What's new in this release
WSO2 IS version 5.2.0 is the successor to version 5.1.0. It contains the following new features and enhancements:
- WSO2 Identity Server analytics component to analyze IS authentication statistics. For information on the WSO2 IS analytics component, see Analytics.
- WSO2 Identity Server now supports Proof Key for Code Exchange (PKCE) for the OAuth 2.0 Authorization Code Grant Type. It is able to mitigate code interception attacks that may occur during authentication. See Mitigating Authorization Code Interception Attacks for more information.
- The WSO2 IS can now issue SAML 2.0 security tokens for WS-Federation (Passive). The previous version of the Identity Server was only capable of issuing SAML 1.1 tokens for the passive security token service. See Configuring WS-Federation Single Sign-On for more information.
- You now have the ability to configure OpenID Connect Single Logout as the WSO2 Identity Server now supports the OpenID Connect Session Management specification. This means that any relying party application can now monitor the session/login status of a user who has logged in through the WSO2 IS and automatically logout any end-users who have logged out from the IS. For more information about this feature, see Configuring OpenID Connect Single Logout.
- The UserStoreCountService is a new API supported by WSO2 IS that you can use to take a count of the number of users or roles in the userstore. For more information on this API, see Counting Users and Roles with APIs.
- OpenID 2.0 has been deprecated in this release and moved to the IS Connector store as it is now an obsolete specification and has been superseded by OpenID Connect. Alternatively, we recommend using OpenIDConnect instead.
Fixed and known issues
IS 5.2.0 is compatible with all WSO2 Carbon 4.4.6 products. This includes all products listed here based on the WSO2 Carbon 4.4.6 platform version.