Are there good alternatives in 2024 to Keycloak + FreeIPA for k8s-native environments?
replies(3):
Would you mind sharing your thoughts on our pricing? We certainly love to improve this. Its not our intent to have a smoke and mirrors pricing ;-)
On the subject of maturity and security. Many known enterprises trust Zitadel for their identity needs, especially the self-hosted version, which can be used for free. I think what makes Zitadel a great package in regard of security is that our community actively provides vulnerability disclosures to the project which we track in public.
Let us know what we can improve to show that we take security and stability serious!
- the step up from free to paid is huge, and already needed if you have 4-5 users that log in every day
- your definition of "daily active user" is a bit tricky, as one user who logs in every day is counted as 31 users. The most common metric I know is monthly active users (users that log in at least once a month)
So, if we would increase the free amount and the included in the pro tier it would a little alleviate this pain?
On the definition, we wanted to use DAU because with this we can have on metric to price consumers, business customers and service accounts. To us it was weird to pay for a MAU when a consumer only logs in once a month. Coming back to my reply above... would a "bigger" number of included DAU solve this?
About the pricing, I haven't made the calculations in your product, but in other products I sometimes miss a middle ground between free and pro like a "hobby" or "mini" tier. maybe I have a small product, an SMB, or a personal thing thing that needs a service, and I don't want to be a "freeloader" on the free plan, but the pro is too much.
There are services I've used that I know I'll stop using once I grow out of the free plan, because it's so expensive.
Another thing would be to mix daily active users and monthly active users. For example in the ratio 1:10 (100 DAUs or 10 MAUs). Just cap the DAU counter for a user at 10 logins per month.
It's really hard to predict how often users are going to log in. So if you have a company with 50 people, you know 50 MAUs are enough. But will 500 DAUs be enough? You just don't know that in advance. The DAUs can also grow a lot even if MAUs stay the same, if your product becomes better and is used more often in the company. Really hard to tell the customer at a later stage that Zitadel is now more expensive, because people log in more often. The DAU/API limit is also an incentive to cache authentication/2FA longer and compromise on security.
Maybe remove a few enterprise features for the cheaper plans like SAML or restrict branding. But please keep passwordless/2FA, for me those features were the main reason to try Zitadel, that's one of the features where Zitadel shines over auth0.