs and Actions framework give you the flexibility to adapt Zitadel to your specific workflows. We are exploring a community marketplace for Action templates, where teams can share proven solutions for common scenarios. It’s about empowering your organization to leverage the platform fully.
3. Advance security intelligently: By training models on anonymized data, we can proactively identify threats and neutralize bot attacks. The collective intelligence approach means every Zitadel user contributes to and benefits from stronger security across the platform.

Our immediate priorities remain clear: enhanced threat detection, comprehensive analytics, group management, and expanded Actions capabilities. We are also investigating Fine Grain Authorization (FGA) in response to customer feedback—because our roadmap reflects real-world requirements, not theoretical features.

“If Not Tech…”: Alternative Career Paths

What would Fabi be up to in a parallel universe without keyboards and code? As it turns out, she would still be in the business of helping folks—just with different tools in her toolkit. Picture Fabi as a Nutrition Advisor, swapping API documentation for meal plans, or perhaps as a Psychologist, debugging minds instead of software.

No matter which universe we peek into, there's Fabi—putting people first, solving problems, and probably still organizing everything into neat little systems. Some things are simply written in the stars! ✨