This documentation is for WSO2 Identity Server 5.4.0 . View documentation for the latest release.

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.

Identity management is about authenticating and authorizing users so they can access a system or an application. user store is the database where information about the users and user roles is stored, including log-in name, password, first name, last name, and e-mail address. The user stores of all WSO2 Carbon-based products are embedded H2 databases except for WSO2 Identity Server, which has an embedded LDAP as its user store. Therefore, user stores play an important role when it comes to identity management.

WSO2 products allow configuring multiple user stores to your system that are used to store users and their roles (Groups). Out of the box WSO2 products support JDBC, LDAP and Active Directory user stores with the capability of configuring custom user stores. There are different user store adapters called User store managers, which are used to connect with these users store types.


Adapters used to connect with different users stores are called User Store Managers. By default, there are user store managers for JDBC, LDAP and Active Directory user stores. If you need to add a new user store implementation, see Writing a Custom User Store Manager. When you configure the user store, you have to set the user store manager class name.

The following table lists the available implementations and their usage:






The permissions attached to roles are always stored in an RDBMS. With the default configurations, permissions are stored in the embedded H2 database. For information on how to set up a RDBMS repository for storing permission, seeConfiguring the Authorization Manager