This documentation is for WSO2 Identity Server 5.1.0 . View documentation for the latest release.

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


Access the WSO2 Identity Server from a client machine (the user should be logged in to the domain of the server) by entering the WSO2 Identity Server's URL (e.g., from your client browser. You are logged into the WSO2 Identity Server without having to enter your password. The following is a part of the server log when the user is logged with IWA:

Image RemovedImage Added

Sometimes you may not be logged in automatically and you may be prompted to enter the username and password. The reason for that could be one of the following.

  • The browser is either unable to do the IWA authentication or it is not configured to use the IWA authentication properly. The web server should be added to the trusted websites of the browser.
    • For Internet explorer, go to “Tools → Internet Options” and in the “security” tab select local intranet.
      Image RemovedImage Added
    • Click the Sites button. Then add the URL of WSO2 Identity Server there.
      Image RemovedImage Added
    • For Firefox, type “about:config” in the address bar, ignore the warning and continue, this displays the advanced settings of Firefox. In the search bar, search for the key "network.negotiate-auth.trusted-uris" and add the WSO2 Identity Server URL there.
      Image RemovedImage Added

  • The user may be attempting to access the WSO2 Identity Server from outside the domain of the user.
  • The user may not have the sufficient permission within WSO2 Identity Server to log in to the system.