Try WSO2 Cloud for Free
Sign in

All docs This doc

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.

WSO2 Identity Cloud is an enterprise-ready service that enables you to set up your applications for single sign-on and connect them to your LDAP user store. The Identity Cloud is based on the WSO2 Identity Server, WSO2's complete, on-premise solution for managing identity and access. 

WSO2 Identity Cloud provides extensible support to easily configure single sign-on for enterprise and popular SaaS applications for the users in an organization's internal user store (LDAP). The organization's local LDAP can be configured as an on-premise user store and access is provided to the Identity Cloud without sharing LDAP credentials with the Identity Cloud.  

Identity Cloud provides two separate login portals with separate URLs for each portal. These portals are used by two different types of users.


As an enterprise's applications, services, and API adoptions grow, managing identities (such as employees, vendors, partners, and customers) across internal, shared, and SaaS services becomes a significant challenge. WSO2 Identity Cloud can overcome this challenge by provide options to solve various identity problems that you often encounter. 

About identity in the connected world

In the connected world that we live in today, modern enterprises have to offer their numerous customers remote access to sizable amounts of sensitive and confidential information, while maintaining access control and stringent information security at all times. Additionally, all of this has to take place at the bat of an eyelid.
A typical connected business today relies on users who are constantly on the move and using various applications and devices. These users now have their own devices for ease of access and prefer to sign in just once. Basically, the connected business caters to people who want to use their Facebook, Google, or LinkedIn credentials to access other information using their own devices. Here’s the catch: an individual’s identity needs to be validated across these applications, and this needs to take place in a manner that ensures security, speed of access, and ease of use

Identity management

Identity management is used to directly influence the security and productivity of an organization. This can enforce consistency in security policies across the organization. Identity management is particularly advantageous to comply with rules and regulations enforced in some critical domains by governments. This can also be a means to provide access to resources to outside parties without compromising security. Controlling access to resources increases organizational security. A system that uses a proper identity management is easier to audit. Additionally, there are automated password reset capabilities.
An identity management provider would typically have the following.

  • User stores and directories
  • Authentication of users
  • Authorization of users
  • Single sign-on
  • Provisioning
  • Access delegation
  • Password reset
  • Account locking

WSO2 Identity Cloud and the solution it provides

WSO2 Identity Cloud provides secure identity management for enterprise web applications, services, and APIs by managing identity and entitlements of the users securely and efficiently. Identity Cloud enables enterprise architects and developers to reduce identity provisioning time, guarantees secure online interactions, and delivers a reduced single sign-on environment. 
WSO2 Identity Cloud allows you to create, maintain, and terminate user accounts along with user identities across multiple cloud applications. When there are multiple applications that require authentication, users can sign in at one place and still have seamless access to all the other applications.
Additionally, WSO2 Identity Cloud brings about a new and improved approach to federation. There is a centralized Identity as a Service Provider. It is still an overall n to n relationship. There is a 1 to n relationship from a federation partner to consumer services (where multiple consumer services rely on a single centralized federated Identity Provider for security) and a 1 to n relationship from consumer service to federation partners (where a single consumer service can rely on multiple Identity providers for security). This model ensures greater efficiency.