WSO2 Identity Server and its Key Features
What is WSO2?
WSO2 is a leading open-source, middleware technology provider in the software industry and it offers an enterprise platform for integrating application programming interfaces, applications, and web services locally and across the Internet. WSO2 provides a large range of products for varying business needs and here are the three main products out of them,
1. API Manager
In this article, I mainly focused to give a clear overview of the WSO2 Identity Server and about its core features.
WSO2 Identity Server
WSO2 identity server is an open-source, API driven IAM product design for identity and access management. It is based on open standards such as SAML, OAuth, OIDC and it support complex IAM requirements given its high extensibility. WSO2 Identity Server provides a bunch of features to optimize the identity management, security and privacy of a digital business. Let’s go through some of the key features out of them to get a clear idea about the WSO2 Identity Server.
User Account Management
WSO2 Identity Server provides centralized user management to securely and efficiently manage user identities and to define and manage access rights. WSO2 Identity Server uses Role-Based Access Control (RBAC) to manage permissions and access rights of users based on their user roles. It reduces administrative costs and makes it easy to comply with regulations related to privacy. WSO2 Identity Server has the ability to use secondary user stores in addition to the primary user store. It provides features, user registration by admin, self-registration, password reset and recovery, defining password policies, account recovery, account locking, account suspension and account disabling.
Single Sign-On (SSO)
Single Sign-On is a user authentication service which permits users to use the same set of user credentials over multiple applications. WSO2 Identity Server works as a centralized user management server to provide authentication and user management to several applications. Users can access each of those applications through the WSO2 Identity Server using the credentials which were stored in the WSO2 Identity Server. With SSO, users do not need to remember a bunch of usernames and passwords for different applications and it provides a high user experience. Since it provides more centralized authentication management, the system is resistive to data breaching.
Adaptive and Strong-Multi Factor Authentication (MFA)
WSO2 Identity Server uses multiple authentication factors to provide strong authentication. The factors can be categorized as knowledge, possession, inherence. The MFA prevents security vulnerabilities caused due to password-based authentication. adaptive authentication means that authentication factors decided based on user risky level and activity nature. With adaptive authentication, authentication factors get differ based on the access device which makes easy for users to use the applications. WSO2 Identity Server uses the Adaptive Authentication for efficient and convenient use of MFA.
Identity Federation
Identity federation means connecting a person’s digital identity and attributes, stored across multiple distinct trust domains. WSO2 Identity Server provides authentication across multiple external identity providers such as Google, Facebook. It allows users to access the application using their login credentials already have with other identity providers rather than creating new user accounts. It is more convenient and easy for users to access and use application than creating user accounts for every application they are using.
Identity Provisioning
Identity Provisioning is the process of creating and maintaining digital identities in a system and assigning appropriate privileges to them. Saving time and money, improving security and seamless integration are the key benefits of using Identity Provisioning. WSO2 Identity Server follows the user provisioning standard called SCIM (System for Cross-Domain Identity Management) and uses three main user provisioning methods, Inbound Provisioning, Outbound Provisioning and JIT (Just In Time) Provisioning.
I have discussed some of the key features of the WSO2 Identity Server to give a clear overview of the functionalities and the potentials of the WSO2 Identity Server to provide strong identity and access management. You can download the WSO2-IS Product for free and follow the Udemy Course, Introduction to WSO2 identity server to get more advance knowledge and experience with the WSO2 Identity Server. I hope you get a clear idea about the key features of the WSO2 Identity Server and I am looking forward to writing more about WSO2 Identity Server.
Thank you!
References:
Images : https://lms.wso2.com/courses/wso2-identity-server-fundamentals