WSO2 Identity Server Open Source Journey
WSO2 Identity Solution 1.0.0, which is how it was called back then, was released in December 2007. More about it can be found here. Identity Solution 1.0.0 was based on Microsoft CardSpace technology. Starting from 1.0.0 release in 2007, Identity Server has done 26 releases over the past 12 years.
Being an open-source IAM solution, below are some of the recognitions WSO2 Identity Server received recently in the analysis reports.
- 2019: Overall Leader in KuppingerCole Leadership Compass for Identity API platforms
- 2019: Product leader in KuppingerCole Leadership Compass: Access Management and Federation
- 2018: Innovation leader in KuppingerCole Leadership Compass: CIAM Platforms
WSO2 Identity Server was certified as an OpenID provider in 2018 for the below profiles.
- Basic OP
- Implicit OP
- Hybrid OP
- Form Post OP
Above are a few of the achievements WSO2 Identity Server received during its journey. Now let’s see how the product and the team grew since its inception.
The development of the product started with 3 members in 2007. Now after 12 years Identity Server has 48 members in the team. Identity Server has come a long way to become the #1 open source IAM product. You can find more information about each release from Prabath’s blog post from here.
From the start, WSO2 and the WSO2 Identity Server has been open source. Though WSO2 provides commercial support, anyone can use the product in production without WSO2 support subscriptions. At the end of June 2019, WSO2 Identity Server had 150+ subscription customers including these customers, which spread over a number of verticals including, Banking and finance, Health care, E-commerce, Governments and many more. WSO2 Identity Server manages 100+ million user identities globally.
Identity Server got its first customer back in 2008 for the Identity Solution 1.5.0 release. By mid-2015, Identity Server had 55 customers in production with support subscriptions. This was a huge growth in the number of customers at that time and the main contributor to this growth was the Identity Server 5.0.0 release.
Identity Server 5.0.0 was a major redesign of the developer experience. Until then, Identity Server had a bunch of isolated features. From the 5.0.0 release, we connected the different protocols and features to provide a seamless developer experience.
Now let's see the development process we follow here at the Identity Server team.
The publicly available product roadmap of the Identity Server will show where this product leads to and provide room for community discussion on the roadmap items and its improvements. All the features developed within the Identity Server team are discussed in the dev and architecture mail lists. Any issue with the product usage can be discussed in the dev mail list and can be raised in the stackoverflow.
Being an identity and access management product, security is one of our highest priorities in the software development life cycle. Security is backed into the requirement gathering and design phase of the feature development process. After the feature development, the dynamic, and static security analysis using tools such as Veracode and Qualys is conducted before the product is released to ensure that there are no security issues missed in the design or development phases.
Though the Identity Server product is fully open source, WSO2 provides subscription services in a few categories.
- 24x7x365 incident WSO2 Support with aggressive response and resolution times, through the WSO2 offices located in the US, UK, Germany, Brazil, Australia and Sri Lanka.
- A WSO2 Subscription gives you direct access to world-class experts fluent in the WSO2 platform as well as on enterprise identity and access management architecture.
- Priority support option with on or off-site dedicated Technical Account Manager.
- Dedicated deployments with WSO2 Managed Cloud
At the time of writing, Identity Server 5.9.0 is the latest available product release and you can download and try the product from here.
