Curity
API-first OAuth/OIDC identity server
Standards-deep, API-first identity for developers — OAuth and OpenID Connect at its core, self-hostable.
At a glance
- Category
- API-first OAuth/OIDC identity server
- Ownership
- Independent (European)
- Founded
- 2015
- Deployment
- Self-hosted · Cloud · Hybrid
- Pricing
- Quote-based; deployment-based licensing
- Experience
- Developer-first
- Segments
- B2B SaaS · Fintech · Public sector
Overview
Curity is a developer-focused identity server built around OAuth 2.0 and OpenID Connect, with strong token services, financial-grade API (FAPI) support, and flexible deployment. It is popular where standards depth and API security matter, and can be self-hosted or run in the cloud.
Best for
Engineering teams that want a standards-deep, API-first identity server with FAPI-grade security and deployment control.
Consider alternatives if
You want prebuilt consumer-login UI and a fully managed, zero-config experience over a standards-first identity server.
Capabilities
- SSO (SAML / OIDC) ✓
- SCIM provisioning ✓
- Multi-factor auth ✓
- Passwordless / passkeys ✓
- Social login —
- Self-hosted option ✓
Capability flags are directional, for shortlisting — verify against current vendor documentation before a decision.
Strengths
- Deep OAuth/OIDC and FAPI standards support
- API-first, developer-oriented design
- Self-hosted, cloud, and hybrid deployment
- Strong fit for financial-grade API security
Considerations
- Standards-first approach assumes engineering maturity
- Less prebuilt consumer UI than drop-in platforms
- Smaller ecosystem than the largest clouds
Related reading
This profile is editorial and independent. Curity's directory listing is free — no placement here is paid, and sponsorship never buys a better verdict. Our neutrality charter.
← All vendors