After a year of solid growth and improvements in 2023, we are already gearing up for what 2024 has in store for ZITADEL. Our focus is always on how we can make things better for you, and it’s not just about keeping up; it's about paving the way forward.
In this post, we want to give you a sneak peek into some of the key features on our roadmap for 2024. These features and enhancements will help make ZITADEL more intuitive, responsive, and, most importantly, aligned with your needs. We are excited to share these developments and continue our journey together in enhancing your experience with our platform. Here are the top features and offerings for 2024:
1. Authentication Examples and SDKs for the Most Used Languages
ZITADEL will be rolling out more easy-to-understand examples and SDKs this year. Whether you are working on a frontend or backend project, you will find clear, hands-on examples that show you how to integrate ZITADEL's authentication into your app. For frontend apps, you will see more examples with session management, user roles, and even how to handle user profiles. For the backend, you will see examples on how to handle various types of access control. All of them will use recommended OIDC libraries or SDKs.
After setting the stage with these examples, ZITADEL's next move is to bring in more SDKs for languages like Java, Python, and PHP. We are planning to take them up a notch, showing you how to interact with ZITADEL APIs for more complex tasks, like managing user profiles or setting up security features. There will also be a wide range of languages and integration patterns. Whether you are coding in Python, PHP, or Java, or working on a mobile app, there is something in the pipeline for you. Plus, we are looking into making ZITADEL play nice with popular third-party tools. See this epic for more details.
2. ZITADEL Cloud’s Data Region Expansion: Introducing US and EU Hosting in 2024
This year, ZITADEL is taking a significant step forward in its service offerings with the introduction of data regions in the US and EU (European Union). This move is all about giving customers more control and assurance over where their data is hosted.
Data location is a big deal. It's about knowing the specific region, which could be a country or a group of countries, where your data lives. ZITADEL understands that for many businesses and users, where their data is stored is as important as how it is stored.
ZITADEL's cloud service is already offering a range of regions through Google Cloud Platform. These include:
Global: This is the broadest option, where your data can be hosted in any of the cloud regions offered by ZITADEL’s provider.
Switzerland: For those who prefer their data to stay in Switzerland, this option ensures hosting exclusively within the Swiss region.
GDPR Safe Countries: This is for those who want to align with GDPR guidelines. Data is hosted within EU member states and other countries recognized as adequate under GDPR.
And the big news for this year:
- US and EU Regions: Recognizing the demand and importance of these regions, ZITADEL is set to offer cloud instances in both the US and the EU. This expansion means increased flexibility and more choices for businesses and individuals with specific needs or preferences for data hosting in these areas. We expect this expansion to go live by early Q1. As always, keep an eye on our website for the most current information regarding available regions.
3. Say Hello to Customizable User Schemas
ZITADEL is about to roll out a game-changer for businesses managing user data—customizable user schemas! This update responds to the growing demand for flexibility in user information management, allowing businesses to tailor user data fields to their specific needs and compliance requirements.
The new user schema feature in ZITADEL enables complete customization of user data fields. Businesses now have the freedom to determine which fields are necessary and which are not, eliminating the need to fill irrelevant fields. This flexibility also extends to defining which fields users can manage on their own and which ones require admin oversight.
Most importantly, despite the customizations, the user sign-in process will remain straightforward. ZITADEL ensures that the system works seamlessly without additional configurations. The update also promises efficient performance, with validations happening swiftly to ensure a smooth user experience. We are keeping it simple and user-friendly.
We will enhance the user object structure to include a variety of fields like unique IDs, schema types, contact information, and custom profile fields, aligning with various user types. The introduction of a diverse range of authenticators will further enrich user interaction, catering to different security and access needs.
Incorporating JSON Schema Validation, the new feature allows robust validation of fields, ensuring data integrity and compliance. This flexibility also extends to management methods, with comprehensive options for creating, updating, and deleting users and schemas. Keep an eye out for this; it's going to make life a whole lot easier!
4. Custom Actions for Every Event and API Request
ZITADEL will be extending actions to let you create custom actions for every event, API call, and the functions you are already used to in ZITADEL. This means you can now tailor custom workflows to fit your exact needs. With this feature, you will be able to add your code, your own rules, right into ZITADEL's events and API calls. Whether it's an event in the system or an API request you are making, you will be able to hook in custom actions.
Event-Based Actions: You can attach actions to specific events within ZITADEL. After the event is stored, you decide when your custom action should kick in.
API Request Actions: Similarly, for any API request, you can define actions to occur at different stages—during the request or in the response phase.
Multi-Event Actions: And here's the kicker-you can create actions that run across multiple events. Think of it as a way to implement a consistent response or workflow across various parts of the system.
For developers, this feature is a game-changer. It means you can integrate ZITADEL more deeply into your systems and workflows. You are no longer just reacting to a few points during code execution—you gain the full flexibility of the programming language of your choice to customize the behavior of ZITADEL and react to events in real time. This level of customization is unprecedented and will unlock new ways of leveraging ZITADEL for your projects.
5. Streamlining User Management with Outbound Provisioning via SCIM
In 2024, ZITADEL will roll out a pretty cool feature that's going to make life a lot easier for businesses using Single Sign-On (SSO)—outbound provisioning with SCIM (System for Cross-domain Identity Management), and it's all about simplifying how user accounts sync up with external systems and applications.
Many SSO systems need a user account to already exist in their platform. Plus, these accounts must stay updated, especially when someone's status changes in the identity provider. This can get tricky when you're juggling multiple systems.
Understanding the need for pre-existing user accounts in many SSO systems, and the importance of keeping user statuses in sync with Identity Providers (IdPs), ZITADEL's solution focuses on extended actions. These allow for real-time updates and custom integrations with third-party systems, overcoming the challenges posed by standard SCIM implementations. This approach is not only more flexible but also caters to diverse use cases, offering businesses the ability to tailor their user management workflows.
Extended actions offer several advantages:
- They adapt to various third-party systems, allowing for a more personalized approach to user management.
- Changes in user accounts are instantly reflected across systems, ensuring up-to-date information.
- Supporting SCIM and generic API endpoints, this feature broadens the scope of integration possibilities.
The new feature enhances functionality through:
- Changes in user status automatically initiate actions, enabling immediate response to user management events.
- Fine-tuned control over actions based on user metadata or attributes.
- Options for executing REST calls or utilizing a SCIM module, enhancing data synchronization flexibility.
- Including all aspects of user management like creating, reading, updating, deleting, enabling/disabling users, and schema discovery.
- Detailed Documentation and Testing: Ensuring ease of integration and understanding.
6. Enhancing Team and Organization Onboarding with Improved Invitation Flows
ZITADEL is addressing a vital need in the B2B sector: better and more intuitive ways to invite team and organization members. Recognizing the importance of streamlined team management and onboarding processes, ZITADEL is set to introduce enhanced invitation flows that cater to the specific requirements of business-to-business scenarios.
The proposed solution focuses on empowering managers to invite new users to their organization effortlessly. Here’s what it entails:
Email Invitations: Users can be invited through an email containing a registration link specific to the organization from which the invite was sent.
SSO Integration: If Single Sign-On is enabled, invitees have the option to sign up using an external identity provider, enhancing the ease of the onboarding process.
Customizable Email Texts: The content of the invitation emails can be tailored to match the organization's tone and branding, offering a personalized touch.
This update is more than just about inviting members; it’s about enabling comprehensive team management within an application. This includes creating a new organization, appointing an admin user, configuring security settings like SSO and 2FA, and assigning roles to users. ZITADEL aims to make this process as intuitive as possible, addressing the common challenge of balancing authentication, authorization, and self-service configuration in cloud solutions.
ZITADEL recognizes that creating a custom onboarding experience is a frequent requirement. The new update will make it easier to understand and implement various methods for user registration, whether it’s through username/password, external IdPs, or social logins. This feature will further enhance the critical aspects of the B2B onboarding process.
7. User Group Authorizations
In 2024, ZITADEL will also introduce user group authorizations, a game-changing feature for administrators. This update streamlines the way permissions and roles are managed by leveraging group-based authorizations. Its key advantages are:
Group-Based Access Control: Admins can now manage permissions at the group level, rather than for individual users, saving time and reducing complexity.
Easy User and Group Management: Features include creating, updating, searching, and deleting groups. Users can be added effortlessly or removed from these groups.
Merged Authorizations: A standout feature where individual user roles are seamlessly combined with their group roles, enhancing flexibility and ensuring comprehensive access rights.
Integrated Authorization Visibility: Group authorizations are integrated into tokens and user information, maintaining consistency across the platform.
In essence, ZITADEL's user group authorizations simplify and enhance access management, making it more efficient for administrators, especially in larger organizations.
As we wrap up our preview of what 2024 holds for ZITADEL, we are genuinely excited and hope you are too. A lot of hard work is going into developing these features, and we're eager for you to start using them. Make sure to stay tuned for our release announcements.
Your continuous support and feedback are what drive us. So, thank you for being an integral part of our journey. Here's to a groundbreaking year ahead!