WSO2 Optimizes Developer Experience with Launch of WSO2 Identity Server 7.0

Businesses
increasingly compete on their ability to offer exceptional, trusted digital
experiences to all users, internally and externally. WSO2 empowers software developers to address this
demand with WSO2
Identity Server
7.0, the latest release of WSO2’s widely adopted, open-source
identity and access management (IAM) software. Available today, Version 7.0
optimizes the developer experience via a new authentication API for native,
in-app, browser-less authentication; new visual editor that enables
side-by-side graphical and code views; and new one-click access to application
templates and authentication methods.

“Organizations
delivering digital experiences need an IAM solution that enables developers to
readily adapt to the evolving needs of the business, customers and partners,”
said Geethika Cooray, vice president and general manager of identity and access
management at WSO2. “Our secret sauce has always been to provide developers an
awesome experience that maximizes their productivity and flexibility, and WSO2
Identity Server 7.0 takes that to a whole new level.”

WSO2
Identity Server 7.0 also adds support for comprehensive business-to-business
(B2B) functionality and financial-grade API security. Additionally, it now
shares the same code base and modern user interface (UI) offered with WSO2
Private Identity Cloud
and Asgardeo, WSO2’s identity as a
service (IDaaS) solution.

WSO2
will demonstrate the latest features in WSO2 Identity Server 7.0, WSO2 Private
Identity Cloud, and Asgardeo at the Gartner Identity & Access Management Summit in London, United Kingdom,
which runs March 4-5, 2024. A Premier Sponsor, WSO2 will be located at Booth
105 in the InterContinental Hotel London where the Gartner event is being
hosted.

Enhancing Developers’ Experiences

Version
7.0 builds on the proven capabilities of WSO2 Identity Server, which manages
more than 1 billion identities worldwide. The uniquely extensible, API-driven,
developer-friendly product enables developers to harness the power of IAM
without being security experts. It incorporates the ability to federate,
authenticate and manage identities; bridge across heterogeneous identity
protocols; and secure access to web and mobile applications along with
API-based endpoints. Now it offers several new capabilities designed to enhance
developers’ experiences.

The new authentication API for app-native, browser-less
authentication
lets developers create in-app login flows instead of redirecting
to a browser-optimizing the user experience without compromising security. The
API supports the ability to orchestrate authentication conditionally based on
risk factors, user/access context, and other considerations without changing
the app logic. Additionally, it enables the use of OAuth 2.0 and OpenID Connect
flows without browser support, guarantees a client’s identity and proof of
possession, and only communicates with legitimate client apps.

A new visual editor offers side-by-side graphical and code views. So, as developers
are building an app, they can now witness the login journey as the user does
while also seeing the underlying code, helping to improve the quality and speed
of development.

Multiple new app templates and authentication methods are now available to
developers via one-click access. Developers can simply click to select one of
the templates for typical application types-such as web, mobile or
single-page-or choose authentication methods, such as a one-time password;
trusted token provider; or third-party authentication from Facebook, Google or
Microsoft, among others.

Comprehensive B2B Support

WSO2
Identity Server 7.0 now goes beyond extensive business-to-consumer (B2C)
customer IAM (CIAM) and workforce IAM capabilities to also offer the industry’s
most comprehensive B2B CIAM support. Surpassing the limited organization
management of other IAM products, WSO2 Identity Server provides the flexibility
to:

  • Easily onboard the organization’s enterprise customers and their consumers to their apps/platform, including optionally leveraging their own identity provider (IdP).
  • Delegate administration to enterprise customers, empowering them to design and manage their own environments.
  • Flexibly manage complex, multi-level organization hierarchies, and choose how and where user accounts are stored and managed.
  • Support enterprise customers’ entire B2B app portfolio, ensuring apps operate consistently and managing who can access them via app subscriptions.

Financial-Grade API Security

WSO2
Identity Server 7.0 also delivers financial-grade API security through new and
enhanced features.

  • Compliance with FAPI 1.0 Baseline and Advanced profiles facilitates the enforcement of FAPI with client registration, user authorization flows, and token issuance flows for third-party clients.
  • Extended OAuth 2.0 Support includes both OAuth 2.0 pushed authorization requests and JWT Secured Authorization Response Mode (JARM) for OAuth 2.0, which covers how responses are signed and encrypted to ensure message integrity.
  • Enhanced Role-Based Access Control (RBAC) for API Authorization provides the ability to integrate API resource definitions, effectively connecting identity management and API access. Developers also can easily set-up and manage API subscriptions, define and attach roles to APIs, and grant API permissions to roles.
  • FIPS 140-2 Certification validates WSO2 Identity Server’s compliance with the Federal Information Processing Standard (FIPS) 140-2 covering the secure design and implementation of a cryptographic module.  

Unified IAM Experience

With
Version 7.0, WSO2 Identity Server now shares the same code base and UI with
WSO2 Private Identity Cloud and Asgardeo IDaaS. So, WSO2 customers have
unprecedented flexibility to seamlessly migrate between cloud and on-premises
deployments as needed-and even maintain hybrid environments-all while
delivering a consistent, best-in-class user experience (UX) for developers,
consumers, and other users. 

The
shared code means all the developer productivity, financial-grade API security,
and B2B CIAM features introduced with WSO2 Identity Server 7.0 are also
available in WSO2’s IAM cloud offerings. Additionally, all three WSO2 IAM
solutions now feature unified software developer kits (SDKs), boilerplate
samples, and documents. 

Availability

The new capabilities and unified IAM experience are now available with
WSO2 Identity Server 7.0 and the latest releases of Asgardeo and WSO2 Private
Identity Cloud. Developers and other technology professionals can download WSO2 Identity Version 7.0, try Asgardeo for free