New WSO2 identity server release provides a hassle-free configuration model and RESTful APIs for self-service IAM

The leader in open source IAM, WSO2 Identity Server adds RESTful APIs, new adaptive authentication options, cross-protocol single logout, multi-domain federation support for Microsoft Azure AD and Office 365, and built-in support for managing active user sessions

 Digitally driven businesses face unprecedented complexity in protecting not only their own data and privacy but that of globally distributed customers, partners and employees using a variety of personal computing and mobile devices. WSO2 offers several new capabilities to help enterprises address these demands with the latest release of WSO2 Identity Server for identity and access management (IAM). Using WSO2 Identity Server, IT organisations now have an open source, API-driven, developer friendly solution for modernising application security and delivering an enhanced user experience that encourages adoption.

New and enhanced features in WSO2 Identity Server include:

  • RESTful APIs to enable customer self-service
  • Multi-domain federation support for Microsoft Azure Active Directory (AD) and Microsoft Office 365
  • Single logout (SLO) across multiple applications that use heterogeneous single sign-on (SSO) protocols
  • Built-in support for managing active user sessions
  • Enhanced support for adaptive authentication via reusable script libraries
  • A hassle-free configuration model that saves developers time and minimises user errors

“As enterprises conduct more of their business online, developers need to implement IAM solutions that ensure both secure, easy access for users and simplified management for administrators—often across multiple systems and cloud domains,” said WSO2 Vice President – Security Architecture Prabath Siriwardena. “We are extending our commitment to empowering these developers with the newest version of our open source WSO2 Identity Server.”

Facilitating IAM Management and Ease of Use

WSO2 Identity Server is a uniquely extensible, API-driven, cloud-native IAM product designed for developers that build customer IAM (CIAM) solutions. The product incorporates the functionality to federate, authenticate and manage identities; bridge across heterogeneous identity protocols; and secure access to web and mobile applications along with API-based endpoints. Unlike “open core” products, WSO2 Identity Server includes the core and all extensions and connectors under the commercial-friendly, open source Apache 2.0 license to enable faster innovation and customisation.

Already, businesses and government organisations are using WSO2 Identity Server to manage up to millions of user identities. The latest release, now available, adds several new features that further empower developers to build CIAM implementations that are easier to manage and use.

RESTful APIs for customer self-service make it easier for developers to integrate self-service functions with third-party applications. The ability to view authorised OAuth applications and revoke the consent given to them as needed, manage associated accounts, register devices that use FIDO for authentication, view and revoke login sessions, and manage pending approvals are now exposed through the new RESTful APIs.

Multi-domain federation support for Microsoft Azure AD and Office 365 includes the ability to federate users from multiple Microsoft Azure AD and Microsoft Office 365 domains into a single WSO2 Identity Server tenant instance, simplifying deployment and management.

Cross-protocol single logout complements the existing SSO capabilities of WSO2 Identity Server. Now developers can create a seamless experience for end users when they sign-on or logout—even with applications that communicate via heterogenous  SSO protocols, such as OpenID Connect (OIDC) and the Security Assertion Markup Language (SAML).

Built-in support for managing active user sessions is now available via an API. This helps users protect their own sessions by enabling them to retrieve and delete all active sessions, as well as selectively kill any suspected sessions. Administrators also can view and terminate the sessions of any given end user.

Enhanced support for adaptive authentication is provided through the ability to create reusable script libraries. Now developers can import the authentication flows that they have written in JavaScript into a function library, so they can be reused in authentication scripts.

The hassle-free configuration model saves developers time, minimises user errors, and improves compatibility with various configuration automation tools and cloud-native environments. Because the object model is decoupled from the file format, WSO2 Identity Server can support a range of configuration file formats provided by Tom’s Own Minimal Language (TOML) and YAML Ain’t Markup Language (YAML), among others.

 Availability and Support

WSO2 Identity Server 5.9 is now available. As a fully open source solution released under the Apache License 2.0, it does not carry any licensing fees. WSO2 Identity Server is backed by WSO2 Subscription, which features access to WSO2 Update for continuous delivery of bug fixes, security updates, and performance enhancements, along with WSO2 Support for 24×7 support. Unified pricing means customers can simply buy a WSO2 Subscription and choose the hosting model—cloud, on-premises or hybrid—based on their preferences. Information on WSO2 Subscription and other service and support offerings can be found at