authenticator and provisioning connector in wso2 is
TRANSCRIPT
Authenticator and Provisioning Connectors in WSO2 IS
Rajjaz Mohammed, WSO2Email: [email protected]
Kathees Rajendram, WSO2Email: [email protected]
o Introduction
o Product Overview
o Authentication
o OAuth2/OpenID connect Authentication
o Multi Factor Authentication
o User Provisioning & Management
o Demo
o Bring Your Own Identity
o Identity is maintained in one domain, accessed in other domains
o Social network identities (Facebook, LinkedIN, Google)
o Open APIs
o Multi Factor Authentication support
o Bring Your Own Device
o 5th Generation Product
o Current version 5.1.0
o Why did we build it?
o Federated identity and entitlement is a key part of any distributed architecture
o SSO is important but need to federate and bridge across SSOs
o Based on WSO2 Carbon platform, which provides support for multi-tenancy, logging, clustering, and other common services
o Scenario-driven configuration
o Large number of scenarios supported out of the box,through simple configuration
o Single Sign On
o Federated Identity
o User Provisioning and Management
o Extensible & Customizable - Custom Authenticators
o Extensible user stores integration
o Security for APIs and Web Services
o Web Single Sign On for heterogeneous systems
o Highly configurable and extensible authentication flows
o Federation and Social integration
o Local Authenticators
o Basic Authenticator - Username, password
o IWA and X509 Authenticator – Zero password login
o FIDO (Fast Identity Online) - Multi Factor authentication
o Federated
o OAuth2/OpenID Connect Authenticator - LinkedIn, Facebook and Twitter
o Two factor Authenticator- Mepin, Clef, Tiqr, SMS and Email OTP
o SAML 2.0 Web SSO Authenticator
o WS-Federation (Passive) Authenticator
o Multi-Step : Add any number of authentication steps
o Multi-Option : Add any number of authenticators for a step
o Just In Time Provisioning
o Highly extensible User Provisioning Framework
o Users and groups management
o Accounts and Policies Management
o Self Service Dashboard
o Logging and Monitoring
o Custom user management workflows – user specificapprovals, multi-step approvals, approvals requiring multiple roles
o Federated Identities can be provisioned into the WSO2Identity Server while federating
o Users can be provisioned to any primary or secondaryuser store
o JIT provisioned users can be provisioned to any othersystems instantly