WSO2 Identity Server provides many identity management workflows and password management workflows out-of-the-box. E.g. self-registration, user invitations, password recovery, etc. However, it is not atypical to come across situations where you would find that the workflow capabilities provided out-of-the-box in the product is not sufficient to fulfil your business requirement.

Question 1

How to configure MFA and/or adaptive authentication for a group of service providers, instead of at an individual service provider level?

Configuring MFA and/or adaptive authentication for a group of service providers is not possible with WSO2 Identity Server as of version 5.11.0.

However, configuring MFA on a global (tenant)…


In the first part of this two-part article series I’ve introduced “heterogeneous API Management clusters”, its well known examples and its different patterns. I’ve then gone on to discuss the “API Store Separated Clusters” deployment pattern in detail, how they can be implemented in WSO2 API Manager and shortfalls in…

This is for those of you who wanted to understand the WSO2 CIAM User Lifecycle in detail.

Points to keep in mind for Readers

1. This diagram is a state diagram; NOT a “flow chart” diagram. Therefore it doesn’t show you the different workflows that trigger the state transitions. …


WSO2 API Manager supports a variety of deployment patterns for varying business and technical use cases [1,2]. While the all-in-one deployment pattern is at one end of the spectrum as the most simplest deployment pattern, the fully distributed deployment is at the other end of the spectrum as the most…


A permission in IAM is defined as, a combination of a resource and one of its corresponding actions. Permissions are a fundamental element of any authorization decision.

For an overview of the permission levels that are supported by WSO2 Identity Server, and the various use cases around permissions in WSO2…

Johann Dilantha Nallathamby

IAM Enthusiast, Solutions Architect @ WSO2

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store