This is a step-by-step guide to configure the Oracle database as the data source in the WSO2 Identity Server. Nevertheless, you can use this guide to create an Oracle DB for any of your purposes in quite an easy way. Let's get started!! Download the Docker image We use Oracle Database Server Docker Image…

OAuth 2.0 Authorization Framework defines two types of clients based on their ability to authenticate securely with the authorization server (RFC 6749 Section 2.1): Confidential Client — client implemented on a secure server with restricted access to the client credentials. Public Client — Clients executing on the device used by…

Register your users in an easy way Setup WSO2 IS for self-registration Add an SMS event publisher with the file nameSMSPublisher.xml to <IS_HOME>/repository/deployment/server/eventpublishers location. You can use the provided sample. This is a sample publisher is for publishing the account confirmation code of signup flow to an SMS API. …

Cheatsheet for Groups and Roles SCIM requests Groups and Role Separation Prior to WSO2 Identity Server (IS)-5.11.0, both groups and roles were considered as roles in the server. They were managed either roles section in the management console or SCIM2.0 /Groups endpoint. Even though we supported both Groups and Roles together those two terms…

Send your notification as you wish When you are finding this blog, you might be searching for “how to send a google chat notification from a GitHub action”. You may have already tried out several marketplace actions available for google chat notifications; such as, google-chat-github-notification - GitHub Marketplace GitHub Action Add notify.yml to .github/workflows/ .github/workflows/notify.yml name: notify on: pull_request: types…github.com

Find different flavors of PATCH operations under one hood I thought to write this blog because I’ve seen many developers in the community are struggling to form the PATCH payload properly. RFC 7644 3.5.2. Modifying with PATCH describes this fact more than enough. …

Try WSO2 Identity Server (IS) capability to lock user accounts based on SMS/Email OTP and TOTP failed attempts — Introduction I’m sure all of you may know password brute force attacks. It’s nothing but guessing the password of a user account systematically trying out every possible combination of allowed characters(letters, numbers, symbols, etc). In order to mitigate this attack Identity and Access Management solutions provide multiple options. …

Write tests for your REST API API Testing is a crucial step of your API(Application Programming Interface) development life cycle because testing ensures that end-to-end functionality works properly. Also, it verifies that API satisfies the application end-user business requirement. …

Different Notification Senders for Different Tenants When you are using the WSO2 Identity Server you may have the requirement of sending notifications to the end-users based on the user-operations (examples: user onboarding, password recovery, username recovery).WSO2 IS has an eventing framework to trigger events based on user operations that are…