In industry first Enterprises Identity Bus(EIB), WSO2 Identity Server(WSO2 IS) is the checkpoint for connecting and maintaining multiple entities across the applications and APIs, cloud and mobile bases.
WSO2 Identity Server is an open source project with a lot of improvements on its newer versions. It is an ongoing project and it is currently releasing it’s version 5.1.0 while I’m writing this blog post.
Why we need this WSO2 Identity Server ?
The Question on each post you read why I’m going to read this post? what are the benefits to reading it? , yes! I know the same question arises from your mind. why we need this identity server?. Here is the answer to your question.
Today’s enterprise’s world lot of entities are connected and the massive amount of security and valuable information are shared remotely in the bat of an eyelid.Normally social login or other federated logins are integrated with enterprises applications. They allow the users to access the confidential information through their social network or other federated network credentials. Here is the problem comes through, The enterprise need to validate the individual identity and ensure the security and the ease of access. here the WSO2 IS do a massive job to overcome this issue.
How the WSO2 IS Architecture is?
The WSO2 IS is built on top of WSO2 Carbon The following diagram shows you about the architecture process flow
Service Provider(SP), which is an entity providing web services. It is configured with Identity Providers(Idp). From the above image WSO2 IS is the Idp provider for the service provider. Here, A user of SP is trying to log in with one of the SP application, the request is sent to the Idp’s Inbound authentication component in the above image.You can configure the SP in WSO2 IS following this guide.
Identity Provider, which is responsible for authorization and authentications.
Inbound Authentication Components :
- SAML SSO – Open standard for representing and exchanging user identity & authentication data.
- OAuth/OpenId Connect – which is provide 3 phases of authentication flow
- Requesting for an access token
- Exchanging the access token
- Accessing the resources using the access tokens
- Passive STS
You can configure any of the Inbound Authentication methods once the requirements are met the request forward to Authentication Framework
Authentication Framework, claim management is a key step of IS. It is used to mapping local user claim to SP and vice versa. also, map local claim to Idp claims. How this claim mapping is useful in the authentication context as follow
- Inbound Authentication Component sends the authentication request to the IN channel of the authentication framework.
- Claim mapping is checked and if it is done then the request is sent forward to Local Authenticator or Federated Authenticator.
- Once the authentication framework is complete then the response is sent from the Local Authenticator / Federated Authenticator OUT channel of the authentication framework.
Learn more about go here.
How to run the Identity Server, Just follow these steps :
- Download WSO2 IS from here
- Setting up the JAVA_HOME in your environment variable.
- Run the server by executing this command in
- Once the server start is completed. Then open your favourite browser and go the URL
- Then you will see the management console UI. go ahead with
username : admin
Thank you for your reading. Stay tune for more about …..