This documentation is for WSO2 Identity Server 5.3.0 . View documentation for the latest release.

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


  1. Sign in. Enter your username and password to log on to the Management Console.
  2. In the Main menu under the Identity section, click Resident under Identity Providers

    The Resident Identity Provider page appears.

    Enter a Home Realm Identifier for the resident identity provider. You can enter multiple identifiers as a comma separated list.


    This value is essentially the domain name of the identity provider. If you do not enter a value here, when an authentication request comes to the Identity Server, a page is displayed prompting the user to specify a domain.


    Idle Session Time Out : This  represents the idle session time out for SSO sessions. The default value is set to 15min which means that if Identity Server does not receive any SSO authentication request for 15min for a given user SSO session would be timeout.  You can configure the idle time out value.

    Remember Me Period :  You can tick on the Remember Me option in Identity Server login page if you need to make remember the SSO session. You can define an expiry time for this remembrance period by configuring Remember Me Period. This is configurable and the default time is 2 weeks.

  3. Configure inbound authentication if required. This is not mandatory for creating a resident identity provider.
    • Set the Identity Provider Entity Id under SAML2 Web SSO Configuration. Specifying this gives the tenant identification, so any users provisioned through this tenant can be identified as such.

    • Configure the WS-Trust/WS-Federation (Passive Security Token Service (STS). You can configure this if you want to secure the WS-Trust endpoint with a security policy.
      Image RemovedImage Added

  4. Click Update.
  5. Click Ok to the confirmation message that appears.