WSO2 Identity Server
WSO2Reviews from AWS customer
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
95 reviews
from
External reviews are not included in the AWS star rating for the product.
Flexible, Open-Source IAM with Strong Extensibility – But Requires Deep Expertise
What do you like best about the product?
WSO2 Identity Server stands out for its open-source nature, modularity, and extensibility. I especially appreciate its support for industry standards like SAML 2.0, OAuth2, OIDC, and SCIM, making it highly interoperable with modern applications. The multi-tenancy capabilities are solid, and the adaptive authentication scripting using JavaScript gives me full control to implement complex login flows, such as step-up authentication or conditional MFA.
The integration with WSO2 API Manager and Micro Integrator also enables a seamless digital identity and API security strategy, which is crucial for our enterprise clients pursuing digital transformation. The product is well-documented, and the community around WSO2, including Slack and GitHub, is active and helpful.
The integration with WSO2 API Manager and Micro Integrator also enables a seamless digital identity and API security strategy, which is crucial for our enterprise clients pursuing digital transformation. The product is well-documented, and the community around WSO2, including Slack and GitHub, is active and helpful.
What do you dislike about the product?
The learning curve is steep, especially for teams unfamiliar with WSO2’s architecture. While flexibility is a plus, it often requires significant customization, and misconfiguration can lead to security gaps. The UI/UX for the admin console feels outdated compared to modern IAM platforms like ForgeRock or Okta.
What problems is the product solving and how is that benefiting you?
WSO2 Identity Server has helped us secure user identities across microservices, enable SSO for internal apps, and implement fine-grained access control for APIs and external integrations. For clients in regulated industries (finance, healthcare), it helps us meet compliance standards like GDPR and PSD2 while maintaining full control of identity flows on-prem or in private cloud deployments.
Identity access
What do you like best about the product?
intergration and product feature and roadmap
What do you dislike about the product?
Legacy authantication methads are not supporting
What problems is the product solving and how is that benefiting you?
Singal point of control
Reliable, Flexible, and Secure Identity Management Solution
What do you like best about the product?
The most helpful aspect of WSO2 Identity Server is its powerful support for industry-standard protocols (such as SAML, OAuth2, and OpenID Connect), making it easy to integrate with a wide range of applications and services
What do you dislike about the product?
One of the main downsides of WSO2 Identity Server is that the initial setup and configuration can be quite complex, especially for new users
What problems is the product solving and how is that benefiting you?
WSO2 Identity Server is helping us solve complex identity and access management (IAM) challenges across our organization. It provides a secure, centralized platform for single sign-on (SSO), multi-factor authentication (MFA), and user provisioning, which helps us improve user experience and enhance security.
Amazing
What do you like best about the product?
What I like most about WSO2 Identity Server is its flexibility, standards compliance, and enterprise-grade security features. It’s one of the few open-source identity and access management solutions that offers such a comprehensive and customizable platform
What do you dislike about the product?
While WSO2 Identity Server is a powerful and feature-rich platform, there are a few areas where it can be challenging:
1. Steep Learning Curve
2. Documentation Gaps
3. UI/UX of Admin Console
4. Performance Tuning Needed for Scale
Out of the box
1. Steep Learning Curve
2. Documentation Gaps
3. UI/UX of Admin Console
4. Performance Tuning Needed for Scale
Out of the box
What problems is the product solving and how is that benefiting you?
WSO2 Identity Server addresses several critical identity and access management (IAM) challenges that are essential in today’s digital and security-conscious environments. The problems it solves — and the benefits that result — are significant for any organization, especially those with complex infrastructure or compliance requirements.
1. Centralized Identity Management
Problem: Managing user identities, roles, and permissions across dozens (or hundreds) of applications is inefficient, inconsistent, and error-prone.
Solution: WSO2 Identity Server provides centralized identity provisioning, user management, and role-based access control, enabling a single point of control.
Benefit: This reduces administrative overhead, improves security, and ensures consistency in identity governance across systems.
2. Secure Single Sign-On (SSO) Across Applications
Problem: Users need to log in separately to multiple systems, which is inconvenient and insecure.
Solution: WSO2 enables SSO using open standards like SAML, OAuth2, and OpenID Connect.
Benefit: Users log in once to access multiple apps, which improves user experience and reduces password fatigue — a major security risk.
1. Centralized Identity Management
Problem: Managing user identities, roles, and permissions across dozens (or hundreds) of applications is inefficient, inconsistent, and error-prone.
Solution: WSO2 Identity Server provides centralized identity provisioning, user management, and role-based access control, enabling a single point of control.
Benefit: This reduces administrative overhead, improves security, and ensures consistency in identity governance across systems.
2. Secure Single Sign-On (SSO) Across Applications
Problem: Users need to log in separately to multiple systems, which is inconvenient and insecure.
Solution: WSO2 enables SSO using open standards like SAML, OAuth2, and OpenID Connect.
Benefit: Users log in once to access multiple apps, which improves user experience and reduces password fatigue — a major security risk.
Recommended identity provider
What do you like best about the product?
User provisioning, OpenID connect, Scim2 APIs, workflows
What do you dislike about the product?
Difficulty with integrating a third party application. Often malfunctioned although configured correctly
What problems is the product solving and how is that benefiting you?
It provides a ready made solution for IAM
Beginer with Identity Server but strong understanding
What do you like best about the product?
We have been using WSO2 Identity Server for approximately 18 months, on version 6.1.0.
We are currently prototyping version 7.1.0 and are considering the migration in the short to medium term.
Personally, I use Asgardeo, which is the cloud version of WSO2 IS 7.1.0.
I appreciate the userstore management as well as the claims management in the current version.
It is relatively easy to implement for basic use cases, but can become more complex when specific and particular cases arise.
I appreciate the diversity of the product's standard connectors.
We use it across various applications, through public web portals with identity federation, coupled with our WSO2 API Manager.
We also use it for internal functionalities with SSO and SAML connections.
We are eager to migrate to version 7.1.0 to benefit from the new features such as the redesigned administration portals and the ability to further customize authentication and enrollment flows.
We are currently prototyping version 7.1.0 and are considering the migration in the short to medium term.
Personally, I use Asgardeo, which is the cloud version of WSO2 IS 7.1.0.
I appreciate the userstore management as well as the claims management in the current version.
It is relatively easy to implement for basic use cases, but can become more complex when specific and particular cases arise.
I appreciate the diversity of the product's standard connectors.
We use it across various applications, through public web portals with identity federation, coupled with our WSO2 API Manager.
We also use it for internal functionalities with SSO and SAML connections.
We are eager to migrate to version 7.1.0 to benefit from the new features such as the redesigned administration portals and the ability to further customize authentication and enrollment flows.
What do you dislike about the product?
On the contrary to the positive points, it is often difficult to administer and challenging to provide business KPIs from the logs.
It is complex to integrate third-party solutions such as Mainframe systems.
I don't blame the product itself, as we are not on its latest version. I hope that using the latest version will improve our perspective on the product.
It is complex to integrate third-party solutions such as Mainframe systems.
I don't blame the product itself, as we are not on its latest version. I hope that using the latest version will improve our perspective on the product.
What problems is the product solving and how is that benefiting you?
WSO2 IS helps us to unify et centralized the authentication flow of our different websites and applications.
Bridging RFC Precision with Real-World Flexibility in WSO2 IS
What do you like best about the product?
WSO2 Identity Server stands out for its clean, intuitive interface that closely mirrors the concepts defined in the relevant RFCs. This alignment between theory and implementation makes it an excellent platform not only for deploying but also for learning and understanding modern identity protocols. The system's support for a wide range of SSO protocols is impressively comprehensive — whether you're working with OAuth2, OpenID Connect, SAML, or even more advanced flows, everything is available and well-documented.
Another key strength is the flexibility of the platform. When our use cases required going beyond standard SSO behavior, the WSO2 support team was highly responsive and knowledgeable, providing guidance that allowed us to meet our functional requirements without compromising on security or standards compliance.
Another key strength is the flexibility of the platform. When our use cases required going beyond standard SSO behavior, the WSO2 support team was highly responsive and knowledgeable, providing guidance that allowed us to meet our functional requirements without compromising on security or standards compliance.
What do you dislike about the product?
In version 7.x, the platform introduces a set of default templates aimed at simplifying administration for common scenarios. While this is a great feature for newcomers, I found that an "expert mode" was missing — one that would allow advanced users to bypass the template system entirely for more fine-grained control. The current setup requires working around these simplifications, which can be limiting for teams with deeper technical expertise who need full configurability.
That said, this topic is already under consideration for future releases, as WSO2 has shown strong responsiveness to customer feedback and actively engages with its user community to improve the product.
That said, this topic is already under consideration for future releases, as WSO2 has shown strong responsiveness to customer feedback and actively engages with its user community to improve the product.
What problems is the product solving and how is that benefiting you?
WSO2 Identity Server addresses the challenge of centralized authentication across our core banking applications. It allows us to manage IAM entities in a unified and consistent way, reducing complexity and operational overhead. By centralizing authentication and access control, we are able to offer a seamless user experience while maintaining a high level of security, which is critical in the banking sector.
Flexible, Open-Source IAM That Grows With Your Business - WSO2 Identity Server
What do you like best about the product?
WSO2 Identity Server stands out for its flexibility and open-source transparency. It's one of the few IAM solutions that give you full control over customization from fine-grained access policies to federated authentication workflows. The support for OAuth2, SAML, OpenID Connect, and SCIM is robust and well-documented, and the ability to extend the platform via custom handlers or scripts is a big win for developers.
Another major plus is the multi-tenancy feature, which is ideal for large organizations or service providers managing identity across business units or clients.
Another major plus is the multi-tenancy feature, which is ideal for large organizations or service providers managing identity across business units or clients.
What do you dislike about the product?
The learning curve can be steep. While the documentation is detailed, it’s not always beginner-friendly. Getting up and running can require significant engineering effort, especially if you’re not familiar with IAM concepts. Also, the UI feels a bit dated and could benefit from a more modern and intuitive design, especially for non-technical users managing configurations.
What problems is the product solving and how is that benefiting you?
1. WSO2 allows us to integrate with multiple identity providers (Google, Azure AD, etc.) using standard protocols like SAML, OIDC, and OAuth2, enabling Single Sign-On (SSO) across our internal and external applications.
2.The fine-grained authorization capabilities let us define complex access policies using XACML and adaptive authentication scripts, which is critical for role-based and risk-based access scenarios.
3. We’ve leveraged it to secure our APIs with OAuth2 and JWT, and seamlessly federate identities across microservices and SaaS platforms, which simplified development and boosted customer experience.
4. Cost savings from not relying on expensive commercial IAM suites.
5. Improved user experience with unified login and adaptive authentication.
6. Greater developer flexibility due to open-source nature and extensibility.
Overall, In My experience WSO2 Identity Server is helping us create a secure, seamless, and scalable digital identity layer for both internal users and customers.
2.The fine-grained authorization capabilities let us define complex access policies using XACML and adaptive authentication scripts, which is critical for role-based and risk-based access scenarios.
3. We’ve leveraged it to secure our APIs with OAuth2 and JWT, and seamlessly federate identities across microservices and SaaS platforms, which simplified development and boosted customer experience.
4. Cost savings from not relying on expensive commercial IAM suites.
5. Improved user experience with unified login and adaptive authentication.
6. Greater developer flexibility due to open-source nature and extensibility.
Overall, In My experience WSO2 Identity Server is helping us create a secure, seamless, and scalable digital identity layer for both internal users and customers.
Amazing Identity Server and access management
What do you like best about the product?
It has various useful features such as passwordless login, social login, Delegated administration and so on
What do you dislike about the product?
I haven't find any such dislike about WSO2 identity server
What problems is the product solving and how is that benefiting you?
Identity and Access management and Single sign on
A nice looking well designed auth system out of the box
What do you like best about the product?
With Wso2 Identity server you don't have to waste time building a nice-looking authentication system for your users. It comes with many features out of the box required to build authentication
What do you dislike about the product?
Using identity server in a kubernetes environment requires some advanced technical knowledge
What problems is the product solving and how is that benefiting you?
We deploy identity server to our clients which they use to authenticate their users
showing 1 - 10