Sold by: WSO2Â
Deployed on AWS
AWS Free Tier
WSO2 Identity Server is a powerful, modern identity and access management solution for your on-premises or cloud environment. It enables organizations to deliver exceptional, trusted digital experiences to all types of users: internal workforce, external consumers, business customers or API consumers. Preferred by customer reviewers over Okta, WSO2 Identity Server offers a more compelling technical direction, better feature updates, and superior support quality.
Overview
WSO2 Identity Server is an open-source, enterprise-grade identity and access management (IAM) solution that streamlines authentication, authorization, and user management. It supports single sign-on (SSO), multi-factor authentication (MFA), and OAuth2/OpenID Connect, enabling secure access to applications, services, and APIs across cloud, on-premises, and hybrid environments.
Organizations can implement identity federation, social login and BYOID, allowing users to access multiple applications through a single login. Advanced features like role-based access control (RBAC), fine-grained authorization, passkeys, passwordless authentication and risk-adaptive authentication enhance security while improving the user experience.
Designed for compliance with regulations like GDPR and HIPAA, WSO2 Identity Server offers features such as consent management and audit logging.
WSO2 Identity Server streamlines configuration and policy definition using artificial intelligence, simplifying rollout and speeding time to deployment. Its highly extensible, API-driven architecture supports seamless integration with other mission-critical applications and deep customization, making it ideal for businesses of all sizes, and for any use case.
For Business Customers (B2B): Enable secure access for your B2B customers with flexible organization management. For Consumers (B2C): Launch secure, consumer-facing applications with customized branding to attract and retain users. For Citizens (G2C): Provide citizens with secure, seamless access to public services for government digital transformation. Workforce Identity (B2E): Empower your employees with secure access to corporate apps, no matter where they work. API Access Management: Protect critical APIs by ensuring only authenticated and authorized clients can gain access.
Highlights
- The perfect solution for the needs of all user types (consumers, workforce, business customers or API users). With WSO2 Identity Server there is no need to set up and maintain separate products for each user type, saving organizations expense and effort.
- Highly adaptable and extensible architecture to meet your organization specific functionality and integration requirements. WSO2 Identity Server is designed for developers, making it easy for your team to adapt functionality or integrate with other critical systems, using their existing, familiar developer tools.
- Affordably priced for your growing business. Take advantage of the flexible and affordable pricing offered by WSO2. Its also easy to extend licensing for external customers.
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
Cores and Use Case | Public Offer contains a PoC setup without a subscription. Private Offer will include a subscription for the core count and use case (B2C, B2B, B2E) as specified in the contract. | $0.00 |
Support | Public Offer does not include support. Private Offer will include support as specified in the contract. | $0.00 |
Vendor refund policy
All purchases are final. No refund is applicable.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA)Â .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
WSO2 Identity Server 7.1
Additional details
Usage instructions
To access the deployed Identity Server, please follow the steps given below.
-
SSH into the VM through the Public IP of the VM. The Username is ubuntu and the SSH Key configured during creation should be utilized.
-
Create a entry in the /etc/hosts inside the VM with the below entry. Execute "sudo nano /etc/hosts" and insert the entry: <VM_PRIVATE_IP> is.demo.wso2
-
Execute the command bash -c "export JAVA_HOME=/usr/lib/jvm/temurin-17-jdk-amd64 && wso2is/wso2is-7.1.0/bin/wso2server.sh start" to start the WSO2 Identity Server. This will start the WSO2 IS in the background.
-
Check the logs using the command "tail -f wso2is/wso2is-7.1.0/repository/logs/wso2carbon.log" and wait until the server has started.
After the server is started, please create an /etc/hosts entry in your local machine used to access the WSO2 Identity Server with the value: <VM_PUBLIC_IP> is.demo.wso2
Now you can access the Identity Server using https://is.demo.wso2/consoleÂ
By default, the credentials for the IS are; username = admin, password = admin as this is a PoC setup. This can be changed if needed.
WSO2 Identity Server documentation is available at https://is.docs.wso2.com/en/latest/Â
To obtain an Identity Server subscription, please contact us at https://wso2.com/contact/Â
Support
Vendor support
WSO2 offers two types of support models - Basic Support and Enterprise Support Basic Support offers 12x5 support while Enterprise Support is 24x7 support. For more details, please refer
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
WSO2 Integrator
By WSO2
Connect anything to anything with the 100% open-source AI-powered WSO2 Integrator. Break down data silos, boost productivity, streamline workflows, and create digital experiences that differentiate you from the rest of the pack.
WSO2 API Management
By WSO2
WSO2 API Manager is a market-leading full lifecycle API management platform for building, integrating, securing, and exposing an enterprise's digital services as managed APIs in cloud, on-premises, and hybrid architectures. Fast-track your API strategy with all the capabilities needed by API designers, product managers, operations, and consumers.
WSO2 Private Identity Cloud
By WSO2
WSO2 Private Identity Cloud is an individual, secure SaaS instance of our AI-powered open source IAM suite, enabling secure access for every type of identity: B2C customers, B2B SaaS applications, workforce, and APIs.
WSO2 Integrator: BI
By WSO2
Develop your integrations using a unique low-code experience with pro-code parity.
Customer reviews
0 ratings
0 AWS reviews
|
98 external reviews
Star ratings include only reviews from verified AWS customers. External reviews can also include a star rating, but star ratings from external reviews are not averaged in with the AWS customer star ratings.
Rafael F.
CustomRobust and configurable
Reviewed on Sep 10, 2025
Review provided by G2
What do you like best about the product?
I like it because of the multitude of configurations you can perform. It can connect not only with WSO2’s own API Manager but also with third-party systems. It integrates with other platforms, and each integration can be configured in a granular and isolated manner. That level of flexibility is hard to find in other identity servers. Additionally, it's very robust, with multiple layers of security that, just like the integrations, can be fully customized to suit your needs.
What do you dislike about the product?
At a functional level, I wouldn’t consider it a disadvantage, but from a user experience perspective, I’d say it’s very difficult to use, and the graphical interface of previous versions is terrible.
What problems is the product solving and how is that benefiting you?
"Authentication and authorization of the e-commerce platform
Abdallah A.
Highly Customizable, but Outdated UI
Reviewed on Sep 06, 2025
Review provided by G2
What do you like best about the product?
I appreciate the high accessibility and customization capabilities of WSO2 Identity Server, which allow for seamless integration and development of custom add-ons. The product's extensive array of connectors and event handlers enhances its functionality, and as an open-source platform, it facilitates ease of development and adaptability.
What do you dislike about the product?
I find the user interface for the console side to be outdated. Additionally, the web applications used for the user side, specifically JSP, seem outdated by cloud technology standards. I would like to see updates and enhancements in these areas. I'm currently using an older version (Version 5.9) and am not sure if later product versions have addressed these issues.
What problems is the product solving and how is that benefiting you?
WSO2 Identity Server provides SSO and identity management, customizing account recovery and authentication, and integrating with multiple systems. It offers high accessibility and extensive connectors, enhancing customization and development flexibility.
Sher S.
WSO2 Identity Server Worth its Pricing
Reviewed on Sep 05, 2025
Review provided by G2
What do you like best about the product?
What I appreciate most about WSO2 Identity Server is its comprehensive support for identity federation and single sign-on (SSO) using open standards like SAML 2.0, OAuth2, and OpenID Connect. It’s incredibly flexible, allowing seamless integration with a wide range of identity providers and enterprise systems.
The adaptive authentication framework is another standout feature—it enables organizations to define custom authentication flows based on user behavior, device, or risk level, which is essential for modern security needs.
Additionally, the self-service portal, multi-tenancy support, and role-based access control make it a powerful solution for both cloud-native and on-premise deployments. Being open-source, it also offers great transparency and community support.
Overall, WSO2 Identity Server delivers enterprise-grade identity management with the agility and extensibility needed for evolving digital ecosystems.
The adaptive authentication framework is another standout feature—it enables organizations to define custom authentication flows based on user behavior, device, or risk level, which is essential for modern security needs.
Additionally, the self-service portal, multi-tenancy support, and role-based access control make it a powerful solution for both cloud-native and on-premise deployments. Being open-source, it also offers great transparency and community support.
Overall, WSO2 Identity Server delivers enterprise-grade identity management with the agility and extensibility needed for evolving digital ecosystems.
What do you dislike about the product?
Nothing Specific as Dislikes. I can Suggest Improvement area.
Must allow OTP Login
More Two Factor Authentication Connector Implementation.
Must allow OTP Login
More Two Factor Authentication Connector Implementation.
What problems is the product solving and how is that benefiting you?
Identity Server as Key Manager for our API Gateway.
Solving SSO Integration Issue.
Solving RBAC.
Solving ASAC.
Two Factor Authentication.
Active Directory Integrations.
Combining Multiple AD, LDAP on Single Place for login.
Solving SSO Integration Issue.
Solving RBAC.
Solving ASAC.
Two Factor Authentication.
Active Directory Integrations.
Combining Multiple AD, LDAP on Single Place for login.
Tebalo T.
Securing PSG's Digital Ecosystem: A Review of WSO2 Identity Server
Reviewed on Sep 04, 2025
Review provided by G2
What do you like best about the product?
Our experience with WSO2 Identity Server at PSG has been defined by its ease of setup and seamless integration with our group systems via OAuth and SAML, which significantly reduced implementation time. Operationally, the platform excels with its immediate API responses, developer-friendly logging, and comprehensive REST APIs that are crucial for our DevOps automation. A core component of its value is the robust suite of security features; its Multi-Factor Authentication (MFA) is central to our daily operations, securing access for both internal staff and external customers alike. This technical excellence is matched by WSO2's excellent customer support, and as an open-source solution, it offers unparalleled flexibility and a significantly lower total cost of ownership, making it a strategically sound asset for PSG's technology stack.
What do you dislike about the product?
While WSO2 Identity Server is a powerful platform, it is not without its challenges, particularly for teams managing large-scale deployments. Its deep extensibility, a key strength, also introduces a considerable learning curve, and teams may find the documentation difficult to navigate for highly specific or advanced customizations. As a robust, enterprise-grade Java application, it can be resource-intensive, demanding careful infrastructure planning and performance tuning. This complexity can also surface during major version migrations, which often require significant manual effort and meticulous planning to execute successfully, particularly in environments with heavy customization.
What problems is the product solving and how is that benefiting you?
WSO2 Identity Server was implemented at PSG to solve the critical challenges of a fragmented and costly identity landscape, where users struggled with multiple credentials and administrators were burdened with managing disparate, siloed user stores. By introducing Single Sign-On (SSO), WSO2 immediately unified the user experience, boosting productivity and satisfaction. Simultaneously, it provided a central management plane that streamlined administration—even while connecting to existing user stores like MS databases—which enhanced security and operational efficiency. This consolidation of our identity infrastructure directly led to the decommissioning of redundant systems, resulting in significant and tangible cost savings for the organization.
Oussama N.
Flexible, Open-Source IAM with Strong Extensibility – But Requires Deep Expertise
Reviewed on Jul 31, 2025
Review provided by G2
What do you like best about the product?
WSO2 Identity Server stands out for its open-source nature, modularity, and extensibility. I especially appreciate its support for industry standards like SAML 2.0, OAuth2, OIDC, and SCIM, making it highly interoperable with modern applications. The multi-tenancy capabilities are solid, and the adaptive authentication scripting using JavaScript gives me full control to implement complex login flows, such as step-up authentication or conditional MFA.
The integration with WSO2 API Manager and Micro Integrator also enables a seamless digital identity and API security strategy, which is crucial for our enterprise clients pursuing digital transformation. The product is well-documented, and the community around WSO2, including Slack and GitHub, is active and helpful.
The integration with WSO2 API Manager and Micro Integrator also enables a seamless digital identity and API security strategy, which is crucial for our enterprise clients pursuing digital transformation. The product is well-documented, and the community around WSO2, including Slack and GitHub, is active and helpful.
What do you dislike about the product?
The learning curve is steep, especially for teams unfamiliar with WSO2’s architecture. While flexibility is a plus, it often requires significant customization, and misconfiguration can lead to security gaps. The UI/UX for the admin console feels outdated compared to modern IAM platforms like ForgeRock or Okta.
What problems is the product solving and how is that benefiting you?
WSO2 Identity Server has helped us secure user identities across microservices, enable SSO for internal apps, and implement fine-grained access control for APIs and external integrations. For clients in regulated industries (finance, healthcare), it helps us meet compliance standards like GDPR and PSD2 while maintaining full control of identity flows on-prem or in private cloud deployments.