WSO2's IAM vision emphasizes the importance of identity-led digital transformation for enhancing both internal and external digital experiences across various sectors. It highlights that effective identity and access management (IAM) ensures secure and seamless interactions for consumers, partners, and employees, ultimately fostering improved productivity and security. WSO2 offers multiple IAM solutions, including options for various deployment strategies, aimed at optimizing user experiences and supporting compliance with security standards.

1. WSO2's IAM Vision:
Identity-Led Digital
Transformation
Geethika Cooray
Vice President & General Mgr - IAM
WSO2
1

2. Digital Transformation…

3. 3
Internal Digital
Experiences for
Employees
External Digital
Experiences for
Consumers/
Citizens
External Digital
Experiences for
Enterprise
Customers,
Partners, Suppliers,
API buyers
The
shift
to
digital WEB
Apps
Mobile
Apps
Workflows
Automations
API
Products
WEB
Apps
Mobile
Apps
WEB
Apps
Mobile
Apps
Workflows
API
Products
IoT
Apps
The
shift
to
Identity-
Led
digital
Experiences
Experiences
LLM
B
2
C
/
G
2
C
C
I
A
M
B2E
IAM
B
2
B
C
I
A
M
Experience APIs
Systems
of
Record
Domain APIs
Domain
Services
API Access Mgt
3

4. Need to reimagine Access Management…

5. Neuralink Metaverse AI

6. Identity-led Digital Transformation…

7. 7
B2C/G2C B2B B2E APIs
● Self-service and
social-login
● Digital IDV, Progressive
profiling, Consent Mgt,
● Passworless, Adaptive
MFA
● Seamless Omni-Channel
& personalized
Experiences
Increased conversion &
retention, loyalty &
revenue
● Organization Mgt,
Delegated
Administration, user
roles/entitlements
● Faster and easier
customer/partner
onboarding
● Friction-less and
Improved end-user
experience
Reduces overheads,
increases time to market
and revenue potential
● SSO, MFA, BYOID,
Passkeys, etc.
● Reduced friction at login,
resulting in improved
security posture
Improves employee
productivity and overall
employee sentiment
● OAuth 2.0/OIDC
compliance
● Consent-, role- and
context-based
authorization
Improves overall security
posture and reduces risk
Benefits of Identity-led Digital Transformation
Access Management
Customer IAM Workforce IAM API Access Mgt

8. All Users Deserve
Seamless and Secure
Digital Experiences
Identity and Access Management
is fundamental to ensuring a secure,
frictionless experience for consumers,
business partners or employees.
8

9. 9
The Leading Open Source IAM
WSO2 Identity Server is a powerful,
modern identity and access management
solution for your on-premises or cloud
environment
Multiple Deployment Options
to Support Any IT Strategy
Multi-tenant SaaS IAM
Asgardeo is a developer-focused,
multi-tenant IDaaS solution that provides
seamless, secure authentication and user
management
Single-tenant SaaS IAM
Private Identity Cloud is a single-tenant
cloud identity solution, fully managed and
maintained by WSO2

10. Latest improvements…

11. Optimized Developer Experience
Improved UI/UX
11

12. Optimized Developer Experience
Out-of-the-box Application Templates
12

13. Optimized Developer Experience
More authentication methods to choose from
13

14. Optimized Developer Experience
Low-code/No-code visual editor - Preview users’ login experience
14

15. Optimized Developer Experience
Simplified Branding experience
15

16. Optimized Developer Experience
Optimized API Authorization for Organizations through native scopes
16

17. Optimized Developer Experience
API for In-App Authentication
OLD USER EXPERIENCE
An external browser window is required to
handle logging into the app
User never leaves the native application while
logging in
NEW USER EXPERIENCE
● Orchestrate authentication conditionally without changing the application logic
● Use OAuth 2.0/OpenID Connect flows without the need of a browser support
● Guarantees the identity and proof of possession of the client and the API only communicates with legitimate client apps
17

18. B2B CIAM capabilities
● Configure login experiences per
organization.
● Including branding per organization.
● Maintain organization hierarchy.
● Delegated Administration.
18

19. Support for Financial-Grade APIs (FAPI)
FAPI first-class compliance to FAPI 1.0 and security for high-value APIs.with OAuth 2.0
● Facilitates enforcing FAPI at client registration, user authorization flows, and token issuance flows for third partyclients.
● Supports OAuth 2.0 Pushed Authorization Requests
● Supports Financial-grade API: JWT Secured Authorization Response Mode for OAuth 2.0 (JARM)
19

20. ● Post-quantum secure mode can be enabled in IS 7.0 with a few steps
● Post-quantum secure mode will provide support for PQS TLS in inbound
communications, more secure internal encryption and hashing.
20
Supporting Post Quantum Safe Cryptography

21. Feature drop…

22. Unified IAM experience across all WSO2 IAM products
● A single open source code base across
self-hosted, SaaS or private cloud
● Feature parity and consistent experience
○ Developer experience
○ User experience
○ SDKs, templates, and docs
● Supports customers wherever they are in their
journey to cloud with common experience
○ Simplifies transition from software to cloud
22

23. AI-assisted features
23

24. AI assisted branding
24

25. AI assisted login flow generator
25

26. High-level Roadmap

27. Registration Orchestration
Low-code/No-code visual editor - Preview users’ registration experience
27

28. 3rd Party Integrations
28

29. 29
OAuth 2.0
Rich Authorization
Requests
(RAR)
DPoP
Grant Management
FAPI 2.0 - Securing high-value APIs

30. 30
For First-party apps
● Focussed on
⦿ Terms of Services
⦿ Privacy policy and Cookie policy
● Enhanced by
⦿ OAuth 2.0 - Scopes
⦿ OAuth 2.0 - RAR
For 3rd party apps
● Focussed on
⦿ Coarse-grained Authz
⦿ Fine-grained Authz
⦿ User-managed consent
● Enhanced by
⦿ Grant Management
Self service across the above
Consent Everywhere!

31. 31
Eventing & Extension Support
Upgrade vs Migration
Java 21 support
Improving operational e ciency of the
identity platform
Platform & architectural improvements

32. 32

33. IAM is a journey…
33

34. Question Time!
34

35. Thank You!
Let’s Connect!