Pricing.
Security, performance and reliability – all available in different configurations
We believe that security features should not cost extra in an IAM. This is the reason why we offer unlimited users and do not charge extra for additional authentication options such as 2 factor and passwordless. We decided to charge for other things like customization, SLA and support in our ZITADEL Cloud. Sign up immediately to try it out or contact us to setup and operate a dedicated instance for you. Compare the plans below and if you need more help with your decision, read our blog post about Why should I upgrade my ZITADEL subscription?
Run small projects with little budget, yet get already access to support
Start nowCustomize your login, edit your organization's policies, and get access to our support.
- SLA99.50%
- Supportbest effort, email
- PrivatelabelingColors, Logos
- Custom policiesLogin Provider, Password
- Domain verificationincluded
- Audit Log1 Month
- ReportingUsers
All our tiers include unlimited IAM resources and all required security features. No compromise.
- Unlimited Users
- Unlimited Projects
- Unlimited Applications
- 24x7x365 Operations
- Identity Brokering
- OpenID Connect & OAuth
- Second & Multifactor
- Passwordless
- APIs
Contact our support if you need help
Compare subscription plans
free | outpost | starbase | fortress | |
---|---|---|---|---|
#Price per month | ||||
CHF | free | 50 | 250 | 1000 |
#IAM Resources | ||||
User | ||||
Projects | ||||
Clients / Applications | ||||
#Operations | ||||
Operation | 24x7 | 24x7 | 24x7 | 24x7 |
Monitoring & Break-fix | 24x7 | 24x7 | 24x7 | 24x7 |
Availability | — | 99.50% | 99.90% | 99.95% |
Quality of Service | best effort | low | medium | high |
#Support | ||||
Response Time (Sev 1) | n/a | — | 4h | 1h |
eMail Support | n/a | |||
Chat Support | n/a | — | ||
Phone Support | n/a | — | — | |
#Audit | ||||
Audit Log Retention | 1 Week | 1 Month | 7 Months | 13 Months |
#Domain | ||||
Custom Issuer | n/a | n/a | n/a | n/a |
Verification | — | |||
#User Management | ||||
User self registration | ||||
User self service | ||||
Dashboard | ||||
#Access Management | ||||
Role Based (RBAC) | ||||
Delegated Management | ||||
Management roles | ||||
#Identity Brokering | ||||
Consolidation of identities | ||||
#Authentication | ||||
Federation | ||||
Username and Password | ||||
Machine to Machine (JWT Profile) | ||||
Passwordless (FIDO2) | ||||
#Multifactor (MFA) | ||||
One-time password (OTP) | ||||
Universal 2nd Factor (U2F) | ||||
#Authentication and Authorisation Protocols | ||||
OpenID Connect 1.0 (OP) | ||||
OAuth 2.0 (OP) | ||||
#Federation Protocols | ||||
OpenID Connect 1.0 (RP) | ||||
OAuth 2.0 (RP) | ||||
#Token Support | ||||
Opaque Access Token | ||||
JWT Access Token | ||||
JWT ID Token | ||||
#Security | ||||
DDOS Protection | ||||
DNS Protection | ||||
Strict TLS Settings | ||||
DNSSEC | ||||
Web Application Firewall (WAF) | ||||
#Integration | ||||
Authentication API | ||||
Management API | ||||
Assets API | ||||
Administration API | n/a | n/a | n/a | n/a |
Outgoing Webhook Trigger | ||||
#Reporting | ||||
User Activity | — | |||
Project Activity | — | — | ||
Federation Activity | — | — | — | |
#Privatelabeling | ||||
Colors and Logo | — | |||
Custom Message Texts | — | — | ||
Custom Interface Texts | — | — | — | |
ZITADEL Watermark | default (active) | default (active) | default (active) | custom |
Custom registration fields | — | — | — | |
User metadata | — | — | — | |
#Custom Policies | ||||
Login with Username and Password allowed | default (active) | default (active) | custom | custom |
Self Registration allowed | default (active) | default (active) | custom | custom |
Identity Provider allowed | default (active) | custom | custom | custom |
Custom Identity Providers | — | |||
Password complexity | default (active) | custom | custom | custom |
Multifactor (MFA) | default (active) | default (active) | custom | custom |
Passwordless | default (active) | default (active) | default (active) | custom |
User lockout | default (inactive) | default (inactive) | default (inactive) | custom |
#High availability configuration | ||||
Multi-Zone HA | ||||
Geographic HA | ||||
Multi-Provider HA | ||||
#Update and backup schedule | ||||
Update flexibility | n/a | n/a | n/a | n/a |
Backup flexibility | n/a | n/a | n/a | n/a |
#Upcoming features | ||||
SAML 2.0 Service Provider | — | — | — | |
SAML 2.0 Identity Provider | — | — | — | |
Custom SMTP Server | — | — | — | |
LDAP / AD IDP Support | — | — | — | — |
LDAP Server Support | — | — | — | — |
SMS-TAN with our Provider | — | — | ||
SMS-TAN with own Provider | — | — | ||
SCIM 2.0 Client | — | — | ||
SCIM 2.0 Server | — | — | ||
Event Archive Export | — | — | ||
FIDO2 Attestation Support | — | — |
Please refer to our Terms of Service and the Service descriptions in our documentation for further details.
Cells marked with 'n/a' mean that this feature, service, or guarantee is not applicable for this subscription plan. Some features can be customized in the Console, such features are indicated with 'custom' but may be locked to default settings ('default (active)') for certain subscription plans. Some features are already planned on our roadmap and scheduled for release soon. Other features are envisaged for the future, but not yet on our roadmap. We invite you to participate in the discussion or upvote the idea to show us that you might be interested in this feature or addition to ZITADEL.
Commercial Support Services
We understand that some customers require only technical support for self-hosted instances. We offer customized support services for customers. Moreover, we offer scalable support services for resellers of ZITADEL. We kindly ask you to get in touch with us to discuss your requirements.
Feature Development Requests
Shaping of the roadmap and prioritization of features is done by CAOS. Customers are welcome to give feedback to the prioritization and contribute to the Open Source version to accelerate development of required features.
When customers can’t contribute to the Open Source version of ZITADEL, but want to accelerate development, CAOS may develop the feature on request, under the following conditions:
- All IP of the features remains with CAOS and may be published under an Open Source license
- Customer pays 50% of development costs for prioritization of a feature that is already on the roadmap
- Customer pays 100% of development costs for features not on the roadmap, or when a defined deadline for the general availability of the feature must be met
- Terms of an engineering request apply with prior written agreement on the effort and timeline