Curity IAM Provider
Proprietary enterprise CIAM and API security platform from Sweden. FAPI-certified, OpenID Foundation compliant, SOC 2 Type 2 and ISO 27001 certified. Unique strength in financial-grade API security, phantom tokens, and AI agent identity (Access Intelligence). Community Edition available; full feature set requires paid tier.
Features
- AWSAzureGCP
If you want to compare IAM features of different providers, please check out the (C)IAM Identity Providers benchmark.
Looking for Curity’s OpenID Connect protocol compatibility? View Curity on the OpenID Connect Providers benchmark.
Frequently Asked Questions
Does Curity support Username and Password authentication method?
Curity supports Username and Password authentication method. Read more
Does Curity support Social Sign-in authentication method?
Curity supports Social Sign-in authentication method. Built-in authenticators for Facebook, Google, Twitter/X, Sign in with Apple, and any generic OIDC or SAML 2.0 identity provider. Read more
Does Curity support Passkey authentication method?
Curity supports Passkey authentication method. WebAuthn passkeys supported as a first or second factor via the dedicated WebAuthn/Passkey authenticator. Read more
Does Curity support Email Passwordless authentication method?
Curity supports Email Passwordless authentication method. Email OTP and email back-channel authenticators enable passwordless email-based login. Read more
Does Curity support Phone Passwordless authentication method?
Curity supports Phone Passwordless authentication method. SMS OTP authenticator enables passwordless phone-based login. Read more
Does Curity support Magic Link authentication method?
Curity partially supports Magic Link authentication method. Email back-channel authenticator can be configured to deliver one-time login links. No dedicated magic-link authenticator out of the box. Read more
Does Curity support Anonymous / Guest authentication method?
Curity does not support Anonymous / Guest authentication method. Curity requires user identity for authentication. Anonymous or guest sessions are not a built-in feature.
Does Curity support Time-based One-Time Password (TOTP) MFA?
Curity supports Time-based One-Time Password (TOTP) MFA. Read more
Does Curity support Universal 2nd Factor (U2F) MFA?
Curity supports Universal 2nd Factor (U2F) MFA. FIDO2/WebAuthn security keys support U2F-style authentication. Read more
Does Curity support WebAuthn MFA?
Curity supports WebAuthn MFA. Read more
Does Curity support Email Code MFA?
Curity supports Email Code MFA. Email OTP authenticator usable as second factor in an MFA chain. Read more
Does Curity support Phone Code MFA?
Curity supports Phone Code MFA. SMS OTP authenticator usable as second factor in an MFA chain. Read more
Does Curity support Push Notification MFA?
Curity partially supports Push Notification MFA. Native push notification MFA is not built-in. Cisco Duo integration provides push notifications via the Duo authenticator. Read more
Does Curity support Adaptive / Risk-Based MFA MFA?
Curity supports Adaptive / Risk-Based MFA MFA. Conditional MFA actions support risk-based triggering on any context: time of day, location, device, user attributes, or custom logic. Read more
Does Curity support Cisco Duo MFA?
Curity supports Cisco Duo MFA. Built-in Duo authenticator for Cisco Duo MFA integration. Read more
Does Curity support Step-Up Authentication MFA?
Curity supports Step-Up Authentication MFA. Step-up authentication via conditional MFA actions triggered by scope, ACR, or custom policy. Read more
Does Curity support OpenID Connect (OIDC) integration protocol?
Curity supports OpenID Connect (OIDC) integration protocol. Read more
Does Curity support SAML 2.0 integration protocol?
Curity supports SAML 2.0 integration protocol. SAML 2.0 IdP profile available in the Enterprise tier. Read more
Does Curity support WS-Federation integration protocol?
Curity does not support WS-Federation integration protocol.
Does Curity support Machine-to-Machine (M2M) Authentication integration protocol?
Curity supports Machine-to-Machine (M2M) Authentication integration protocol. OAuth 2.0 client credentials grant natively supported. Read more
Does Curity support OpenID Connect (OIDC) Federation identity federation?
Curity supports OpenID Connect (OIDC) Federation identity federation. Generic OIDC authenticator for federating with any OpenID Connect identity provider. Read more
Does Curity support SAML 2.0 Federation identity federation?
Curity supports SAML 2.0 Federation identity federation. SAML 2.0 authenticator for federating with Entra ID, ADFS, and other SAML identity providers. Read more
Does Curity support Active Directory / LDAP identity federation?
Curity supports Active Directory / LDAP identity federation. LDAP/Active Directory data source for user authentication and attribute lookup. Read more
Does Curity support Azure Active Directory (Entra ID) identity federation?
Curity supports Azure Active Directory (Entra ID) identity federation. Azure AD/Entra ID federation via OIDC or SAML authenticator. PingFederate integration also available. Read more
Does Curity support Bulk User Import user management?
Curity supports Bulk User Import user management. Bulk user import via SCIM 2.0 API. Read more
Does Curity support Bulk User Export user management?
Curity supports Bulk User Export user management. Bulk user export via SCIM 2.0 and GraphQL APIs. Read more
Does Curity support Bulk User Update / Delete user management?
Curity supports Bulk User Update / Delete user management. Bulk update and delete via SCIM 2.0 PATCH and DELETE operations. Read more
Does Curity support Upsert on Import user management?
Curity supports Upsert on Import user management. SCIM 2.0 PATCH supports upsert-style operations. Read more
Does Curity support Legacy Username Import (Non-Allowed Characters) user management?
Curity partially supports Legacy Username Import (Non-Allowed Characters) user management. Username constraints depend on the configured data source (JDBC, LDAP). No universal legacy username normalization built in.
Does Curity support MFA Enrollment Import user management?
Curity partially supports MFA Enrollment Import user management. Credential data can be imported at the data source level. No dedicated bulk MFA enrollment import API is documented.
Does Curity support Inbound SCIM Provisioning user management?
Curity supports Inbound SCIM Provisioning user management. Curity exposes a SCIM 2.0 server for inbound user provisioning from HR systems or identity platforms. Read more
Does Curity support Outbound SCIM Provisioning user management?
Curity supports Outbound SCIM Provisioning user management. Curity can act as a SCIM client to sync users to downstream systems via the SCIM data source. Read more
Does Curity support SCIM Groups Provisioning user management?
Curity supports SCIM Groups Provisioning user management. SCIM 2.0 Groups resource supported alongside Users. Read more
Does Curity support Just-In-Time (JIT) User Provisioning user management?
Curity supports Just-In-Time (JIT) User Provisioning user management. Just-in-time provisioning during first federated login via authentication actions. Read more
Does Curity support Lazy / Trickle Migration from Legacy Database user management?
Curity partially supports Lazy / Trickle Migration from Legacy Database user management. Lazy migration can be achieved via the Dynamic Authenticator or a custom authenticator plugin that proxies credential validation to a legacy system. Read more
Does Curity support Self-Service Profile Management Portal user management?
Curity supports Self-Service Profile Management Portal user management. Self-Service Portal application for user profile, credential, and MFA device management. Read more
Does Curity support User Account Linking user management?
Curity supports User Account Linking user management. Account linking across multiple identity providers supported via authentication profile configuration. Read more
Does Curity support User Blocking / Banning user management?
Curity supports User Blocking / Banning user management. User accounts can be disabled via the SCIM API or GraphQL user management API. Read more
Does Curity support User Metadata user management?
Curity supports User Metadata user management. Custom user attributes stored in the configured data source (JDBC, LDAP, SCIM, DynamoDB, MongoDB). Read more
Does Curity support Application Metadata user management?
Curity supports Application Metadata user management. Custom client attributes managed via the Database Clients GraphQL API. Read more
Does Curity support Metadata Size Limits user management?
Curity partially supports Metadata Size Limits user management. Attribute size limits are determined by the backend data source (database column sizes, LDAP attribute limits). No universal documented limit.
Does Curity support User Search user management?
Curity supports User Search user management. User search via SCIM 2.0 filter queries and GraphQL API. Read more
Does Curity support Role-Based Access Control (RBAC) user management?
Curity supports Role-Based Access Control (RBAC) user management. Role-based access control via OAuth 2.0 scopes and custom claims mapped from user attributes. Read more
Does Curity support Organizations (Multi-Tenancy B2B) user management?
Curity partially supports Organizations (Multi-Tenancy B2B) user management. Multi-tenancy via separate authentication profiles per tenant. No built-in organisation management UI; tenant isolation is infrastructure-level. Read more
Does Curity support Password Strength Policies user management?
Curity supports Password Strength Policies user management. Password policies configurable via the credential manager. Read more
Does Curity support Username Restrictions user management?
Curity supports Username Restrictions user management. Read more
Does Curity support Progressive Profiling / Forms user management?
Curity supports Progressive Profiling / Forms user management. Progressive profiling via authentication actions that conditionally collect additional user attributes during login. Read more
Does Curity support Attribute-Based Access Control (ABAC) access control?
Curity supports Attribute-Based Access Control (ABAC) access control. Attribute-based access control via token procedures and custom claims enrichment. Read more
Does Curity support Fine-Grained Authorization (FGA / ReBAC) access control?
Curity supports Fine-Grained Authorization (FGA / ReBAC) access control. Fine-grained authorization via OAuth 2.0 scopes, Rich Authorization Requests (for VCI), and token procedures. Read more
Does Curity support API Authorization (Scopes / Permissions) access control?
Curity supports API Authorization (Scopes / Permissions) access control. Core use case: token-based API security with phantom tokens, split tokens, and sender-constrained tokens. Read more
Does Curity support Audit Log Retention security feature?
Curity supports Audit Log Retention security feature. Audit logging via Apache Log4j 2 in Syslog RFC 5424 structured data format. Retention is operator-configured. Read more
Does Curity support Audit Log Streaming security feature?
Curity supports Audit Log Streaming security feature. Structured audit logs and OpenTelemetry metrics/tracing export supported in version 10.0+. Read more
Does Curity support Security Center (Threat Monitoring Dashboard) security feature?
Curity does not support Security Center (Threat Monitoring Dashboard) security feature.
Does Curity support Encryption at Rest security feature?
Curity supports Encryption at Rest security feature. Encryption at rest via database-level TDE or filesystem encryption. HSM support available for key material. Read more
Does Curity support Encryption in Transit security feature?
Curity supports Encryption in Transit security feature. TLS enforced for all endpoints. Mutual TLS (mTLS) supported for client authentication. Read more
Does Curity support Customer Managed Keys (BYOK) security feature?
Curity supports Customer Managed Keys (BYOK) security feature. Full key management via self-hosted deployment and HSM integration. Read more
Does Curity support Bot Detection security feature?
Curity partially supports Bot Detection security feature. No built-in CAPTCHA or bot detection. Throttling framework limits request rates from misbehaving clients. Read more
Does Curity support Brute Force Protection security feature?
Curity supports Brute Force Protection security feature. Throttling framework provides configurable brute-force protection at endpoint and credential level. Read more
Does Curity support Suspicious IP Throttling security feature?
Curity supports Suspicious IP Throttling security feature. Throttling framework supports per-IP rate limiting and request rejection. Read more
Does Curity support Tenant Access Control List (IP ACL) security feature?
Curity supports Tenant Access Control List (IP ACL) security feature. IP-based access control configurable at the infrastructure level; profile-level restrictions via Curity configuration. Read more
Does Curity support Device Fingerprinting security feature?
Curity partially supports Device Fingerprinting security feature. Geo-location and context-based MFA triggering is documented. Explicit device fingerprinting is not a built-in feature. Read more
Does Curity support Per-Organization Branding multi-tenancy?
Curity supports Per-Organization Branding multi-tenancy. Full theme customization per application profile, supporting different branding per tenant or application. Read more
Does Curity support Per-Organization MFA Policy multi-tenancy?
Curity supports Per-Organization MFA Policy multi-tenancy. MFA policies and authentication flows configured independently per authentication profile. Read more
Does Curity support Hosted / Universal Login Page branding feature?
Curity supports Hosted / Universal Login Page branding feature. Read more
Does Curity support Embedded / Native Login Components branding feature?
Curity supports Embedded / Native Login Components branding feature. HAAPI (Hypermedia Authentication API) enables native embedded authentication flows without browser redirects in mobile and SPA apps. Read more
Does Curity support White-Label / Full Brand Removal branding feature?
Curity supports White-Label / Full Brand Removal branding feature. Full UI theming and branding customization via the UI Kit and template system. Read more
Does Curity support Localization / i18n branding feature?
Curity supports Localization / i18n branding feature. Multi-language support with localized login pages and email templates. Read more
Does Curity support Prebuilt UI Components (SDK) branding feature?
Curity supports Prebuilt UI Components (SDK) branding feature. Curity UI Kit provides a component library for React and pre-built login and self-service portal templates. Read more
Does Curity support Login / Auth Analytics Dashboard analytics?
Curity partially supports Login / Auth Analytics Dashboard analytics. Structured audit events and OpenTelemetry metrics available. No built-in analytics dashboard; external tools (Grafana, ELK) recommended. Read more
Does Curity support SOC 2 Type II Certification compliance?
Curity supports SOC 2 Type II Certification compliance. Read more
Does Curity support ISO 27001 / 27017 / 27018 Certification compliance?
Curity supports ISO 27001 / 27017 / 27018 Certification compliance. Read more
Does Curity support GDPR: Data Export (Portability) compliance?
Curity supports GDPR: Data Export (Portability) compliance. User data export via SCIM 2.0 and GraphQL APIs. PII data minimization and audit trails built in. Read more
Does Curity support GDPR: Right to be Forgotten (User Deletion) compliance?
Curity supports GDPR: Right to be Forgotten (User Deletion) compliance. User deletion via SCIM DELETE and GraphQL APIs. Audit records support right-to-erasure workflows. Read more
Does Curity support Consent Management compliance?
Curity supports Consent Management compliance. OAuth 2.0 consent delegation audited by the authorization server. Consent can be configured per-flow. Read more
Does Curity support Region Deployment compliance?
Curity supports Region Deployment compliance. Self-hosted deployment in any region. Data residency fully controlled by the operator. Read more
Does Curity support Private Cloud Deployment compliance?
Curity supports Private Cloud Deployment compliance. Supports on-premise, Docker, Kubernetes (AWS EKS, Azure AKS, GCP GKE), and hybrid deployments. Read more
Does Curity support SDK Coverage developer integration?
Curity partially supports SDK Coverage developer integration. Java Plugins SDK is the primary extension framework. iOS, Android, and JavaScript SDKs available for HAAPI and Token Handler patterns. Read more
Does Curity support Management API developer integration?
Curity supports Management API developer integration. RESTCONF API for configuration management, GraphQL APIs for client and user management. Read more
Does Curity support Authentication API Rate Limits developer integration?
Curity supports Authentication API Rate Limits developer integration. Throttling configurable per endpoint, client, and credential to enforce authentication request rate limits. Read more
Does Curity support Actions / Extensibility Pipeline developer integration?
Curity supports Actions / Extensibility Pipeline developer integration. Extensible via Java Plugins SDK: custom authenticators, authentication actions, token procedures, claims providers, event listeners, and data source plugins. Groovy scripting also supported. Read more
Does Curity support TypeScript Support in Extensibility developer integration?
Curity does not support TypeScript Support in Extensibility developer integration. Extensibility is Java-based (SDK plugins) or Groovy scripts. No TypeScript/JavaScript runtime for server-side logic.
Does Curity support Custom Domain developer integration?
Curity supports Custom Domain developer integration. Self-hosted deployment supports any custom domain. Read more
Does Curity support Deploy CLI (Infrastructure as Code) developer integration?
Curity supports Deploy CLI (Infrastructure as Code) developer integration. CLI scripting via RESTCONF API and commit hooks for GitOps workflows and CI/CD automation. Read more
Does Curity support Terraform Provider developer integration?
Curity does not support Terraform Provider developer integration. No official Terraform provider available. Infrastructure management relies on RESTCONF API, CLI scripts, and Helm charts for Kubernetes deployments.
Does Curity support Custom Database Connections developer integration?
Curity supports Custom Database Connections developer integration. Multiple data source types: JDBC (PostgreSQL, MySQL, etc.), LDAP, SCIM, JSON/REST, DynamoDB, MongoDB, and CouchDB. Read more
Does Curity support Native Webhook Support developer integration?
Curity supports Native Webhook Support developer integration. Event listener plugins and server events system support webhook notifications. Webhook alarm handler available for operational alerts. Read more
Does Curity support Universal Login / Hosted Login Page Customization developer integration?
Curity supports Universal Login / Hosted Login Page Customization developer integration. Full HTML/CSS customization via the UI builder, template system, and Curity UI Kit. Read more
Does Curity support Custom Email Provider (SMTP) developer integration?
Curity supports Custom Email Provider (SMTP) developer integration. Custom SMTP server and pluggable email provider via the Java Plugins SDK. Read more
Does Curity support Email Templates developer integration?
Curity supports Email Templates developer integration. Fully customizable email templates for OTP, verification, and notification flows. Read more
Does Curity support Custom OIDC Claims / Token Enrichment developer integration?
Curity supports Custom OIDC Claims / Token Enrichment developer integration. Custom claims via token procedures (Groovy scripts) and claims value provider plugins. Read more
Does Curity support No-Code Auth Flow Builder / Orchestration feature?
Curity does not support No-Code Auth Flow Builder / Orchestration feature. Authentication flows are configured via the admin UI and XML configuration. No visual drag-and-drop flow builder.
Does Curity support Identity Verification / Document Proofing feature?
Curity partially supports Identity Verification / Document Proofing feature. Built-in support for strong national eIDs: Swedish BankID, SITHS (healthcare), and Entrust IDaaS. No general document verification. Read more
Does Curity support Decentralized / Verifiable Credentials feature?
Curity partially supports Decentralized / Verifiable Credentials feature. OpenID Wallet authenticator and verifiable credential issuance support experimental decentralized identity use cases. Read more
Does Curity support Built-in Billing / Subscription Management feature?
Curity does not support Built-in Billing / Subscription Management feature.
Does Curity support Agentic AI / MCP Server Authentication feature?
Curity supports Agentic AI / MCP Server Authentication feature. Access Intelligence and Token Intelligence features provide scoped, auditable tokens for AI agents, automated workflows, and machine-to-machine API access with ephemeral client support. Read more
Note: The current data is based on provider documentation/experience and may not be 100% accurate. Please open an issue if you have spotted any inconsistencies.