The WSO2 Identity Server is the ultimate solution for Identity and Authentication solutions for any kind of systems. But we need to know the conceptual knowledge in order to use it properly.

The best ever server which I used in my organization for identity solutions. It provides multiple identity solutions such as OAuth, OpenID, SSO, Provisioning, JIT, Multi-Factor Authentication, Fine-grained access control, SOAP and many more. The most likely feature is that you don't need to do any implementations as it has whatever you need for identity or authentication systems. You can integrate your authentication system with WSO2 identity server by doing some configurations in the GUI itself. For example, if you want OAuth to be implemented for your organization, just provide your callback URL, application name and that's it! It is that simple. It makes developers' life easier.

The major problem I am always having with WSO2 identity software is that they release latest versions of identity server and the java version differs for almost all the versions and hence it hard to find which version is it requiring. Therefore it is a bit hard to make the identity server runs for the first time. Further, to enable some specific feature, we should edit the configuration files in the installation folder of identity server.

I train people in WSO2 Identity Server for all kinds of purposes, from being a IdP (Identity Provider) itself to all kinds of other scenarios including SAML SSO, OpenID Connect and all kinds of Federated Authentication scenerios.

The WSO2 software is based on a common code base called Carbon and is open source so can be inspected, downloaded and changed / extended when needed. There are extention points that will allow skilled Java developers to create custom pieces of code to suit specific needs without changing the source code of the product, simply adding to the software. A number of extentions are in the store.wso2.com like federated authenticators, provisioning connectors and so on that will allow you the extend the product (e.g. bitly for federated authentication) but you can write and add your own. There is support for FIDO (U2F) but also adaptive authentication where script based rules will determine if a added layer of security is needed. There ate new additions in each version like UMA (User Managed Access) that was introduced recently. All in all, a full fledged product with lots of functionality and extensibility. Works with other WSO2 Products as well.

The product is a complex product for people to understand. As a WSO2 trainer i know that this is the most difficult product to master. The current version (on Carbon 4.x.x) has a large number of config files that govern the product and allow you to tailor the product to your configuration. However, due to this and the fact that you want / need to keep up with security updates and quarterly releases (not to mention product support where you can create new updates using WSO2 Update Manager) you need to invest time in creating Ansible scripts to automate the deployment part (i.e. configuring new releases to match current settings). As with ANY software product, having great documentation is key to getting the most out of the product in a reasonable amount of time. This is of course part of WSO2's task but everyone can help to improve it.

We have overall good experience but it has a huge learning curve. This impacts our time to market very greatly. The solutions are there to be built upon, but the approach to solution is quite tricky and sometimes really confusing. The security aspects require a more fine-tuning than what is currently offered. A better documentation would definitely benefit the WSO2 product line as a whole and not just this product.

Open Source Customizable Enhancable Scalable

Security Documentation Samples and Examples Community Support

On Whirlpool we use some basic functions on Identity Server. It's used on API Cloud, but ,in my opinion, it could become an integrated package that automatically comes on API Cloud. For example, now we can't identify which application is calling our APIs and the calls by usage path. We just can do it using WSO2 EI and integrating it on Grafana. If we had everything on the same page, it ould be much better for us. As the admin on Whirlpool API Cloud, I think Identity server in general is a good tool to be used to guarantee the security of our APIs. We don't use all functions of it, but by seeing many use cases on WSO2 webinars and it benefits, I think we can move all our security to Identity Server and start using SSO.

It's a an open-source tool that has a big community working and discussing about it. WSO2 provides frequently maintenances and updates on it. It removes the need on external tools to keep our environment safe and also provides a better access on APIs that call Whirlpool SAP. It can be used on-premise or on cloud.

Developing and integrating on WSO2 IS needs some technical knowledge and it's not much easy to do without a base. Also it could have a geo-location identifier that automatically guides users to WSO2 servers based on their location. Also it could came integrated with WSO2 API Cloud.

It allows solving the issue of user provisioning, improving access times for a new employee, unique SSO authentication, robust double authentication factor

The product opensource, adapts easily to changes, always incorporates new features, very easy to manage, there is a connector for many applications. the self-service portal is a great help, and adaptive authentication allows you to configure your accesses in a granular way. The support team is excellent

The module of reports is very light, the configuration of the authorization requires expertise, for small installations, the subscription model by processor is a bit expensive

We deployed it in docker container in Kubernetes cluster. Its pretty simple to install with default configuration. Anything we touch to customize, specially in a distributed setup, it requires basic networking and sometimes advanced knowledge to involve networking engineers to get all the modules communicate each other.

It is packed with enterprise functionality for IdP. It supports several protocols out of the box. It comes with full source to customize to anybody's needs.

Just like any other open source stack, its a bit tricky to install and configure for medium to large implementations. Documentation is sufficient to get up and running but soon its not enough to customize to enterprise needs.

it's been a great experience to setup and work identity server. We´ve been able to integrate third party software that required authentication in a single identity hub.

Use of standard technologies makes integration with third party software multiple-step authentication along Federation Authentication is awesome OAuth and SAML are very easy to configure. User provisioning features are very useful

XACML integration with API Manager requieres using of a sequence in API Manager. Could be improved as in a WSO2IS-KM installation APIS are already registered as service provider in IdentityServer. So XACML might be inegrated more seamlessly.

I could implement SSO, OAUTH protected REST APIs, RBAC, ABAC, Federated SSO, User Store consolidation, among others

It allows to implement SSO using Industry standards like SAML, OpenID connect among others; Also it is perfect to protect your web assets using OAUTH2 and role/attributes based access control; It has capalities to federate authentication using virtually any identity providers out there like facebook, google, linkedin, salesforce and more; furthermore you can use your existing user stores to authenticate your users be LDAP, Active Directory or any JDBC compliant database; not to forget so many extension points it has, so if you can do Java code you can do almost everything with the product.

Documentation is still evolving, then sometimes is a little bit tricky to implement some sort of solutions.

Open source provides the usual benefits, the systems scales well and supports our SSO needs for 10,000 plus users

There is a danger that you can over-customize the toolset and a note that upgrades have to be applied in succession you cannot jump to the latest version.

Centralized Single sign on for a wide range of supported applications.

It provides a good package of utilities and functionality. It also gives flexibility with the support formats.

Setup can be cumbersome. The Documentation assumes that the reader had a working knowledge of protocols and understanding of how authentication works for each protocol. There are not too many tools that assist in narrowing down issue when troubleshooting.

For our needs, WSO2 was the perfect and only solution. We needed to have authentication(SAML) and authorization (OpenID Connect) in one platform and comercial solutions was expensive and lacked features. With WSO2 we managed to integrate with our authentication system and have new features, OAuth2 and OIDC without downtime or have to change existing applications. Multi factor authentication was very simple to deploy. In the past we struggled to implement MFA but with WSO2 it was made with a couple of hours. The main problem is lack of documentation for more advanced scenarios. If you want to have mode complex settings, you have to pay support, that is very very expensive or you are on your own. Support groups only help with typical problems. Overall, a great product!

It's almost free. It integrates with most common methods of authentication and authorization, we have access to source code. It does almost everything we need.

Integration with other products, in our case Shibboleth is very difficult and documentation that exist doesn't explain the all procedure. If you don't buy support, you have to work hard to configure everything.

We have implemented this server also at one of our client project and it is been used for last 1 year and there are no issues faced And it was also easy to configure and manage it

It is very user-friendly and provides all options to configure and manage users in the system. It also has a feature of SSO using Industry standards like SAML .Most of the features are already available so dont have to write custom methods

Improvements on the documentation can be made as it is not easy to read and implement changes

Used WSO2 for Identity Server for API authentication. Worked flawless in generating token and session management. Never seen software failing in production.

1. Ease of Integration. 2. Time to provision is fast. 3. Easy to import APIs using swagger doc. 4. REST API available for forget password and other functionality.

1. Most of the User Management API are SOAP. 2. Spelling issues in logs generated by the software. 3. Failure issues not exposed in logs , eg. tried to use SMTP to send email but was failing with just a single error line. Better if exact error is highlighted.

Overall I am pretty much satisfied with this product. We have been using it from 5 years. It is good option for the large enterprises to manage the groups and users.

It is very stable software which is mainly used to maintain the number of user and groups in enterprise level. Also offers the robust security to our solution. we have been using it from almost 5 years in our organization.

I do not have any reasons to mention about the least .

It can handle almost all of the use cases of identity and access management requirement of the IT systems. The comprehensive documentation in https://docs.wso2.com and rich set of blog posts with the out-of-the-box feature made us to select WSO2 Identity server as the identity solution of the integration projects. Among those features, federated Authentication, Multi-option authentication, Multi-factor authentication and SSO are the frequent key features used in our solutions that works successfully.

Up to date security specification implementation Comprehensive documentation about the security concepts and features. Most common use cases are out-of-the-box supported.

Some features which are developed using old versions are not working in the latest versions as it is

I use wso2is with apim to implement my secure web service and now I use it to implement single sign on with my in house application by OpenID connect

- Easy to use with Web GUI - Open source - They have good document and blog to explain concept.

- Not easy to advance configure you must have some skill to manage this issue - Some configure you must to know their concept then you know how to configure it.

Identity federation and SSO with comprehensive support for adaptive and strong authentication.

It is very easy to implement , adapt and debug

Online documents Support needs to improve

Easy to install, it has a lot of standards/default implementations features.

It's very difficult to set some non-default configuration options. Documentation seems good for high level and general view, but fails in granular configurations.

IT was well and good. I was been working as a administrator of this tool. I was

It is a very developer friendly software to use.

it has limited features added to it. Need to additional features like another software

1. Easy to configure 2. User friendly interface 3. Clear error description in terms of issues

1. In terms of time efficiency, the product can be improved.

When my Team Lead asked me to start working on WSO2, i was like what is this then i started exploring about this and i was amazed with the simplicity and powerfull feature of WSO2. Now i am enjoying with this.

I have installed and used so many application but WSO2 installation process is like built in application. Its easy to use one can start without doing anything. Most interesting feature is customizing different security questions for the app which makes it awesome and secure.

Sorry but UI can be more attaractive and also its little bit complicated to change the code to match with requirement (You can make it easy to customize by giving settings option in the dashboard)

Very good and easy to use.

Great features for IAM, multi trust and social login capabilities.

Some quirks regarding OAuth2 makes it difficult to integrate with some products. Have had some troubles with SAML2 signing as well.

It is a great tool to integrate an IDP to your application. I use this for my day to day projects, where I need to quickly integrate authentication to my platform.

This IDP supports almost every protocol available in the industry. (SAML, OIDC, OAuth etc). Provides multiple authentications via federated IDP which helps us to connect to a service easily via Facebook and Google developer APIs

Setting this up on a Windows machine is not easy. And the errors displayed are not very helpful. The user interface is very classic, where certain errors and validations are not properly handled

Our experience is the best! We have ended our testing farm and are ready to put in production.

Very simple to install and configure. It has lots of features. In less than 1 hour you can have an authetication platform. MFA is simple has 3 clicks to configure.

For more complicated things like clustering, integrating WSO2 authenticators with existing ones there is little or none documentation available. Free support is not enough.

A good software which could be used for security purpose while integrating.

It should be more user friendly and have more features.