ZITADEL is an open-source identity and access management platform written in Go. It provides a full OpenID Connect and OAuth 2.0 provider, SAML 2.0, user management, multi-tenant organizations, RBAC, and a self-service account console, positioning itself as an alternative to Keycloak, Auth0, and Okta.
Internally, ZITADEL is built on event sourcing: every change to a user, project, application, or grant is an immutable event in an event store, and the query side is projected into Postgres (previously CockroachDB) tables. That gives it a full audit log for free and makes horizontal scaling of the read path straightforward. It supports the features you would expect from a modern IdP, including passkeys and WebAuthn, OTP, push notifications, passwordless login, SCIM-like user provisioning, custom actions (JavaScript hooks that run during flows), and branding per organization.
ZITADEL is available as a managed cloud, self-hosted binary, or Helm chart. It is a common pick for teams that want a self-hostable Auth0 replacement without running the older Keycloak stack.