What is WSO2 Identity Server 7.0.0?
Since July 2009, WSO2 Identity Server has been evolved with time, allowing consumers and developers to experience major breakthroughs in the history of Identity and Access management. With the release of version 5.0.0 in 2014, users were able to experience the advance identity features like login with multiple options, Role based Access Control with XACML and Self-care capabilities. Identity Server 5 series provided a wide variety of features compared to the lower versions. Introduction of identity federations in 2015 with IS 5.1.0 and introduction of Script based Adaptive Authentication in 2018. With the release of Identity Server 5.7.0, it gave a huge push up to WSO2 IAM product to recognize in many Identity and Access management Analysts reports like KuppingerCole and Gartner. The release of Identity Server 7.0.0 in 2024 is equally important, because it turns a new chapter in the history of IAM industry at WSO2.
Yenlo is one of the five valuable partners of WSO2, who is been with WSO2 Valuable Partner club for more than 10 years, and is proud to announce this new release of Identity Server 7.0.0 which allows us to accommodate many identity and access management requirements across business domains like B2B, B2B2C and B2B2E.
Choosing WSO2 Identity Server 7.0.0
Multi-tenancy is one of the only features that used to have in previous Identity Server versions to support B2B business user cases. Multi-tenancy feature allows to create independent units of Identity deployments by sharing underline infrastructure. However, the users managed within these tenants are not visible, even to the super tenant(root). Multi-tenancy is used to manage organizations horizontally and this is more ideal for a IDaaS kind of solution. This feature was not sufficient for complex identity problems of a large-scale organization that has a lot of customers and partners.
With the release of WSO2 Identity Server 7.0.0, all these complex B2B IAM problems are handled with a new feature called “organization management”. This new feature of organization management allows multi-national companies to manage their organization both horizontally and vertically though sub-organizations. Due to this implementation, the old data structure has changed to create more standard and flexible format for managing organizations, users, groups, roles, and permissions, requiring fewer customizations to meet all the business requirements that customers long for.
Features of WSO2 Identity Server 7.0.0
Along with the organization management feature there few more important features that are released with the new series 7.0.0
- New React Based console application which replaces old carbon console.
Many WSO2 Identity Server consumers who have customized Identity Server, used to struggle when customizing carbon console because of its outdated technology of jsp/java. Identity Server 6 series had the beta version of this react console app and many requested to release this sooner as this helps to customize and contain better UX and UI compared to the carbon console. The new React console is more developer friendly as well as appealing both to developers as well as administrative users.
- Virtual level separation of organizations and organizational level management of Users, Groups and Roles
Each organization will have a similar UI to perform user management of Users, Groups and Roles. Organization level Administrators can easily shift between organizations to manage their duties within organizations. Root level users or administrators who manage sub organizations are visible under the user list of sub organization as they too are a part of it.
There are a couple of role types introduced with this new release such as organizational level roles and application-level roles. This time the WSO2 team has managed to match the standard best practices of IAM industry with these changes. This is a plus point to choose WSO2 Identity Server 7 over other older releases.
- Easy customizable modern UI for all scenarios
In previous releases the customization was only possible by adding css/js into the extensions folder of each endpoint or fully overriding the webapp as per our need. This made our developer life hard since this breaks every time when updating the WSO2 products (applying bug fixes and security fixes). With this new branding support via the console, we can change the look and feel of the UIs easily through the console itself. This also includes logos, designs, texts, privacy policies, etc.
- Branding per Organization
With the new easy customizable approach, we can now have organization level branding which was not available before. The login UI, self-sign-up page, recovery pages can be easily changed according to the organization level names, logos, color themes, cookie policies, privacy policies, email templates and authentication mechanisms like MFA and Social Logins.
This is a brand-new feature that was not there in any of the versions before and which made WSO2 Identity Server much more competitive across other on prem IAM vendors.
- Applications (Service Providers) and Connections (Identity Providers) across organizations and per organization
The new WSO2 Identity Server 7.0.0 is using new generic terminologies like Applications and connections instead of IAM specific terminology to provide a better developer/business user experience to attract more developers who were not from IAM background. With the new organization management feature, we can now create applications and connections across multiple organizations. This is an advantage which we did not have when we used multi-tenancy.
- Fully API based Authentication and Integration Support
With WSO2 Identity Server 7.0 the admin console has fully achieved the API first approach. Hence all the functionalities of the console are available as APIs with a clear separation in the console. This provides better user-friendly UI/UX for Developers as well as Dev-ops. This allows everyone to easily do WSO2 integrations, despite their WSO2 knowledge.
- New CLI tool to migrate artifacts across environments.
There is another good news for dev-ops who used to struggle moving applications (service providers) and connections (identity providers) across different environments like DEV, QA, STAGN and PROD. Previously the pipelines must create new service providers and identity providers may be manually or using DCR APIs and found it hard to manage cross environments. But now with the Identity Server 7 release is comprised with a new CLI too which allows you to migrate artifacts like applications and connections across environments and in co-operate it to the default CICD pipeline easily. With this you can experience a similar behavior like you had in API CTL.
Benefits of migrating to WSO2 Identity Server 7.0.0
If you are new to WSO2 technology and want to use WSO2 Identity Server in your deployment and if you have large number of end users, partners and need to closely manage user of each partner – then organization management is one of your most required basic features that you MUST have from your IAM solution. As an expert in IAM world for more than 10 years, I would recommend you use WSO2 Identity Server 7.0.0 for your platform.
Identity Server 7.0.0(IS 7) was built on top of core features of the most successful WSO2 Identity Server 5.11.0 which is highly used by almost all the customers of WSO2. IS 7 was the best solution that WSO2 has ever provided for the limitations of IS 5.11.0. Although it is new, the new features and the new UIs will provide a high return on the amount you spend on it. When we consider other competitors like Key Cloak, ForgeRock, OAuth0 – WSO2 Identity Server 7.0.0 provides a good deal because of their core-based pricing. You do not require to pay per user or per function. Everything is included in one price, which allows your continuous development from a single investment.
Below I will explain what are the other features that are provided by WSO2 Identity Server along with the organization management feature and new UIs:
- Identity and Access Management (IAM): WSO2 Identity Server provides comprehensive IAM capabilities, including user authentication including passwordless methods, single sign-on (SSO), identity federation, multi-factor authentication (MFA), Adaptive Authentication, and user provisioning.
- Security Standards Support: It supports a wide range of security standards and protocols such as OAuth2.0, OpenID Connect, SAML, SCIM, LDAP, XACML, OPA and WS-Security, ensuring interoperability with various systems and applications.
- Identity Federation: WSO2 Identity Server enables organizations to establish trust relationships between different connections and applications facilitating seamless and secure authentication across multiple domains.
- User Lifecycle Management: It offers features for managing the entire lifecycle of user identities, including user registration, profile management, password management, and account deactivation.
- Role-Based Access Control (RBAC): WSO2 Identity Server supports RBAC, allowing organizations to define roles and permissions to control access to resources based on user roles.
- API Security: WSO2 Identity Server provides API security capabilities, including OAuth-based access control, rate limiting, and threat protection, to secure APIs and microservices.
- Multi-Tenancy: It supports multi-tenancy, allowing organizations to manage multiple separate identity domains within a single deployment instance.(This is still available along with hierachical Organization management feature)
- Extensibility and Customization: WSO2 Identity Server is highly extensible and customizable, with support for custom authentication mechanisms, user stores, and identity provisioning connectors.
- Integration with WSO2 Platform: It seamlessly integrates with other products in the WSO2 platform, such as WSO2 API Manager, WSO2 Micro Integrator and Choreo to provide a comprehensive solution for API management, integration, and identity management.
On top of these new features, WSO2 Identity Server has a far more partner presence in the European region, which can provide better support in your integration.
How Yenlo can support the journey of migration?
Even before the release of WSO2 Identity Server 7.0.0, Yenlo is closely working with WSO2 team to find issues and create a better product which is useful to our customers. We have done testing of the product prio to its release. We are delighted infor that we already have created two new Proof-of-Concepts for two new customer with WSO2 Identity Server to cater their requirements. We are prety confident about this new release of Identity Server 7.0.0 which bring more benefits to both our clients and WSO2.
If you have an existing WSO2 Identity Server set up or different IAM provider and if you wish to migrate to new release of WSO2 Identity Sever, we can join in hand with you to guide you on the migration process. We will do the migration process with the help of WSO2 in cooperating our past experiences. Please contact us for more information.