Zitadel screenshot thumbnail

Zitadel

Securing a SaaS product, running B2B onboarding, or replacing Auth0 and Keycloak with a stack they own - teams needing more than basic auth reach for ZITADEL, an open-source identity and access management platform built in Go. Its multi-tenancy model is the differentiator: a strict Instance, Organization, Project hierarchy isolates data and scopes policy at each level, with identity brokering (pre-built templates for Google, GitHub, Microsoft, Apple, plus generic OIDC, OAuth, SAML, and LDAP), domain discovery that routes users to the right organization by email domain, and delegated management so customers administer their own users and roles. Authentication covers OpenID Connect (certified, including device authorization and token exchange), SAML 2.0 as both IdP and SP, SCIM, FIDO2 passkeys for phishing-resistant passwordless login, and MFA via OTP, email, SMS, and U2F; machine-to-machine flows support JWT profile, PATs, and client credentials. The architecture is event-sourced - every mutation is an immutable event, yielding a complete audit trail - with relational projections for queries and no external session store, so it scales horizontally. API-first with gRPC and REST, extensible via Actions webhooks, and the same codebase self-hosted (Docker Compose or Helm on PostgreSQL) as in the cloud.

Deploy
Owncloud screenshot thumbnail

Owncloud

The project that proved organizations could have Dropbox-style convenience with complete data ownership: ownCloud is the original open-source file sync and share platform - the codebase Nextcloud later forked from. This deployment runs the classic ownCloud Server (PHP over PostgreSQL or MariaDB, with Redis caching), the battle-tested edition trusted across enterprises, universities, and public institutions worldwide. The core loop: store files on your server, sync them via desktop clients for Windows, macOS, and Linux plus iOS and Android apps, and access everything through the web interface or standard WebDAV. Sharing is granular - internal users and groups, external recipients via public links with passwords and expiration dates, and federated sharing that connects separate ownCloud instances into one network. Security controls include file firewall rules, multi-factor authentication, encryption, and detailed audit-friendly lifecycle management with versioning and trash-bin recovery. An app marketplace extends the platform, and Web Office integrations bring collaborative document editing through Collabora Online, OnlyOffice, or Microsoft Office Online directly into your files. LDAP and Active Directory integration slots it into existing identity infrastructure. For teams that need a proven, self-hosted alternative to Dropbox or Google Drive - where compliance demands knowing exactly which disk your data sits on - ownCloud remains a foundational choice.

Deploy