Use Cases.

ZITADEL offers support for different use cases. Whether for development purposes, internal employee authorisations, or authentication options for customers — our IAM can support you optimally in every scenario.

Multitenancy support for B2B

ZITADEL has a strong focus on supporting SaaS providers with a multitenancy use case. This is achieved by having multiple organisations within your ZITADEL instance, where all the customers are able to self manage their own users and roles.

b2b light

When do you need multi-tenancy:

  • You sell your application to other businesses (B2B)
  • Your customers have different needs on the login flow
    • Branding
    • Federation (Azure AD, Google Workspace, etc)
    • Password Policy
    • Multi Factors
    • etc.
  • Your customers want to self manage their users and roles
  • The users/employees of your customers should be able to login or register
  • Not all customers have the same feature set within your application

How does it work:

Create an organisation for each of your customers. Give each customer access to their own organisation by adding an organisation manager and let them manage their users themselves. Your customers can configure their login look and feel (branding, authorization methods, federation) or you do it for them. Next step is to grant your customers your project with a subset of roles so they can self manage all the authorizations for their own users.

Find an example use case in our documentation.

Easy integration

Authenticate all your users with a central login widget provided by ZITADEL.

JD
JD

APP 1

JD

APP 2

zitadel logo dark

Welcome back

JD

john@yourorg.ch

When Florian is trying to login onto his application, he gets redirected to ZITADEL as central authentication server. ZITADEL handles the secure authentication, based on your login-policy and with a personalized custom login box, and redirects him back to your application.

Benefits:

  • Use an out of the box, customizable login frontend
  • Unified login experience across all applications
  • Use same domain and look as your website

Self Service

Set up a project with roles that should exist within your service and allow another organization to allocate the roles to users within their own organization. Also, allow users to self-register to your service and self-manage their profile information and authentication methods.

user delegation self service dark

The illustration above shows a ZITADEL organization, where Apps with roles could be delegated to another organization using their own set of users and corresponding authorizations.

Benefits:

  • You don’t need to build the multi-tenant user management
  • Let tenants self-assign access to their users
  • Users can self-manage their authentication methods

Existing Identities

When your clients sign-up to your application, they are probably expecting to re-use their existing social or company identities to login. With the Login Policy you can define which Identity Providers are allowed for your organization.

identity brokering without zitadel dark

Benefits:

  • Increase customer experience of registration
  • Lower barrier of user self-registration
  • Integrate your application with only one identity provider

Secure authentication

ZITADEL is made for you as a software-as-a-service provider. You want to provide your customers, business patterns or employees a secure and easy way to login to your services, whether you are a software engineering company or an enterprise.

secure authentication on mobile with security key

Provide a secure login experience

Authenticate all your users with a central login widget provided by ZITADEL.

When a user is trying to login with your service, she gets redirected to ZITADEL als central authentication server. ZITADEL handles the secure authentication, based on your login-policy and with a personalized custom login box, and redirects the user back to your application.

Benefits:

  • Use an out of the box, customizable login frontend
  • Unified login experience across all applications
  • Use same domain and look as your website
  • Works for any human-centric login on Web and Mobile applications