Curity Identity Server

Curity Identity Server is a self-hosted identity and access management platform designed for secure, standards-based authentication and authorization. It implements OAuth 2.0 and OpenID Connect, offers advanced authentication (MFA, WebAuthn, passkeys), and supports modern API security profiles such as FAPI, mTLS, PAR, and DPoP. It is widely used by organizations that need developer-friendly, API-centric identity infrastructure.

Key Capabilities

  • Open standards foundation: Implements OAuth 2.0 and OpenID Connect flows (authorization code, hybrid, device, and client credentials) with first-class conformance to IETF and OpenID Foundation specifications.

  • Advanced authentication: Provides built-in support for MFA, adaptive policies, and WebAuthn passkeys, along with pluggable authenticators and step-up flows.

  • Financial-grade security: Supports advanced profiles such as FAPI, mutual TLS (RFC 8705), Pushed Authorization Requests (RFC 9126), and DPoP (RFC 9449) for high-assurance use cases.

  • Extensible and programmable: Features a RESTCONF Admin API, scripting interfaces, and “as-code” configuration for automation and CI/CD.

Limitations

  • Self-managed infrastructure: Requires organizations to operate and secure the platform (upgrades, backups, scaling, HSM integration) rather than using a managed SaaS.

  • Focused scope: Designed for OAuth/OIDC-based authorization; provisioning, governance, and analytics typically rely on external IGA or monitoring tools.

  • SAML IdP maturity: SAML IdP support exists but remains secondary to OAuth/OIDC; evaluate protocol requirements before large-scale federation.

Customer Identity, Simplified.

No Complexity. No Limits.
Thousands of businesses trust LoginRadius for reliable customer identity. Easy to integrate, effortless to scale.

See how simple identity management can be. Start today!
Free Trial
Contact Sales