This is the third post on the series about Identity Governance and today we’re looking into user account locking. Have a look on my Identity Governance 101: Popular User Stories first, to understand the big picture if you haven’t already done! Let’s dive in… The Concept This is a bit advanced user story that we can see in the Identity ...
In my previous post, Identity Governance 101: Popular User Stories, I talked about the basics of identity governance and most popular governance user stories in the IAM domain. Following the same topic, let’s dive deep into User Self Registration and how you can see it in action with WSO2 Identity Server. The Concept Self registration is the most used method ...
What is Identity Governance In theory, Identity Governance refers to the policy-based centralized orchestration of user identity management and access control. In layman’s terms this refers to managing different aspects of user accounts and how they access the resources offered. It’s believed that the concept of identity governance grew out of the Identity Governance Framework, a now-defunct project by the ...
What is Identity Governance In theory, Identity Governance refers to the policy-based centralized orchestration of user identity management and access control. In layman’s terms this refers to managing different aspects of user accounts and how they access the resources offered. It’s believed that the concept of identity governance grew out of the Identity Governance Framework, a now-defunct project by the ...
Introduction Identity Verification has been a popular concept for over a decade now, and when simply put, it’s about verifying the identity of an online user. In other words, figuring out whether the person submitting the information is actually who they claim to be or not. There are many companies in the world that offer identity verification as a service, ...
Introduction Magento is one of the most popular open-source e-commerce systems in the world. If you run an online store through Magento, you might want to consider enabling single sign-on with WSO2 Identity Server which is a well-recognized identity and access management solution that is used by many fortune 500 companies. Pre-requisites Magento 2+ needs to be installed and configured ...
Introduction “Performance” is something every tech solution talks about, yet most of them have their own versions of the concept in mind. I’ve been involved with measuring the performance of the WSO2 Identity Server for more than a year now, and in this post, I’m trying to express my own understanding of the same. The field of application performance is ...
This is a problem that many has come to when working with SCIM2 APIs. I think the main reason for this requirement to be a “problem” is the added complexity of the SCIM API. The target of this post to be the simplest guide on getting $subject done. Adding SCIM Extension configs. Open the file [IS-HOME]/repository/conf/scim-schema-extension.config Add the following configuration ...
Hi all, This is the second part of my REST API guide where I’ll be focussing on designing a simple API using SwaggerHub, explaining basic functionalities of the SwaggerHub editor and the Open API Specification. My previous article covered the basic concepts of REST APIs. Introduction OpenAPI OpenAPI is a format of writing an API definition to describe the structure ...
What’s up, folks? WSO2 Identity Server team is quite busy these days writing REST APIs for all of its functions and old SOAP APIs. Accordingly, I myself got to write a REST API for an old SOAP service we had, and today I’m going to tell you what I learned in that effort. This article will cover the most common ...
Today I’m going to explain how we can write our own custom authenticator with WSO2 Identity Server. As you may already know, almost all the features of the WSO2 Identity Server can be extended and customized to cater to any business use case you have. And one of such extension point is the AbstractApplicationAuthenticator. Methods of the Extension Point Let’s ...
Hi all, Here I am with another article that can get you a little bit higher on your IAM ladder. In my previous articles, I talked about what OAuth is, it’s grant types and what OpenID Connect is. Today I intend to give you hands-on experience with a real-life OAuth and OIDC implementation that is used by more than 100 ...
What’s up, folks? Today I’m going to talk about the eventing framework of the WSO2 Identity Server. There are numerous operations you can do with the WSO2 Identity Server such as user operations, and the eventing framework is designed to trigger events when each of those operations are executed. We can write Handlers that can be subscribed to these events ...
Hello everyone! In my previous posts, I talked about the basic OAuth concept (IAM for dummies: How does OAuth work) and OAuth Grant types (IAM for dummies: OAuth 2 Grant Types). Today, I’m going to give you an understanding of OpenID Connect. What is OIDC? OpenID Connect or most commonly known as OIDC is an additional identity layer built on ...
I talked about the concept of OAuth in my previous post. Today I’m going to dive a bit too deep and talk about the implementation details provided by the OAuth 2.0 specification. The first specific of OAuth was OAuth 1.0 and after a few years of the use, people identified some problems with it and created OAuth 2.0, the improved ...
What’s up, guys? Today I’m going to talk about OAuth. I’ve been delivering OAuth presentations for a while now and I can’t believe it didn’t cross my mind to write something up on it. So here goes nothing! OAuth is THE industry-standard protocol for authorization. It is used by a majority of software service providers including WSO2 Identity Server, which ...
Introduction When you use WSO2 Identity Server with OAuth functionalities, issued access tokens are likely to be accumulated in the database, due to expiration, inactivation or revocation. In order to address this issue, the server ships with token clean-up methods, that allows you to keep your deployment free from growing token tables and decreasing performance on token flows due to data ...
The world password day was just two days ago (first Thursday of May, which was the 2nd for this year) and I saw a lot of articles and events all around the world. Personally to me, passwords are nothing but problems. Why? Well, you have to think of a lot of things before choosing a password. The first and obvious ...
Hi folks, Today I’m going to talk about Artifact Binding specification of SAML 2.0. Before we being, I’ll give you a brief understanding of SAML. SAML 2.0 stands for Security Assertion Markup Language version 2.0. This is an XML-based protocol which is recognized by the OASIS Standard and it’s widely used in the software industry for enabling cross-domain single sign-on ...
WSO2 Identity Server is capable of exposing REST APIs to manage users in your user stores, via SCIM. SCIM or System for Cross-domain Identity Management is a standard for automating the exchange of user identity information between identity domains, or IT systems. You can read more about SCIM, here. WSO2 Identity Server supports SCIM 1.0 standard from version 5.3.0 and ...
