Companies competing in Authorization and identity management
| company | description | stage |
|---|---|---|
| Authentik Security | User identity management platform. | private (seed) |
| AuthZed | Authorization infrastructure. | private (series A) |
| Clerk | User management platform. | private (series B) |
| Descope | Authentication management. | private (seed) |
| FusionAuth | Authentication and authorization service. | private (series A) |
| Ory | User authentication infrastructure-as-a-service. | private (series A) |
| Oso | Distributed authorization service. | private (series A) |
| Permit.io | Authorization-as-a-service. | private (series A) |
| Persona | Identity management and verification. | private (series C) |
| PropelAuth | Authentication infrastructure-as-a-service. | private (seed) |
| Stytch | Authentication API. | private (series B) |
| SuperTokens | Open source user authentication. | private (pre-seed) |
| Userfront | Authorization and identity for SaaS. | private (seed) |
| WorkOS | Enterprise features as a service. | private (series B) |
Authorization and identity management manage access to resources and services within an organization.
Authorization refers to the process of granting or denying access to a resource or service based on a user's identity, role, or privileges. It involves determining whether a user has the necessary permissions to perform a specific action, such as reading, writing, or deleting data, or accessing a particular system or application. Authorization can be implemented using various methods, such as access control lists (ACLs), roles-based access control (RBAC), or attribute-based access control (ABAC).
Identity management is about managing user identities and their associated attributes, such as usernames, passwords, email addresses, and security credentials. Authorization and identity management help ensure that the right users have access to the right resources at the right time, while preventing unauthorized access and protecting sensitive data.