The CIAM buyer's guide

A repeatable process for choosing a CIAM platform without getting steered by whoever has the best sales team. The full guide with the RFP template and a scoring sheet is available by email; the method is below.

Step 1: define the job, not the features

Decide which problem you are buying for before you look at a single vendor. Consumer scale, B2B SaaS, or regulated fintech each change the shortlist. Start with CIAM vs IAM and the segment guides (B2B SaaS, fintech).

Step 2: separate must-haves from nice-to-haves

Write the requirements as a list you can score. Typical must-haves: MFA and adaptive policy, SSO for enterprise deals, SCIM for lifecycle, consent and privacy controls, and passkeys. Mark which are deal-blockers.

Step 3: model cost at projected scale

Do not compare advertised MAU rates. Project users at 12 and 24 months, find which tier each must-have feature requires, and get the all-in number including SMS, support, and residency. The pricing guide has the full checklist.

Step 4: run a real trial

Test the hard parts, not the demo path: account recovery for passkey-only users, multi-tenant SSO with two providers, SCIM deprovisioning, and a deletion request end to end. Vendors demo the easy 80 percent; the 20 percent is where platforms differ.

Step 5: score and decide

Score each vendor against the weighted requirement list, then weigh migration cost off the platform as part of the total. The vendor with the best demo is not always the best fit.

Get the template

The downloadable RFP template and scoring sheet save a week of setup. See the CIAM RFP template, or start with the vendor matcher for a shortlist scoped to your segment.