WSO2 is the world’s #1 open source integration vendor, helping digital-driven organisations become integration agile.
Customers choose us for our broad integrated platform approach to open source, and agile transformation methodology. The company’s hybrid platform for developing, reusing, running and managing integrations prevents lock-in through open source software that runs on-premises or in the cloud. Today, hundreds of leading brands and thousands of global projects execute 6 trillion transactions annually using WSO2 integration technologies. Visit https://wso2.com to learn more.
Share
Main office address
1st Floor
20-26 Brunswick Place
London
N1 6DZ
Key Products / Services / Sectors (USPs)
Open Source Identity & Access Management for Agile businesses
WSO2 Identity Server, a core component of the open source integration agile platform, facilitates single sign on between applications and federates identities between multiple heterogeneous systems. It is optimized for securing APIs, microservices, and CIAM projects. Its enterprise-grade pedigree offers advanced capabilities including identity federation, SSO, ID bridging, strong & adaptive authentication, and regulation compliance.
Unlike competitors, it is unique due to its inherent extensibility to meet use ‘corner cases’. And can be deployed locally, as a hosted service by WSO2, or in a distributed microservices environment.
The Identity Server also comes with a rich set of connectors, [enabling/empowering it to be a part of a larger ecosystem]. And the open source nature of WSO2 IS further ensures customers benefit from community innovation, and extensibility while helping avoid vendor lock-in.
Capabilities
- Identity Federation and Single Sign-On
- Strong and Adaptive authentication
- Account managment and Identity Provisioning
- Fine grained Access Control
- API & Microservices Security
- Privacy
- Identity Analytics
Benefits
- Open source and open standards help avoid vendor lock-in with
- Customization to support complex IAM use cases with an extensible, open source architecture
- Optimized for API Integration / Securing APIs
- Low-risk scalability fits any need or use case
- Speed integrations with out-of-the-box compatibility with cloud and on-premise applications, 3rd party authentication systems and social Identity providers
- Simplify integrations with a rich connector ecosystem/large identity ecosystem
- Hassle free deployment and low maintenance cost
- Unique flexibility by bridging identities between heterogeneous identity systems
Standards supported
- SAML2
- electronic IDentification, Authentication and trust Services (eIDAS)
- OAuth 2.0
- OpenID Connect
- UMA 2.0
- WS Security, WS-Trust and WS- Federation
- SCIM 2.0
- XACML 2.0/3.0
- Fast Identity Online (FIDO) Universal Two Factor (U2F)
- General Data Protection Regulation (GDPR)
Available on premises, managed cloud and public cloud.
Services
Supports eID
Yes
No
Area of focus
Consumers
Internal services (enterprise)
Identity provisioning (IdP)
As-a-Platform
API
As-a-Service
Wallet/SDK
Hub
On-board RPs
Offer translation of protocols
Handles federation
Integrate RPs/IDPs/Wallets
Can offer consent capture if required
Attribute brokerage
Can capture self-asserted
Can verify self-asserted
Can integrate with third parties (eg Open Banking)
Supports verified claims (VCs)
Verification services/support
Not supported
N/A
Yes – third party verifiers used (including Open Banking)
Yes – In-house verification service
Authentication
Password/username
Multiple factors (MFA)
Biometric
FIDO
Mobile device
Other
Data store functionality
Attribute storage
Attribute sharing
Configurable for specific sectors (e.g. health)
Use decentralised stores (eg Wallets or online)
Can offer consent capture/handling
Account management for users
Yes
No
On request
Account recovery
Self-service
Help desk
Key management required by user
Channel support
Omni-channel
Web
Mobile
Digital assistant
Wallet
Other
Protocol support
SAML 2.0
OIDC
Oauth
UMA
DID (decentralised identifiers)
Third party capability
External
Internal
Other
Other
Risk-based authentication
Anti-fraud support
Data minimisation support
Consent management
Variable registration (multi-user journey support)
Support for accessibility
Logging and audit
Billing system
User Journeys
Self-service
Offline options, incl. F2F
Upgrade paths to increase assurance levels over time
Creation of delegated accounts
Rules
To modify system behaviour
For risk-based authentication
To use events to drive transactions
To manage user journeys, including verification
To handle LOA upgrades/downgrades
API available
Yes
No
Wallet-based systems
Wallet available
SDK available
Decentralised
Handle payments
Handle identity document’s (eg drivers license)
Handle health information (eg vaccine certificates)
Other
Testimonials
“WSO2 is a good company to work with, they understand things from a customer’s point of view, and they deliver from a business perspective. In our case, it was to transform the way we deliver operational technology.”
Alex O’Brien, Agile Product Owner/ Project Manager, Transport for London
“WSO2 Identity Server is GDPR ready, supported the use of existing user stores, allowed us to create a centralized identity, supports inbound authentication, and of course is open source and offered vendor support.”
Panagiotis Kranidiotis, Solutions Architect, ITDT
“Thanks to WSO2 and the open source model, this has been a breeze. It’s been risk-free for us. The middleware has been rock solid from the get-go really.”
Johan Edling, Enterprise IT Architect, Lindex
Clients
