This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.

Features

Feature

Description

System and User Identity Management
  • Implement a flexible user store using the built-in LDAP (powered by ApacheDS), external LDAP, Microsoft Active Directory, or any JDBC database
  • API for integrating identity management into any application
  • Multifactor authentication via XMPP for OpenID
  • Single Sign-On (SSO) via OpenID, SAML2, and Kerberos KDC
  • SSO bridging between on-premises systems and Cloud apps
  • Credential mapping across different protocols
  • Provisioning via SCIM instead of legacy SPML
  • Auditing via XDAS
  • Delegation via OAuth 1.0a, OAuth 2.0*, and WS-Trust.
  • Federation via OpenID, SAML2, and WS-Trust STS
  • Integration with Microsoft SharePoint with Passive STS support
  • Implement REST security with OAuth 2.0* and XACML
  • Flexible profile management for users supporting multiple profiles per user
  • XKMS for key storage and distribution
Entitlement Management
  • Role-based access control (RBAC)
  • Attribute-based or claim-based access control via XACML, WS-Trust, OpenID, and claim management
  • Fine-grained policy-based access control via XACML
  • Advanced entitlement auditing and management
  • Entitlement management for any REST or SOAP calls
XACML 2.0/3.0 Support
  • User-friendly interface for policy editing
  • Multiple Policy Information Point (PIP) support
  • 'TryIt' tool for exploring policy impact
  • Policy distribution to various Policy Decision Points (PDPs)
  • Policy decision and attribute caching
  • High-performance network protocol (over Thrift) for PEP/PDP interaction
  • Notifications for policy updates
Lightweight, Developer-Friendly, and Easy to Deploy
  • Complete SOAP API for integrating/embedding into any application or system
  • Pluggable workflows for privileged operations
  • Extensibility for pluggable authenticators, alternative user stores, XACML/SAML extension points, and more
  • Clustering for high-availability deployment
  • Choice of deployment to on-premises servers or to private or public Cloud (WSO2 StratosLive Identity-as-a-Service) without configuration changes
  • Integrated with WSO2 Enterprise Service Bus for authorization and all WSO2 Carbon products for authentication
Management and Monitoring
  • Comprehensive management and monitoring Web console with enterprise-level security and SAML2 SSO
  • Built-in collection and monitoring of standard access and performance statistics
  • JMX MBeans for monitoring and management of key metrics
  • Integrates with WSO2 Business Activity Monitor for operational audit and KPI monitoring and management
  • Flexible logging support with integration to enterprise logging systems
  • Centralized configuration management across different deployment environments with lifecycle management and versioning through integration with WSO2 Governance Registry

Open Source Components of WSO2 Identity Server

  • WSO2 Carbon
  • Apache Axis2 (SOAP)
  • Apache Axiom (High performance XML Object Model)
  • Apache Rampart/Apache WSS4J (WS-Security, WS-SecureConversation)
  • Apache Rahas(WS-Trust)
  • WS-Addressing implementation in Axis2
  • Apache Neethi (WS-Policy)
  • WS-SecurityPolicy implementation in Axis2
  • Apache XML Schema
  • OpenID4Java
  • SunXACML
  • OpenSAML2
  • Apache Directory Server