Skip to main content

Authentication and Authorization

Introduction

edge leverages ZITADEL for robust and scalable authentication and authorization. ZITADEL is a cloud-native identity and access management solution that offers a wide range of features designed to secure your applications and services efficiently. Below, highlight the most essential features of ZITADEL.

Key Features of ZITADEL

Multi-Factor Authentication (MFA)

ZITADEL supports multiple methods of multi-factor authentication, enhancing the security of your applications by requiring two or more verification methods. This includes TOTP, WebAuthn, and SMS verification, providing flexibility in securing user accounts.

Single Sign-On (SSO)

With Single Sign-On capabilities, ZITADEL allows users to access multiple services and applications with one set of credentials, streamlining the authentication process across your ecosystem.

OAuth 2.0 and OpenID Connect

ZITADEL implements the OAuth 2.0 framework and OpenID Connect protocol, enabling secure delegated access to your applications. This ensures that user identities can be safely authenticated and authorized across different platforms.

Self-Service Management

Users have the ability to manage their profiles, credentials, and MFA settings, offering a degree of autonomy and reducing the burden on system administrators.

Organization and Project Management

ZITADEL provides tools to manage users, roles, and permissions at both the organization and project levels, facilitating granular access control tailored to your specific needs.

Privacy and Compliance

Built with privacy and compliance in mind, ZITADEL adheres to stringent data protection regulations, ensuring that your application's authentication and authorization processes comply with legal standards.

For more detailed scenarios and advanced configurations, refer to the ZITADEL Documentation.

Postgres Row-Level Security (RLS)

To complement the authentication and authorization provided by ZITADEL, we use Postgres Row-Level Security (RLS) for fine-grained access control at the database level. RLS enables you to define policies that control access to rows in a table based on the user's identity or membership in a particular role.

Key Points:

  • Fine-Grained Access Control: Define policies that restrict read and write access to rows in a table based on user roles or attributes.
  • Enhanced Security: Minimize the risk of data leaks by ensuring that users can only access data that they are explicitly authorized to view or modify.
  • Flexible Policy Definition: RLS policies can be tailored to a wide range of use cases, from multi-tenant applications to sensitive data protection.

For a deeper understanding of Postgres RLS and how to implement it in your projects, visit the PostgreSQL Row-Level Security Documentation.

By integrating ZITADEL's robust authentication and authorization mechanisms with Postgres Row-Level Security, we provide a comprehensive security framework for your applications. This setup ensures that your application's data and user information are protected across both the application and database layers.