WSO2 Identity Server Features

As reported in 51 WSO2 Identity Server reviews. Process of providing credentials and logging into multiple systems is easy and intuitive for users

As reported in 49 WSO2 Identity Server reviews. Supports required 3rd party Authentication Technologies. Example systems: bioMetric, passwords, key cards, token based systems, etc.

As reported in 48 WSO2 Identity Server reviews. Provides support for Multi-Factor authentication, so users are required to provide multiple factors to authenticate. For example, something they know, Something they have or something they are.

Support SSO via Web agents, proxy agents, agent-less, SAML or oAuth and WS-Federation authentication and authorization Web services depending upon the application and business use case This feature was mentioned in 49 WSO2 Identity Server reviews.

Can serve as the identity provider to external service providers so that when the user logs into a service, instead of providing credentials to the service provider, the service provider trusts the identity provider to validate the credentials. This feature was mentioned in 47 WSO2 Identity Server reviews.

Based on 45 WSO2 Identity Server reviews. Can serve as the Service provider from an external service so that when the user logs in externally they have seamless SSO to internal applications from a service provider.

As reported in 45 WSO2 Identity Server reviews. Controls access to legacy applications, web based applications, network resources and servers while employees are on the companies local area network.

Controls access to legacy applications, web based applications, networks resources while employees are outside the local area network. 42 reviewers of WSO2 Identity Server have provided feedback on this feature.

Controls access to users that are not company employees that are either within the companies local area network or outside the network This feature was mentioned in 37 WSO2 Identity Server reviews.

Enables users to use their own device to access company applications. 34 reviewers of WSO2 Identity Server have provided feedback on this feature.

Installation process is easy and flexible. This feature was mentioned in 51 WSO2 Identity Server reviews.

Options for resetting and enforcing password policies 49 reviewers of WSO2 Identity Server have provided feedback on this feature.

As reported in 51 WSO2 Identity Server reviews. Provides Administration tools/console that are easy to use and learn for routine maintenance tasks

Based on 46 WSO2 Identity Server reviews. Easily provisions new systems, platforms or applications using configuration and not customization.

Based on 47 WSO2 Identity Server reviews. Users can set, change passwords without interaction from IT staff

Based on 22 WSO2 Identity Server reviews. Provides appropriate application interfaces to enable custom integrations for unique business requirements

Keep identity attributes consistent across applications whether the change is made in the provisioning system or the application. 11 reviewers of WSO2 Identity Server have provided feedback on this feature.

Enables administrators to create access policies and applies policy controls throughout request and provisioning processes. 14 reviewers of WSO2 Identity Server have provided feedback on this feature.

Based on 12 WSO2 Identity Server reviews. Provides or integrates with a cloud based directory option that contains all user names and attributes.

Integrates with common applications such as service desk tools.

Supports Endpoint access control to multiple operating systems 43 reviewers of WSO2 Identity Server have provided feedback on this feature.

Allows user authentication to be honored by all the hosts in two or more domains 42 reviewers of WSO2 Identity Server have provided feedback on this feature.

Based on 46 WSO2 Identity Server reviews. Support access to browser based applications across required browser types

Provides required failover mechanisms to ensure if one server, network, etc fails users are still able able to authenticate This feature was mentioned in 42 WSO2 Identity Server reviews.

As reported in 42 WSO2 Identity Server reviews. Contains pre-built and custom reporting tools to required to manage business

Provides mechanism for auditing authentication for trouble shooting purposes. 42 reviewers of WSO2 Identity Server have provided feedback on this feature.

As reported in 38 WSO2 Identity Server reviews. Can call and pass credentials to third party web services.

Users can request access to an application and be automatically provisioned if they meet policy requirements This feature was mentioned in 19 WSO2 Identity Server reviews.

Establish roles that create a set of authentication rights for each user in the role 22 reviewers of WSO2 Identity Server have provided feedback on this feature.

As reported in 20 WSO2 Identity Server reviews. Enables administrators to create access policies and applies policy controls throughout request and provisioning processes

Based on 20 WSO2 Identity Server reviews. Terminate access to multiple applications based on dates

Based on 19 WSO2 Identity Server reviews. Allow business stake-holders/managers to approve or reject requested changes to access via a defined workflow

Based on 19 WSO2 Identity Server reviews. Enables users to reset passwords without administrator interaction. Enforces password policies when resetting.

Based on 21 WSO2 Identity Server reviews. Change users and permissions in bulk

Based on 18 WSO2 Identity Server reviews. Keep identity attributes consistent across applications whether the change is made in the provisioning system or the application

Alerts administrators when inappropriate access occurs This feature was mentioned in 18 WSO2 Identity Server reviews.

Sends a one-time passcode (OTP) via SMS.

Provides a one-time passcode (OTP) via voice-call.

Sends a one-time passcode (OTP) via email.

Supports hardware tokens, which are often USB-sized, fob-like devices that store codes.

Offers software tokens, which are applications installed on a mobile phone, wearable devices, or desktops and generate time-based one-time passcodes (TOTP) that a user can easily copy. Software tokens work both online and offline.

Allows biometric factors such as fingerprints, faceprints, voiceprints, or other biometric information to be used as an authentication factor.

Offers mobile push authentication, which is a user-friendly method that does not require a user to copy a code, but rather accept or deny an authentication using a mobile application. Mobile push authentication only works when a user is connected to the internet.

Analyzes users' IP addresses, devices, behaviors and identities to authenticate a user.

Allows the use of tokens on multiple devices. This feature can also be turned off if the user does not want this.

Offers encrypted backup recovery stored by the vendor.

As reported in 36 WSO2 Identity Server reviews. Enables a seamless customer experience with self-registration and self-service functions, including account creation and preference management.

As reported in 39 WSO2 Identity Server reviews. Verifies user identity with authentication, which may include multiple multi-factor authentication methods.

Scales to support growing a customer base. 37 reviewers of WSO2 Identity Server have provided feedback on this feature.

Captures and manages a customer's consent and preferences to comply with data privacy laws such as GDPR and CCPA. This feature was mentioned in 32 WSO2 Identity Server reviews.

As reported in 31 WSO2 Identity Server reviews. Offers users the option to sign in with social media accounts.

Integrates with directories or other data stores that house customer data to create a complete view of a customer. This feature was mentioned in 32 WSO2 Identity Server reviews.

As reported in 64 WSO2 Identity Server reviews. Simplifies or automates user provisioning, deprovisioning, and other user role changes.

As reported in 63 WSO2 Identity Server reviews. Offers password management tools to end users.

As reported in 62 WSO2 Identity Server reviews. Offers single sign-on functionalities to end users, allowing them to authenticate once and be given access to all of their company accounts.

Enforces user-access policies based on individual, role type, group membership or other factors to prevent unauthorized access to company systems and data. 60 reviewers of WSO2 Identity Server have provided feedback on this feature.

Authenticates users prior to granting access to company systems. This feature was mentioned in 65 WSO2 Identity Server reviews.

As reported in 63 WSO2 Identity Server reviews. Offers multi-factor authentication methods to verify a user's identity.

Provides an IAM solution for on-prem systems. 65 reviewers of WSO2 Identity Server have provided feedback on this feature.

As reported in 46 WSO2 Identity Server reviews. Provides an IAM solution for cloud-based systems.

Tracks user activities across protected systems. 54 reviewers of WSO2 Identity Server have provided feedback on this feature.

Provides reporting functionality. This feature was mentioned in 56 WSO2 Identity Server reviews.

Log and report all modifications to user roles and access rights. 10 reviewers of WSO2 Identity Server have provided feedback on this feature.

As reported in 10 WSO2 Identity Server reviews. Provide standardized reports for regulatory compliance and audits.

Offers an easy to understand user interface to make setup smooth.

Offers a mobile software development kit (SDK) for iOS, Blackberry, and Android.

Offers a software development kit (SDK) for web-based applications.

Based on 10 WSO2 Identity Server reviews. Grant access based on user attributes, location, device posture or risk.

As reported in 10 WSO2 Identity Server reviews. Automate onboarding, offboarding, and access reviews throughout user lifecycles.

Based on 10 WSO2 Identity Server reviews. Enable users to reset passwords and update profiles without admin support.

Identify unusual access patterns using machine learning models.

Dynamically adjust access policies based on risk and AI-generated insights.

Suggest appropriate user roles based on usage patterns and peer behavior.

Possesses AI-driven triggers to determine when to require MFA or stronger authentication rather than always requiring it.

Builds profiles of known devices/environments per user and flags deviations such as new devices, new networks, and/or suspicious locations as higher risk.

Spot fraudulent behavior, such as account takeover attempts, credential stuffing, bots, and brute force attacks through the use of AI.

Uses machine learning to analyze past authentication events and suggest optimizations to security policies (e.g. thresholds, triggers) or to adjust rules over time.

Leverages AI to assign a risk score to a login attempt based on context, device, IP, historical patterns to dynamically decide whether to prompt for MFA, additional challenges, or allow seamless login.

Monitors behavioral signals including typing patterns, mouse movement, and/or touch/swipe dynamics to verify user identity either at login or continuously after login.

Uses computer vision, facial recognition, or other biometrics during onboarding or at risk events, with AI-based liveness checks to prevent spoofing or replay attacks.

Generates dynamic prompts to guide users through account recovery workflows.

Implements artificial intelligence to filter, rewrite, or block prompts that attempt to access unauthorized data, escalate privileges improperly, exploit system weaknesses, or otherwise re-provision customer access permissions.