2025 Ranking
Authorization depth.
How far each vendor reaches beyond authentication into authorization, RBAC, ABAC, ReBAC, FGA engines, API-level authorization, and fine-grained permissions.
| # | Vendor | Score | / 100 |
|---|---|---|---|
| 01 | Authress | 6.0 / 6 | 100 |
| 02 | Casdoor | 6.0 / 6 | 100 |
| 03 | Ory | 6.0 / 6 | 100 |
| 04 | Ping Identity | 5.5 / 6 | 92 |
| 05 | WorkOS | 5.5 / 6 | 92 |
| 06 | Descope | 5.0 / 6 | 83 |
| 07 | Auth0 | 4.5 / 6 | 75 |
| 08 | Authentik | 4.0 / 6 | 67 |
| 09 | Curity | 4.0 / 6 | 67 |
| 10 | CyberArk Identity | 4.0 / 6 | 67 |
| 11 | ForgeRock | 4.0 / 6 | 67 |
| 12 | Frontegg | 4.0 / 6 | 67 |
| 13 | IBM Verify | 4.0 / 6 | 67 |
| 14 | Keycloak | 4.0 / 6 | 67 |
| 15 | miniOrange | 4.0 / 6 | 67 |
| 16 | Oracle IAM Identity Domains | 4.0 / 6 | 67 |
| 17 | Strivacity | 4.0 / 6 | 67 |
| 18 | Transmit Security | 4.0 / 6 | 67 |
| 19 | WSO2 Identity Server | 4.0 / 6 | 67 |
| 20 | FusionAuth | 3.5 / 6 | 58 |
| 21 | Logto | 3.5 / 6 | 58 |
| 22 | Microsoft Entra External ID | 3.5 / 6 | 58 |
| 23 | MojoAuth | 3.5 / 6 | 58 |
| 24 | SAP Customer Data Cloud | 3.5 / 6 | 58 |
| 25 | SSOJet | 3.5 / 6 | 58 |
| 26 | SuperTokens | 3.5 / 6 | 58 |
| 27 | Zitadel | 3.5 / 6 | 58 |
| 28 | Akamai Identity Cloud | 3.0 / 6 | 50 |
| 29 | Amazon Cognito | 3.0 / 6 | 50 |
| 30 | Beyond Identity | 3.0 / 6 | 50 |
| 31 | Kinde | 3.0 / 6 | 50 |
| 32 | PropelAuth | 3.0 / 6 | 50 |
| 33 | Stytch | 3.0 / 6 | 50 |
| 34 | Wristband | 3.0 / 6 | 50 |
| 35 | Authelia | 2.5 / 6 | 42 |
| 36 | BetterAuth | 2.5 / 6 | 42 |
| 37 | Clerk | 2.5 / 6 | 42 |
| 38 | Scalekit | 2.5 / 6 | 42 |
| 39 | SlashID | 2.5 / 6 | 42 |
| 40 | Stack Auth | 2.5 / 6 | 42 |
| 41 | Supabase Auth | 2.5 / 6 | 42 |
| 42 | Tesseral | 2.5 / 6 | 42 |
| 43 | Firebase Authentication | 2.0 / 6 | 33 |
| 44 | Rownd | 2.0 / 6 | 33 |
| 45 | Hanko | 1.5 / 6 | 25 |
| 46 | Authsignal | 0.5 / 6 | 8 |
| 47 | Corbado | 0.5 / 6 | 8 |
| 48 | LoginRadius | 0.5 / 6 | 8 |