Product Newsletter May 2024

This is Max from ZITADEL. As in the previous months, in this update I want to highlight our product updates, and tips and tricks in making your identity infrastructure easier.

Feature highlights

Again in May, we kept the pace high with more than 76 improvements shipped to our self-hosting and cloud users. Let’s go through the key improvements to ZITADEL this month.

All changes

Improvements using external SAML IdPs

We understand that many organizations, particularly enterprises, leverage SAML for user federation. In response to your needs, we've made significant steps in enhancing ZITADEL's interoperability with various SAML providers this May.

Previously, ZITADEL relied on a persistent nameID format, requiring external identity providers (IdPs) to consistently return this format for linking users. However, some IdPs utilize transient nameIDs, leading to mismatched user identities.

This update allows you to define the preferred nameID format and configure how ZITADEL maps users based on attributes received from the external IdP. For instance, you can leverage email addresses from the IdP to link users with matching emails in ZITADEL.

While ZITADEL offers pre-configured templates for external IdPs that utilize OpenID Connect, we're considering extending this functionality to SAML providers. We value your feedback – let us know your thoughts on this potential addition!

Should we support SAML provider templates?

Making it easier to manage resources programmatically

While you get all the functionality through a UI, we are api-first and you are able to manage everything through our APIs. Managing ZITADEL resources and configuration programmatically just got simpler with some recent updates.

When you start with a new ZITADEL system, you need a first admin user to login and configure your system. In the past it was only possible to either create a human user or a service user, but not both at the same time. With a recent update creating both a human and service user is now possible, giving you hopefully a much simpler and easier access to configure ZITADEL from the start.

Moreover our terraform provider got significantly updated and improved over the last weeks. Examples are managing organization and user metadata as well as managing SAML and OIDC generic external identity provider templates.

Scaling to multi-million identities

We're excited to announce performance optimizations in ZITADEL to meet the growing needs of our enterprise customers! This update addresses the demands of multi-million identity deployments and aligns with our ongoing commitment to performance improvement. We've focused on enhancing the token endpoint, specifically for new token creation, alongside optimizations for many frequently used ZITADEL APIs. For detailed upgrade guidance, please refer to the technical advisories.

Technical Advisories

Office hours

Gear up for deeper dives and live engagement! We are excited to announce bi-weekly office hours on our Discord server for our community. These hour-long sessions will offer in-depth explorations of upcoming features, followed by a live Q&A where the ZITADEL team tackles your burning questions.

The first session, held on May 29th, delved into the exciting new version of the Actions feature.

Don't miss out on this chance to connect with the ZITADEL team and stay ahead of the curve! Checkout our meeting schedule for upcoming sessions.

Office hours meeting schedule

You will become a Pro

ZITADEL Cloud subscription model is changing to a simpler daily active user (DAU) model on July 1st for easier cost allocation and full feature access across instances. This serves as a friendly reminder that accounts not already on our Pro plan will automatically update.

All new subscription plans will include in the base fee 25’000 Daily Active Users in a month, one custom domain, and 3 external identity providers.

Pricing Plans

Contributors for the win

19 contributions came from our community in May. Thank you for your the continued support and the time you put in to make the project better for everyone.

  • yordis helped us bring the typescript repo for our next gen login UI significantly forwards
  • Never forget to activate your email service provider with this change from doncicuto
  • Also by doncicuto comes a solution to a community request, adding customization options to console navigation buttons
  • sujoysb improved the error messages and user feedback for password complexity validations
  • calRobert, jayPe69, aurel004, burahimu all helped with our translations, and typos (is our French that bad? Apologies.)
  • cr1cr1, exeteres, kleberbaum contributed various improvement to our Charts
  • Sign tokens FAPI-compliant with ES256 and PS256 thanks to nannany
  • ymarcus93 increased compatibility with certain identity providers and fixed some issues around the library

Additional resources

New Success Story: Achieving 70% Faster B2B Integration in Document Automation at BLP Digital

Thanks for reading,

Liked it? Share it!