This documentation is for WSO2 Identity Server 5.1.0 . View documentation for the latest release.
Skip to end of metadata
Go to start of metadata



System and User Identity Management
  • Easy integration with enterprise LDAP, Microsoft Active Directory, or any JDBC database
  • Comprehensive UIs to configure more than one user stores in a multi tenanted manner.
  • Extensible identity management including password polices, account locking, self sign-up, account recovery, account confirmation etc for external applications over APIs
  • One Time Password support
  • Multifactor authentication
  • Single Sign-On (SSO) via OpenID, SAML2 and Kerberos KDC
  • SSO bridging between on-premises systems and Cloud apps
  • Provisioning via SCIM instead of legacy SPML
  • Implement REST security with OAuth 2.0* and XACML
  • Delegation via OAuth 1.0a, OAuth 2.0*, and WS-Trust.
  • Federation via OpenID, SAML2, and WS-Trust STS
  • OpenID Connect 1.0 on top of OAuth 2.0 to get user authentication events and user claims to the external applications.
  • Integration with Microsoft SharePoint with Passive STS support
  • Flexible profile management for users supporting multiple profiles per user
  • Auditing via XDAS
  • Credential mapping across different protocols
  • XKMS for key storage and distribution
Entitlement Management
  • Role-based access control (RBAC)
  • Attribute-based or claim-based access control via XACML, WS-Trust, OpenID, OpenID Connect and claim management
  • Fine-grained policy-based access control via XACML
  • Advanced entitlement auditing and management
  • Entitlement management for any REST or SOAP calls
XACML 2.0/3.0 Support
  • User-friendly interface for policy editing
  • Multiple Policy Information Point (PIP) support
  • 'TryIt' tool for exploring policy impact
  • Policy distribution to various Policy Decision Points (PDPs)
  • Policy decision and attribute caching
  • High-performance network protocol (over Thrift) for PEP/PDP interaction
  • Notifications for policy updates
Lightweight, Developer-Friendly, and Easy to Deploy
  • Complete SOAP API for integrating/embedding into any application or system
  • Pluggable workflows for privileged operations
  • Extensibility for pluggable authenticators, alternative user stores, XACML/SAML extension points, and more
  • Clustering for high-availability deployment
  • Choice of deployment to on-premises servers or to private or public Cloud (WSO2 StratosLive Identity-as-a-Service) without configuration changes
  • Integrated with WSO2 Enterprise Service Bus for authorization and all WSO2 Carbon products for authentication
Management and Monitoring
  • Comprehensive management and monitoring Web console with enterprise-level security and SAML2 SSO
  • Built-in collection and monitoring of standard access and performance statistics
  • JMX MBeans for monitoring and management of key metrics
  • Integrates with WSO2 Business Activity Monitor for operational audit and KPI monitoring and management
  • Flexible logging support with integration to enterprise logging systems
  • Centralized configuration management across different deployment environments with lifecycle management and versioning through integration with WSO2 Governance Registry

Open Source Components of WSO2 Identity Server

  • WSO2 Carbon
  • Apache Axis2 (SOAP)
  • Apache Axiom (High performance XML Object Model)
  • Apache Rampart/Apache WSS4J (WS-Security, WS-SecureConversation)
  • Apache Rahas (WS-Trust)
  • WS-Addressing implementation in Axis2
  • Apache Neethi (WS-Policy)
  • WS-SecurityPolicy implementation in Axis2
  • Apache XML Schema
  • OpenID4Java
  • SunXACML
  • OpenSAML2
  • Apache Directory Server
  • Apache Oltu
  • No labels