Page Comparison

What's new in this release

...

• Enhanced identity management framework and OOTB support for identity governance scenarios:
  The identity management framework in WSO2 Identity Server 5.3.0 has been re-designed to add new scenarios and also added strong list of OOTB (out-of-the-box) support for key identity management use cases. Additionally, new restful interfaces to connect with account registration and recovery flows were also introduced.

  • • HTML support for email templates, template internalization and dynamic properties for email templates. For more information, see Customizing Automated Emails.
    • Password and username recovery with challenge questions or notifications using REST. For more information, see Password Recovery. 
    • Password reset via admin. For more information, see Forced Password Reset.
    • Password history validation (ability to keep a record of user's past passwords). For more information, see Password History Validation.
    • Google ReCaptcha support for single sign on, password recovery flow and self-sign up. For more information, see Setting Up ReCaptcha.
    • Brute force attack prevention. For more information, see Mitigating Brute Force Attacks.
    • Account locking in single and multi-tenant environments. For more information, see User Account Locking and Account Disabling.
    • Account suspension reminders and locking idle accounts. For more information, see User Account Suspension.

• Login session monitoring and termination:
  WSO2 IS now supports monitoring user sessions and authentication activities via alerts, and manual termination of user sessions for better security. For more information, see Terminating User Sessions. 

• Rule-based provisioning:
  WSO2 IS 5.3.0 has the ability to adopt provision flow based rules that can be based on event(user, IdP, SP) information as well as environment(time, region) factors. For more information, see Rule Based Provisioning.

• Engaging access control policies in the authentication flow:
  The WSO2 IS 5.3.0 allows you to configure and enforce XACML policies for access control in the authentication flow. For more information, see Configuring Access Control Policy for a Service Provider. 

• Prompt for missing predefined attributes in the authentication flow:
  The user will be prompted for the missing attributes or claim values if a mandatory claim is missing at the point of login. For more information, see Configuring Claims for a Service Provider.
• Integrated Windows Authentication for Linux and External Kerberos:
  In WSO2 IS 5.3.0, you can achieve Integrated Windows Authentication (IWA) with external Kerberos/NTLM Servers, with a WSO2 IS that is deployed on a Linux server. For more information, see Configuring IWA on Linux.
• OAuth 2.0/Open ID Connect Enhancements: 
  • • Open ID Connect Dynamic Client Registration. For more information, see OpenID Connect Dynamic Client Registration.
    • OAuth 2.0 Token Introspection. For more information, see Invoke the OAuth Introspection Endpoint. 
    • Open ID Connect Discovery support. For more information, see the Open ID Connect specification. 

• REST profile of XACML:
  WSO2 IS now adopts REST profile for XACML and JSON Profile of XACML specifications, which breaks the barrier of integrating with the WSO2 IS XACML engine (PDP) from restful applications (PEPs).  For more information, see Entitlement with REST APIs.

   

• SAML 2.0 Enhancements:

  • • Support for SAML 2.0 Metadata Profile. For more information, see the following blogpost: SAML Metadata Feature for WSO2 Identity Server. 
    • SAML 2.0 Assertion Query/Request Profile  
• Security Analytics:
  WSO2 IS now provides security alerts that give insight into current login sessions and notifies in real time if there are any suspicious login activities and abnormal sessions. For more information, see Managing Alerts.

...

...