WSO2 Identity Server Road Map

An Open Source Identity and Entitlement Management Server

Q2 2014 : WSO2 IS 5.0.0

Focus Area

Seamless Identity Federation + Enterprise

Identity Bus

New Features

• Token Transformation and Mediation

WSO2 Identity Server 5.0.0 is capable of transforming and mediating any identity token - between SAML 2.0, OAuth 1.0/2.0, OpenID, OpenID Connect, IWA (Integrated Windows Authentication), OTP based on XMPP & Email and WS-Federation(Passive). This leads to seamless integration between internal applications and cloud applications such as Salesforce, Google Apps and Office 365

Q2 2014

New Features

• Token Transformation and Mediation

Q2 2014

New Features

• Multi-option & multi-step authentication

With WSO2 Identity Server 5.0.0, a given service provider (irrespective of the protocol it supports) can select the login options it wants to present to it users. It can be multi-option as well and multi-step. With multi-option - the user will be presented with a login screen to pick whatever the authentication mechanism it wants (e.g.: Username/password, Facebook, SAML, OpenID Connect). With multi-step - you can enforce multi-factor authentication by picking right authenticators at the right step.

Q2 2014

New Features

• Request Path Authenticators.Enables federated login with credentials attached to the request itself.

• Ability to plugin custom developed authenticators

The WSO2 Identity Server 5.0.0 runtime is capable of working with custom developed authenticators.

Q2 2014

New Features

• Provisioning Bridge & Just-in-time provisioning

WSO2 Identity Server 5.0.0 is capable of transforming inbound provisioning requests based on SOAP and SCIM to SCIM, SPML 2.0, Salesforce, Google Apps, LDAP, Active Directory, JDBC - provisioningAPIs.

Just-in-time provisioning is integrated with Identity Federation. Login from a Federated Identity provider - WSO2 Identity Server is capable of provisioning the corresponding subject to its internal userstore and any other provisioning system.

Q2 2014

New Features

• Provisioning Bridge & Just-in-time provisioning

Q2 2014

New Features

• Rule based provisioning

This is an integrated use case with WSO2 ESB. From WSO2 Identity Server, it can provision users to the WSO2 ESB. Using the ESB configuration language (Synapse) you can define rules for outbound provisioning based on the message content on any other parameter.

• Ability to plug-in custom developed provisioning connectors

The WSO2 Identity Server 5.0.0 runtime is capable of working with custom developed provisioning connectors.

Q2 2014

New Features

• User dashboard

Q2 2014

New Features

• Remote User-store Management

Manage heterogeneous user stores distributed across different data centers from a single Identity Server node.

• Custom Permissions

Each external application can define its own set of custom permissions and use it for authorization.

Q2 2014

Summary of Features

User stores with LDAP/AD/JDBC

Multiple user stores

OpenID

OpenID Connect

SAML2

Kerberos

Integrated Windows Authentication

XACML 2.0/3.0

OAuth 1.0a/2.0

SAML grant type for OAuth 2.0

Security Token Service with WS-Trust

SCIM 1.1

WS-XACML

WS-Fed Passive

Q1 2015 : WSO2 IS 5.2.0

Work-flow Integration

Q1 2015 : WSO2 IS 5.2.0

Account Mapping

Q1 2015 : WSO2 IS 5.2.0

Certificate Authority (CA) / SCEP

Q1 2015 : WSO2 IS 5.2.0

Mobile + OpenID Connect

Q3 2015 : WSO2 IS 5.3.0

Built-in Analytics + Reporting

Q3 2015 : WSO2 IS 5.3.0

SAML 2.0 Metadata Profile

Q3 2015 : WSO2 IS 5.3.0

Aggregated Claims + Virtual User Store

Q3 2015 : WSO2 IS 5.3.0

Attestation

Q3 2015 : WSO2 IS 5.3.0

Access Delegation

Q3 2015 : WSO2 IS 5.3.0

Login with multiple user attributes

Q1 2016 : WSO2 IS 5.4.0

OAuth 2.0 Profiles : Introspection / Dynamic

Client Registration

Q1 2016 : WSO2 IS 5.4.0

XACML REST Profile

Q1 2016 : WSO2 IS 5.4.0

SCIM 2.0

Q1 2016 : WSO2 IS 5.4.0

Tooling support for connector/extension

development

Authenticators / Provisioning Connectors

• FIDO support• Duo-Security• Google OTP• LinkedIn• Twitter• Biometric authentication with Daon • Duo-Security provisioning connector

Mobile IdP Proxy

Fraud Detection

App Manager

*

IdP (WSO2 Identity

Server)

(WSO2 Business Activity Monitor)

API Manager Revamped Architecture

Contact us !