Companies competing in Authorization and identity management
| company | description | stage |
|---|---|---|
| Authentik Security | User identity management platform. | private (seed) |
| AuthZed | Authorization infrastructure. | private (series A) |
| Clerk | User management platform. | private (series B) |
| Descope | Authentication management. | private (seed) |
| FusionAuth | Authentication and authorization service. | private (series A) |
| Ory | User authentication infrastructure-as-a-service. | private (series A) |
| Oso | Distributed authorization service. | private (series A) |
| Permit.io | Authorization-as-a-service. | private (series A) |
| Persona | Identity management and verification. | private (series C) |
| Stytch | Authentication API. | private (series B) |
| SuperTokens | Open source user authentication. | private (pre-seed) |
| Userfront | Authorization and identity for SaaS. | private (seed) |
| WorkOS | Enterprise features as a service. | private (series B) |
What are authorization and identity management?
Authorization and identity management are processes that help manage access to resources and services within an organization.
Authorization refers to the process of granting or denying access to a resource or service based on a user's identity, role, or privileges. It involves determining whether a user has the necessary permissions to perform a specific action, such as reading, writing, or deleting data, or accessing a particular system or application. Authorization can be implemented using various methods, such as access control lists (ACLs), roles-based access control (RBAC), or attribute-based access control (ABAC).
Identity management, on the other hand, refers to the process of managing user identities and their associated attributes, such as usernames, passwords, email addresses, and security credentials. It involves creating, updating, and deleting user accounts, as well as tracking user activity and managing access to resources across different systems and applications. Identity management systems can also provide features such as single sign-on (SSO), multi-factor authentication (MFA), and identity federation, which enable users to access multiple resources with a single set of credentials.
Together, authorization and identity management help ensure that the right users have access to the right resources at the right time, while preventing unauthorized access and protecting sensitive data. They are critical components of an organization's security posture and are often used in conjunction with other security measures, such as encryption and firewalls.
Some common authorization and identity management protocols and technologies include:
- OAuth: An authorization framework that allows users to grant third-party applications limited access to their resources without sharing their login credentials.
- OpenID Connect (OIDC): An extension of the OAuth protocol that provides authentication capabilities, enabling users to securely share their identity information with third-party applications.
- Lightweight Directory Access Protocol (LDAP): A protocol used to access and manage directory information in a network, often used for authentication and authorization purposes.
- Kerberos: A widely used authentication protocol that uses a ticket-based system to authenticate users and provide access to resources.
- Security Assertion Markup Language (SAML): An XML-based standard used for exchanging authentication and authorization data between different systems, such as identity providers and service providers.