Discover our knowledge. Read our blogs!

Learn more

We build all our solutions with WSO2 and we are proud that we are WSO2 Premier Certified Integration Partner and Value-Added Reseller.

Learn more
WSO2 Identity Server Experts Yenlo
WSO2 Products

WSO2 Identity Server

Leave identification and authorization up to the WSO2 Identity Server, and benefit from easy access, great user experience and optimal safety.

A secure road to digital transformation

The WSO2 Identity Server adds a security layer to your existing IT infrastructure, while making your business processes run smoothly. Combine safety with usability and feel free to connect to new applications whenever it’s needed. In the meantime, the WSO2 Identity Server will guard your dataflows so that only the right people gain access to the right systems. This makes you a fast, flexible and trustworthy partner that’s prepared for anything, every day

Get things done with the WSO2 Identity Server

  • Safely unlock your assets
  • Build a network of people, data and things
  • Improve the lives of your co-workers
  • Enable great user experience
  • Protect everything you own
  • Make your business light-footed and flexible

Enterprise/Cloud Single Sign-On and Federation

  • Single Sign-On (SSO) via SAML2, OpenID Connect and WS-Federation Passive
  • SAML 2.0 based Single Logout (SLO), metadata profile and assertion query/request profile
  • OpenID Connect session management, discover and dynamic client registration
  • Federated SSO via SAML2, OpenID Connect and WS-Federation Passive with external identity providers
  • Enterprise SSO with applications such as Microsoft Office 365, Microsoft Sharepoint, Microsoft Dynamics and Microsoft Exchange
  • SSO between on-premise applications and cloud applications that support heterogeneous SSO protocols (identity bridging)
  • Simple service provider (SP) and identity provider (IDP) ecosystem management because SPs and IDPs are decoupled from each other (identity hub)
  • Ability to consume identities and attributes from third party IDPs by translating between different claim dialects
  • White label login and registration page
  • Rule-based authorization support for SSO
  • Google ReCaptcha support for SSO

Strong Authentication

  • Support for multi-option/multi-step authentication 
  • Integrated Windows authentication (IWA) with Kerberos
  • X.509 authentication
  • 2-factor authentication based on Fast IDentity Online (FIDO)
  • Time-based One-time Password (TOTP) based authentication

Identity Governance and Administration (IGA)

User/Group management

  • Manage users and groups
  • Claim management that supports decoupling of application dialect from underlying user store implementation
  • Flexible profile management for users supporting multiple profiles per use
  • Ability to link multiple user accounts that may belong to a single user
  • Support for heterogeneous user stores, either through built-in lightweight directory access protocol (LDAP) - powered by ApacheDS, an external LDAP, Microsoft Active Directory, or any JDBC database
  • Ability to support multiple user stores
  • Self-service user portal for business end-users to manage their credentials, profile, and authorized applications
  • Configurable password policies
  • Account locking for invalid failed login attempts
  • Account recovery with email and secret questions
  • Password history validation
  • Password pattern configuration
  • Account locking in single and multi-tenant environments
  • Account suspension reminders and locking idle accounts
  • Google ReCaptcha support for password recovery flow and self sign up
  • HTML support for email templates
  • Email template internalization and dynamic properties for email templates

Provisioning

  • Provision users and groups to WSO2 Identity Server using System for Cross-domain Identity Management (SCIM) 1.1 and 2.0 or WSO2's proprietary SOAP APIs
  • Provision users to external identity providers using SCIM 1.1
  • Create identities on the fly with just-in-time (JIT) provisioning
  • Rule-based identity provisioning

Workflows

  • Multi-option/Multi-step approval template-based workflows for user and role management operations

Entitlements and Access Control

Fine-grained authorization

  • Manage user entitlements
  • Role-based access control (RBAC)
  • Fine-grained policy-based access control based on eXtensible Access Control Markup Language (XACML) 2.0/3.0
  • Explore policy impact prior to publishing the policies to runtime using the try-it tool
  • High performance network protocol (over Apache Thrift) for Policy Enforcement Point/Policy Decision Point (PEP/PDP) interaction
  • User-friendly Policy Administration Point (PAP) to edit XACML 2.0/3.0 policies
  • Manage multiple PDPs from a single PAP
  • Notifications on policy updates
  • Multiple Policy Information Points (PIP) to retrieve additional attributes required for policy evaluation
  • Integrates with WSO2 Enterprise Service Bus for XACML 3.0 based authorization for REST or SOAP services
  • XACML REST profile support

API Security

  • Delegated access control using OAuth2 and WS-Trust
  • Support for SAML2 bearer grant type, JWT assertion grant type and NTLM-IWA grant type
  • OAuth2 token revocation support
  • OAuth token introspection
  • OAuth 2.0 form post response mode
  • Integrates with WSO2 API Manager OAuth2 key management
Identity Server Expert
Delivered by our experts

Achieve High Performance, High Availability, Scalability and Stability

  • Supports 1000s of concurrent non-blocking HTTP(S) connections per server
  • Pure streaming and on-demand processing of messages
  • Sub-millisecond latency for high-throughput scenarios
  • Supports highly available deployment
  • Enables horizontal scaling via clustering with stateless server architecture
  • Ensures long-term execution stability with low resource utilization
  • Ensure load balancing for scalability and failover for high availability of business endpoints

Ensure Lightweight, Developer-Friendly, and Easy Deployment

  • Tracing and debugging message mediation
  • Get declarative development with configuration instead of code
  • Enable easy configuration of fault tolerant mediations with support for error handling
  • Ensure server customization via feature provisioning of any WSO2 middleware capability
  • Extend configuration language with custom DSLs via templates
  • Develop and deploy via standard tools

Manage, Deploy, View and Execute Business Processes

  • Supports BPMN 2.0, WS-BPEL 2.0, WS-Human Task 1.1, and BPEL4People 1.1 standards
  • Supports BPMN Tasks including user, manual, receive, script, service task types, sub-process and call activity types; ability to extend the BPMN runtime by adding custom activities
  • Provides a REST API for external applications to interact with BPMN processes
  • Use graphical Process Modeling with visual editors for any BPMN or BPEL process model

Manage, Monitor and Analyze

  • Ensure comprehensive management and monitoring with a web console with enterprise-level security
  • Built-in collection and monitoring of standard access, performance and statistics for all artifacts types
  • Trace message mediation flows and identify bottlenecks
  • Publish data to intuitive visual dashboards or create your own
  • Support for integration to enterprise logging systems
  • Set up operational audit, KPI and SLA monitoring and management

WSO2 Premier Certified Partner & Value-Added Reseller

logo-wso2

We’re experts in the field of integration and therefor Premier Certified Integration Partner & Value-Added Reseller of WSO2. What you need is what you get. And what you get is Enterprise & Solution Architecture, Middleware Software Development, Support, and intensive Training.

Summary

The WSO2 Identity Server is an all-in-one solution that helps you:

  1. Provide a unified SSO experience through multiple single sign-on protocols
  2. Strengthen authentication by combining multiple identification methods
  3. Deploy role-based and attribute-based access control to secure access to APIs
  4. Combine monitoring, reporting and auditing tools in one solution
  5. Connect to any other system with the WSO2 Identity Server connectors

Contact our experts

yenlo-expert33

At Yenlo we are a happy fan of WSO2. Contact our experts for all your questions. We're pleased to help you.

Learn about the products of WSO2 which we use to tailor your solution.