Identity, examined.
A vendor-neutral reference for the whole field: protocol deep dives, vendor analysis, global identity regulations, national eID schemes, and the best learning resources on the web. Sourced, dated, and free, for the people who build and study identity.
Built for people who build and study identity.
Independent and free. The protocols, the laws, the national eIDs, and the best learning material on the web, organized so you can actually learn from it.
Data-protection and identity regulations, each mapped to how it impacts authentication, consent, governance, verification, and data residency.
Explore →National digital identity schemes from Aadhaar to Login.gov, with the standards they use, how people authenticate, and honest privacy notes.
Explore →OAuth, OpenID Connect, SAML, WebAuthn, FAPI, SCIM, and verifiable credentials, explained for the engineers who implement them.
Explore →The best identity material on the internet: RFCs, NIST and OWASP guidance, academic research, industry reports, books, courses, talks, and podcasts.
Explore →Sourced identity-security statistics and a live standards tracker, every figure attributed, for analysts and researchers.
Explore →Working, code-forward guides: add login, validate a JWT, protect an API, set up SCIM provisioning, and add passkeys.
Explore →A world where every identity and security professional, in every country, has free and independent access to the knowledge to master IAM, and where the field's best practices are shaped openly by its practitioners, not its vendors.
We are a non-profit, vendor-neutral community. We curate trustworthy IAM knowledge, news, and jobs; connect practitioners across backgrounds and borders; and give the next generation of identity professionals a place to contribute, be credited, and grow, all in the open and free of commercial influence.
No sponsorship and no pay-for-placement. Opinions are clearly opinions; facts are sourced.
Every claim, score, and statistic carries a citation and a date you can check.
Free for everyone, written for a global audience, and welcoming AI and search engines that learn from it.
Every segment of identity, and the top tools in each.
The whole industry, mapped into six pillars, from workforce IAM and CIAM to PAM, machine identity, authorization, and what comes next.
Workforce Identity
Identity for employees, contractors, and internal systems.
- 18Workforce IAMTop: Microsoft Entra ID
- 18MFATop: Yubico
- soonPasswordless & Passkeys
- soonDirectory Services
- 21Password ManagementTop: Bitwarden
Customer Identity (CIAM)
Login, onboarding, and trust for the people who use your product.
- 28CIAM PlatformsTop: Auth0
- 44Identity Verification (IDV/KYC)Top: Persona
- soonConsent & Preference (CMP)
Privileged & Governance
Control, certify, and right-size who can do what.
Machine, Workload & Secrets
Identity for services, workloads, and the secrets they use.
Access, Authorization & Network
Decide and enforce access at the app and network edge.
- 9Authorization (FGA/ReBAC)Top: AuthZed
- 6Zero Trust Network AccessTop: Cloudflare Zero Trust
- soonIdentity Orchestration / Fabric
Emerging & Foundational
Where the industry is heading, and what it's built on.
The data behind the decisions.
IAM User Experience Design Principles: Building Frictionless, Accessible Identity Systems
Design principles for creating identity and access management systems that users actually want to use, covering frictionless authentication, progressive profiling, self-service identity management, and accessibility.
- ArticleJul 1, 2026IAM Compliance Guide: Navigating GDPR, CCPA, and Global Privacy Regulations
How privacy regulations like GDPR and CCPA impact identity and access management programs, covering consent management, data subject rights, cross-border identity flows, and building privacy-compliant IAM architectures.
- GuideJun 24, 2026How to Get an IAM Job: Skills, Resume, and a Portfolio That Lands Interviews
- GuideJun 24, 2026IAM Salary Guide 2026: Identity Engineer, Architect, and Leadership Pay
- GuideJun 24, 2026Remote IAM Jobs: How to Find and Land Them in 2026
- ArticleJun 23, 2026Top Identity Platforms for Consent Management and Privacy by Design in 2026
Consent management and privacy by design are now baseline requirements for customer identity. Here are the platforms that handle consent, preferences, and global privacy compliance, from CIAM suites to dedicated privacy tools.
- GuideJun 23, 2026What Is IDaaS (Identity-as-a-Service)?
- GuideJun 23, 2026What Is an Identity Fabric?
- GuideJun 23, 2026Multi-Cloud IAM Strategy Guide: Unified Identity Across AWS, Azure, and GCP
Vendors we'd actually recommend.
Scored against a published capability matrix and re-evaluated on a published cadence.
Microsoft Entra ID
4.7/ 5Best for: Microsoft 365 and Azure-centric organizations
Read the profile →Okta
4.7/ 5Best for: Workforce SSO and lifecycle for mid-to-large enterprises
Read the profile →HashiCorp Vault
4.7/ 5Best for: Secrets management with dynamic, short-lived credentials for cloud infrastructure
Read the profile →Identity is a community of practice.
Behind every identity system are the people who designed it, shipped it, broke it, and rebuilt it better. We document their work, and connect you to where the conversations are happening.
New resources, analysis, and updates.
Resources, analysis, and identity news.
Weekly practitioner discussion.
When something material ships.
Channels by category.
r/StartWithIdentity
Occasional. Useful.
We send when something material ships: an annual report, a major vendor profile, a fresh interview. Maybe twice a month at peak. Often less.
SubscribeAuthored by people who've actually shipped identity at scale.
Every evaluation carries a date, an author, and a confidence level.
The capability matrix is open. You can see what we scored and how.
Anything that could shape a view is disclosed on the page.