Identity & Access Management 3 min

New features WSO2 Identity Server 5.3

RZW pasfoto 2020
Ruben van der Zwan
CEO & Co-Founder
identity management by wso2

San Francisco, 21 February 2017. During the WSO2 conference USA 2017, where Yenlo as premier partner of WSO2 is one of the silver sponsors, WSO2 announced their new version of the WSO2 Identity and Access Management Server (WSO2 Identity Server or WSO2 IS) solution. This new version is full of new features and important enhancements. Read all about these new features in WSO2 Identity Server 5.3 in this post.

So, what’s new in the WSO2 Identity Server 5.3 (WS02 IS) latest version?

Identity Management of User

Identity Management with WSO2 IS Many new features were added to manage users and user accounts directly from the WSO2 IS admin console or even directly thru the API’s from the Identity Server itself. So here just a few of the most important new features regarding the day to day management of user inside your company.

  • Restful interface for account password recovery and notifications
  • HTML support for email templates, template internalization and dynamic properties for email templates
  • Password reset via admin
  • Password history validation (ability to keep a record of user’s past passwords)
  • Google re-captcha support for single sign on, password recovery flow and self sign up
  • Account suspension reminders and locking idle accounts 
  • Brute force attack prevention:
    • Locking the user account after a certain number of failed attempts, for a period of time
    • Using Re-Captcha after a certain number of failed attempts
    • Account locking in single and multi-tenant environments

Login session monitoring and termination

WS02 IS 5.3.0 now supports monitoring user sessions and authentication activities via alerts, and manual termination of user sessions for better security. The next step is to integrate this monitoring stream with your analytic server to implement real-time complex event processing even on your login flow.

Rule based provisioning

WSO2 IS 5.3.0 has the ability to adopt provision flow based rules that can be based on events (user, IdP, SP) information as well as environment (time, region) factors.

Engaging access control policies in the authentication flow

A great new feature is the possibility to apply an access control policy during the execution of the authentication flow. In this way you can really apply fine-grained access control policies each time your user logs in. It allows you to configure and enforce XACML policies for access control in the authentication flow.

Prompt for missing predefined attributes in the authentication flow

If you are missing (mandatory) predefined attributes, the authentication flow will now provide you a prompt message to add the missing information after all. A cool feature to protect your login dialog procedure.

Integrated Windows Authentication for Linux and External Kerberos

We were waiting for a long time for this feature. It was already possible to use windows authentication with kerberos tokens on Linux, but it always was a hard task to implement. You can read more about how to at kerberos windows authentication with the previous version of WSO2 identity server in this post.

OAuth 2.0 and Open ID connect enhancements

Also on low level a few enchancements were made on the open ID part which already was a part of the WSO2 IS solution. Enchancements in this version:

  • Open ID Connect Dynamic Client Registration
  • OAuth 2.0 Token Introspection
  • Open ID Connect Discovery support

REST profile of XACML

WSO2 IS now adopts REST profile for XACML and JSON Profile of XACML specifications, which breaks the barrier of integrating with the WSO2 IS XACML engine (PDP) from restful applications (PEPs). 

SAML 2.0 Enhancements 

Enchancements in this version around the SAML token access:

  • Support for SAML 2.0 Metadata Profile
  • SAML 2.0 Assertion Query/Request Profile

Security Analytics

WSO2 IS now provides security alerts that give insight into current login sessions and notifies in real time if there are any suspicious login activities and abnormal sessions.

WSO2 Identity Cloud

With the launch of the new WSO2 Identity Server, WSO2 also starts with the implementation of a full Cloud strategy whereby next to the existing API Cloud, Integration Cloud now also an Identity Cloud will be provided. Customers can run their Identity Management fully from the Cloud easliy in a full scalable and managed Cloud environment. More details on the WSO2 Cloud Strategy will follow soon. 

Is that it?

For this release it is. As you can see, many new cool features which improves this WSO2 IS product a lot. The WSO2 team will continue add more features to the already rich IAM solution of WSO2. More to come this year or early next year I guess. Read here all announcements made during the WSO2Con US 2017

Full API lifecycle Management Selection Guide

Get it now
What's on our menu