WSO 2 Identity Server Road Map An Open

Q 2 2014 : WSO 2 IS 5. 0. 0 Focus Area Seamless Identity

Q 2 2014 New Features • Token Transformation and Mediation WSO 2 Identity Server

Q 2 2014 New Features • Token Transformation and Mediation

Q 2 2014 New Features • Multi-option & multi-step authentication With WSO 2 Identity

Q 2 2014 New Features • Request Path Authenticators. Enables federated login with credentials

Q 2 2014 New Features • Provisioning Bridge & Just-in-time provisioning WSO 2 Identity

Q 2 2014 New Features • Provisioning Bridge & Just-in-time provisioning

Q 2 2014 New Features • Rule based provisioning This is an integrated use

Q 2 2014 New Features • Remote User-store Management Manage heterogeneous user stores distributed

Summary of Features § User stores with LDAP/AD/JDBC § Multiple user stores § Open.

Q 1 2015 : WSO 2 IS 5. 2. 0 Work-flow Integration

Q 1 2015 : WSO 2 IS 5. 2. 0 Account Mapping

Q 1 2015 : WSO 2 IS 5. 2. 0 Certificate Authority (CA) /

Q 1 2015 : WSO 2 IS 5. 2. 0 Mobile + Open. ID

Q 3 2015 : WSO 2 IS 5. 3. 0 Built-in Analytics + Reporting

Q 3 2015 : WSO 2 IS 5. 3. 0 SAML 2. 0 Metadata

Q 3 2015 : WSO 2 IS 5. 3. 0 Aggregated Claims + Virtual

Q 3 2015 : WSO 2 IS 5. 3. 0 Access Delegation

Q 3 2015 : WSO 2 IS 5. 3. 0 Login with multiple user

Q 1 2016 : WSO 2 IS 5. 4. 0 OAuth 2. 0 Profiles

Q 1 2016 : WSO 2 IS 5. 4. 0 Tooling support for connector/extension

Authenticators / Provisioning Connectors • • FIDO support Duo-Security Google OTP Linked. In Twitter

App Manager Id. P (WSO 2 Identity Server) * (WSO 2 Business Activity Monitor)

Slides: 32

Download presentation

WSO 2 Identity Server Road Map An Open Source Identity and Entitlement Management Server

Q 2 2014 : WSO 2 IS 5. 0. 0 Focus Area Seamless Identity Federation + Enterprise Identity Bus

Q 2 2014 New Features • Token Transformation and Mediation WSO 2 Identity Server 5. 0. 0 is capable of transforming and mediating any identity token - between SAML 2. 0, OAuth 1. 0/2. 0, Open. ID Connect, IWA (Integrated Windows Authentication), OTP based on XMPP & Email and WS-Federation(Passive). This leads to seamless integration between internal applications and cloud applications such as Salesforce, Google Apps and Office 365

Q 2 2014 New Features • Token Transformation and Mediation

Q 2 2014 New Features • Multi-option & multi-step authentication With WSO 2 Identity Server 5. 0. 0, a given service provider (irrespective of the protocol it supports) can select the login options it wants to present to it users. It can be multi-option as well and multi-step. With multi-option the user will be presented with a login screen to pick whatever the authentication mechanism it wants (e. g. : Username/password, Facebook, SAML, Open. ID Connect). With multi-step - you can enforce multi-factor authentication by picking right authenticators at the right step.

Q 2 2014 New Features • Request Path Authenticators. Enables federated login with credentials attached to the request itself. • Ability to plugin custom developed authenticators The WSO 2 Identity Server 5. 0. 0 runtime is capable of working with custom developed authenticators.

Q 2 2014 New Features • Provisioning Bridge & Just-in-time provisioning WSO 2 Identity Server 5. 0. 0 is capable of transforming inbound provisioning requests based on SOAP and SCIM to SCIM, SPML 2. 0, Salesforce, Google Apps, LDAP, Active Directory, JDBC - provisioning APIs. Just-in-time provisioning is integrated with Identity Federation. Login from a Federated Identity provider - WSO 2 Identity Server is capable of provisioning the corresponding subject to its internal user store and any other provisioning system.

Q 2 2014 New Features • Provisioning Bridge & Just-in-time provisioning

Q 2 2014 New Features • Rule based provisioning This is an integrated use case with WSO 2 ESB. From WSO 2 Identity Server, it can provision users to the WSO 2 ESB. Using the ESB configuration language (Synapse) you can define rules for outbound provisioning based on the message content on any other parameter. • Ability to plug-in custom developed provisioning connectors The WSO 2 Identity Server 5. 0. 0 runtime is capable of working with custom developed provisioning connectors.

Q 2 2014 New Features • User dashboard

Q 2 2014 New Features • Remote User-store Management Manage heterogeneous user stores distributed across different data centers from a single Identity Server node. • Custom Permissions Each external application can define its own set of custom permissions and use it for authorization.

Summary of Features § User stores with LDAP/AD/JDBC § Multiple user stores § Open. ID Connect § SAML 2 § Kerberos § Integrated Windows Authentication § XACML 2. 0/3. 0 § OAuth 1. 0 a/2. 0 § SAML grant type for OAuth 2. 0 § Security Token Service with WS-Trust § SCIM 1. 1 § WS-XACML § WS-Fed Passive

Q 1 2015 : WSO 2 IS 5. 2. 0 Work-flow Integration

Q 1 2015 : WSO 2 IS 5. 2. 0 Account Mapping

Q 1 2015 : WSO 2 IS 5. 2. 0 Certificate Authority (CA) / SCEP

Q 1 2015 : WSO 2 IS 5. 2. 0 Mobile + Open. ID Connect

Q 3 2015 : WSO 2 IS 5. 3. 0 Built-in Analytics + Reporting

Q 3 2015 : WSO 2 IS 5. 3. 0 SAML 2. 0 Metadata Profile

Q 3 2015 : WSO 2 IS 5. 3. 0 Aggregated Claims + Virtual User Store

Q 3 2015 : WSO 2 IS 5. 3. 0 Attestation

Q 3 2015 : WSO 2 IS 5. 3. 0 Access Delegation

Q 3 2015 : WSO 2 IS 5. 3. 0 Login with multiple user attributes

Q 1 2016 : WSO 2 IS 5. 4. 0 OAuth 2. 0 Profiles : Introspection / Dynamic Client Registration

Q 1 2016 : WSO 2 IS 5. 4. 0 XACML REST Profile

Q 1 2016 : WSO 2 IS 5. 4. 0 SCIM 2. 0

Q 1 2016 : WSO 2 IS 5. 4. 0 Tooling support for connector/extension development

Authenticators / Provisioning Connectors • • FIDO support Duo-Security Google OTP Linked. In Twitter Biometric authentication with Daon Duo-Security provisioning connector

Mobile Id. P Proxy

Fraud Detection

App Manager Id. P (WSO 2 Identity Server) * (WSO 2 Business Activity Monitor)

API Manager Revamped Architecture