Welcome!

Release Management Authors: Liz McMillan, Jnan Dash, Lori MacVittie, Gilad Parann-Nissany, Carmen Gonzalez

News Feed Item

WSO2 Expands Identity Management Capabilities Across Cloud, Mobile and Web Applications With the Launch of WSO2 Identity Server 4.5

The cloud, mobile computing, and APIs are empowering enterprises to extend their processes to customers, partners, and other groups within the organization. However, with this greater reach come greater challenges to protect data and ensure users’ privacy across multiple domains and devices. WSO2 addresses these challenges with the launch of WSO2 Identity Server 4.5 for authentication and identity management across cloud, mobile and Web applications.

The latest release of the award-winning WSO2 Identity Server adds powerful new capabilities for user provisioning and management, including:

  • Support for OpenID Connect to authenticate users of mobile and Web applications.
  • Stronger tenant control in multitenant cloud deployments through the ability of each tenant to have multiple trusted identity providers and multiple user stores, which are isolated from the rest.
  • Enhanced System for Cross-domain Identity Management (SCIM) with the addition of OAuth 2.0 authentication.
  • Expanded Security Assertion Markup Language (SAML) 2.0 functionality to support seamless integration with Salesforce and Google Apps.
  • Addition of SAML 2.0 grant type for OAuth 2.0 to leverage SAML 2.0 with REST/API security.

“Collectively, the cloud, mobile, APIs, social media, and open source are enabling enterprises to create new connections across employees, customers and partners. Along with new business models, this is also bringing the need for more comprehensive identity management across the diverse participants in these connected enterprises,” said Dr. Sanjiva Weerawarana, WSO2 founder and CEO. “WSO2 Identity Server 4.5 delivers on this demand by combining robust, centralized management with flexible models for provisioning in traditional, cloud and mobile deployments and by facilitating authentication and authorization no matter where or how users choose to access applications and services.”

Robust Identity Management On-premises and in the Cloud

Version 4.5 builds on the proven performance of WSO2 Identity Server, the enterprise-ready, 100% open source, lean, component-based software, which has been in production in Global 1000 enterprises since 2009.

WSO2 Identity Server enables enterprise architects and developers to improve the user’s experience by reducing identity provisioning time, guaranteeing secure online interactions, and delivering a reduced single sign-on (SSO) environment. It also decreases the burden of identity management and entitlement management by including role-based access control, attribute-based access control, fine-grain policy-based access control, and SSO bridging. Featuring full native multi-tenancy, WSO2 Identity Server can run on servers, in a private cloud, public cloud or hybrid cloud environment—all from the same software.

In December 2012, WSO2 Identity Server 4.0 added SCIM support for identity provisioning to facilitate user management operations across software as a service (SaaS) applications. It also incorporated federated identity provider (IdP) functionality, allowing different organizations to make shared services available—for example different universities sharing certain resources with each other’s faculty or students—while enabling single sign-on simplicity for end users. Such federated IdP is particularly important for facilitating authentication across extremely large deployments associated with the cloud.

WSO2 Identity Server is complemented by the WSO2 Cloud Gateway 1.0, first launched in 2010, which provides a secure connection between applications behind the firewall and public platform as a service (PaaS) or SaaS offerings.

New Features in WSO2 Identity Server 4.5

WSO2 Identity Server 4.5 adds significant enhancements to facilitate identity management across multiple devices, domains and applications—on-premises and in the cloud.

New OpenID Connect Support – Version 4.5 adds support for OpenID Connect, a standard for mobile and Web application authentication. An identity framework built on the OAuth 2.0 protocol, OpenID Connect utilizes and extends OAuth 2.0 messages and code flows. With WSO2 Identity Server, enterprises now can use and implement the OpenID Connect Basic Client Profile.

New Multiple Trusted Identity Providers Functionality – WSO2 Identity Server 4.5 allows identity providers to be configured by tenant administrators in a multitenant environment. This is particularly relevant in the development and deployment of an SSO-enabled, software as a service application in which the SaaS application is deployed on the super tenant but accessed by all tenants. Each tenant can have its own set of trusted identity providers, and users of the tenant do not have to physically exist on the same server as the SaaS application. This reduces the management requirements of the super tenant while providing tenants more control and flexibility over their user authentication.

Expanded SCIM Capabilities – The newest release of WSO2 Identity Server enhances support for the System for Cross-domain Identity Management specification by adding OAuth 2.0-based authentication for SCIM. WSO2 Identity Server acts as both a SCIM service provider (both hub and spoke types) and a SCIM service consumer. Now IT organizations can leverage OAuth 2.0 in order to authenticate the SCIM REST endpoints of WSO2 Identity Server.

Expanded Security Assertion Markup Language 2.0 Support – Many existing enterprises that have implemented a service-oriented architecture (SOA) rely on SAML 2.0, but increasingly they need to consume OAuth-protected resources through APIs. WSO2 Identity Server, as an OAuth 2.0 authorization server, now can accept SAML 2.0 assertions from OAuth 2.0 clients and in exchange return back OAuth 2.0 access tokens to access protected resources on behalf of the resource owner. This provides a simple solution for leveraging SAML with REST/API security.

Additional Enhancements – WSO2 Identity Server 4.5 includes several other new features to provide greater ease of use and facilitate user provisioning and management. With this latest release:

  • IT organizations can customize login pages for SAML 2.0, OAuth, OpenID Connect, Passive Security Token Service (STS), and OpenID outside of WSO2 Identity Server.
  • Administrators can configure user account lock/unlock based on failed login attempts.
  • Enterprises have improved support for implementing name/password violation policies.
  • Organizations and their users can recover accounts using email addresses or secret questions.
  • Single sign-on across Google Apps, Salesforce and internal applications is seamlessly integrated with WSO2 Identity Server.
  • Administrators can define a selective set of grant types for OAuth 2.0 applications based on the trust and their capabilities.
  • WSO2 Identity Server adds an improved eXtensible Access Control Markup Language (XACML) editor and SAML 2.0 Web secure single sign-on (SSO) HTTP POST binding for authentication requests.

WSO2 Identity Server Builds on WSO2 Carbon Platform

WSO2 Identity Server is built on the same modular, fully componentized OSGi-compliant code base as the award-winning WSO2 Carbon enterprise middleware platform. Like all WSO2 middleware products, it is inherently cloud-enabled and uses proven core framework components that provide a consistent set of enterprise-class management, security, clustering, logging, statistics, tracing, and other capabilities. Additionally, it offers a graphical management console, which is integrated with other WSO2 middleware products, for configuration, management and monitoring. The componentized architecture gives enterprises unprecedented flexibility to customize WSO2 Identity Server by adding WSO2 Carbon middleware products or the 175-plus components on which they are based.

Availability and Support

WSO2 Identity Server 4.5 is available today as a software download that can run directly on servers or on top of WSO2 Stratos PaaS software; as a WSO2 Cloud Virtual Machine running on the Amazon Elastic Computing Cloud (EC2), Linux Kernel Virtual Machine (KVM), and VMware ESX; and as a hosted service on the WSO2 StratosLive PaaS. As a fully open source solution released under the Apache License 2.0, it does not carry any licensing fees.

WSO2 Identity Server is backed by a world-class technical team in which the experts that helped create the software provide support, leading to direct and immediate access to the people with in-depth knowledge of the middleware. WSO2 service and support options include evaluation support, a special QuickStartSM consulting program, development support, and production support.

About WSO2

WSO2 is the lean enterprise middleware company. It delivers the only complete open source enterprise SOA middleware stack purpose-built as an integrated platform to support today’s heterogeneous enterprise environments—internally and in the cloud. WSO2’s service and support team is led by technical experts who have proven success in deploying enterprise SOAs and contribute to the technology standards that enable them. For more information, visit http://wso2.com, or check out the WSO2 community on the WSO2 Blog, Twitter, LinkedIn, Facebook, and FriendFeed.

Trademarks and registered trademarks are the properties of their respective owners.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

@ThingsExpo Stories
“delaPlex Software provides software outsourcing services. We have a hybrid model where we have onshore developers and project managers that we can place anywhere in the U.S. or in Europe,” explained Manish Sachdeva, CEO at delaPlex Software, in this SYS-CON.tv interview at @ThingsExpo, held June 7-9, 2016, at the Javits Center in New York City, NY.
"We've discovered that after shows 80% if leads that people get, 80% of the conversations end up on the show floor, meaning people forget about it, people forget who they talk to, people forget that there are actual business opportunities to be had here so we try to help out and keep the conversations going," explained Jeff Mesnik, Founder and President of ContentMX, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
From wearable activity trackers to fantasy e-sports, data and technology are transforming the way athletes train for the game and fans engage with their teams. In his session at @ThingsExpo, will present key data findings from leading sports organizations San Francisco 49ers, Orlando Magic NBA team. By utilizing data analytics these sports orgs have recognized new revenue streams, doubled its fan base and streamlined costs at its stadiums. John Paul is the CEO and Founder of VenueNext. Prior ...
Internet of @ThingsExpo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with the 19th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world and ThingsExpo Silicon Valley Call for Papers is now open.
The IoT is changing the way enterprises conduct business. In his session at @ThingsExpo, Eric Hoffman, Vice President at EastBanc Technologies, discussed how businesses can gain an edge over competitors by empowering consumers to take control through IoT. He cited examples such as a Washington, D.C.-based sports club that leveraged IoT and the cloud to develop a comprehensive booking system. He also highlighted how IoT can revitalize and restore outdated business models, making them profitable ...
With 15% of enterprises adopting a hybrid IT strategy, you need to set a plan to integrate hybrid cloud throughout your infrastructure. In his session at 18th Cloud Expo, Steven Dreher, Director of Solutions Architecture at Green House Data, discussed how to plan for shifting resource requirements, overcome challenges, and implement hybrid IT alongside your existing data center assets. Highlights included anticipating workload, cost and resource calculations, integrating services on both sides...
Big Data engines are powering a lot of service businesses right now. Data is collected from users from wearable technologies, web behaviors, purchase behavior as well as several arbitrary data points we’d never think of. The demand for faster and bigger engines to crunch and serve up the data to services is growing exponentially. You see a LOT of correlation between “Cloud” and “Big Data” but on Big Data and “Hybrid,” where hybrid hosting is the sanest approach to the Big Data Infrastructure pro...
"We are a well-established player in the application life cycle management market and we also have a very strong version control product," stated Flint Brenton, CEO of CollabNet,, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
We all know the latest numbers: Gartner, Inc. forecasts that 6.4 billion connected things will be in use worldwide in 2016, up 30 percent from last year, and will reach 20.8 billion by 2020. We're rapidly approaching a data production of 40 zettabytes a day – more than we can every physically store, and exabytes and yottabytes are just around the corner. For many that’s a good sign, as data has been proven to equal money – IF it’s ingested, integrated, and analyzed fast enough. Without real-ti...
I wanted to gather all of my Internet of Things (IOT) blogs into a single blog (that I could later use with my University of San Francisco (USF) Big Data “MBA” course). However as I started to pull these blogs together, I realized that my IOT discussion lacked a vision; it lacked an end point towards which an organization could drive their IOT envisioning, proof of value, app dev, data engineering and data science efforts. And I think that the IOT end point is really quite simple…
A critical component of any IoT project is what to do with all the data being generated. This data needs to be captured, processed, structured, and stored in a way to facilitate different kinds of queries. Traditional data warehouse and analytical systems are mature technologies that can be used to handle certain kinds of queries, but they are not always well suited to many problems, particularly when there is a need for real-time insights.
Unless your company can spend a lot of money on new technology, re-engineering your environment and hiring a comprehensive cybersecurity team, you will most likely move to the cloud or seek external service partnerships. In his session at 18th Cloud Expo, Darren Guccione, CEO of Keeper Security, revealed what you need to know when it comes to encryption in the cloud.
We're entering the post-smartphone era, where wearable gadgets from watches and fitness bands to glasses and health aids will power the next technological revolution. With mass adoption of wearable devices comes a new data ecosystem that must be protected. Wearables open new pathways that facilitate the tracking, sharing and storing of consumers’ personal health, location and daily activity data. Consumers have some idea of the data these devices capture, but most don’t realize how revealing and...
You think you know what’s in your data. But do you? Most organizations are now aware of the business intelligence represented by their data. Data science stands to take this to a level you never thought of – literally. The techniques of data science, when used with the capabilities of Big Data technologies, can make connections you had not yet imagined, helping you discover new insights and ask new questions of your data. In his session at @ThingsExpo, Sarbjit Sarkaria, data science team lead ...
Extracting business value from Internet of Things (IoT) data doesn’t happen overnight. There are several requirements that must be satisfied, including IoT device enablement, data analysis, real-time detection of complex events and automated orchestration of actions. Unfortunately, too many companies fall short in achieving their business goals by implementing incomplete solutions or not focusing on tangible use cases. In his general session at @ThingsExpo, Dave McCarthy, Director of Products...
"delaPlex is a software development company. We do team-based outsourcing development," explained Mark Rivers, COO and Co-founder of delaPlex Software, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
WebRTC is bringing significant change to the communications landscape that will bridge the worlds of web and telephony, making the Internet the new standard for communications. Cloud9 took the road less traveled and used WebRTC to create a downloadable enterprise-grade communications platform that is changing the communication dynamic in the financial sector. In his session at @ThingsExpo, Leo Papadopoulos, CTO of Cloud9, discussed the importance of WebRTC and how it enables companies to focus...
Is your aging software platform suffering from technical debt while the market changes and demands new solutions at a faster clip? It’s a bold move, but you might consider walking away from your core platform and starting fresh. ReadyTalk did exactly that. In his General Session at 19th Cloud Expo, Michael Chambliss, Head of Engineering at ReadyTalk, will discuss why and how ReadyTalk diverted from healthy revenue and over a decade of audio conferencing product development to start an innovati...
Early adopters of IoT viewed it mainly as a different term for machine-to-machine connectivity or M2M. This is understandable since a prerequisite for any IoT solution is the ability to collect and aggregate device data, which is most often presented in a dashboard. The problem is that viewing data in a dashboard requires a human to interpret the results and take manual action, which doesn’t scale to the needs of IoT.
SYS-CON Events announced today that 910Telecom will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Housed in the classic Denver Gas & Electric Building, 910 15th St., 910Telecom is a carrier-neutral telecom hotel located in the heart of Denver. Adjacent to CenturyLink, AT&T, and Denver Main, 910Telecom offers connectivity to all major carriers, Internet service providers, Internet backbones and ...