wso2/product-is v7.1.0

WSO2 Identity Server 7.1.0

on GitHub

WSO2 Identity and Access Management team is pleased to announce the WSO2 Identity Server 7.1.0.

What is new in this release

WSO2 Identity Server 7.1.0 is the latest WSO2 Identity Server release and is the successor of WSO2 Identity Server 7.0.0. It contains the following new features and architectural changes:

New Features

• Push Notification Based Authentication
• AI Assisted Development
  • Branding AI
  • Login Flow AI
• Custom authentication service extension
• Pre-issue access token service extension
• Pre-update password service extension
• User Impersonation
• Enhanced Security and Cryptographic Capabilities
  • Post-Quantum support for TLS communications
  • AES-256 support for data encryption
  • AES encryption and key rotation support for Cipher Tool
• OAuth 2.0 Rich Authorization Requests
• iProov as an MFA option for your applications
• Sift fraud detection to prevent fraudulent logins to your applications
• Integration of Onfido Identity Verification in WSO2 Identity Server
• Secret Management Feature
• Enhanced Organization Management Capabilities
  • Organization's meta attribute based organization filtering support
  • Multiple secondary user store configuration capability in sub organizations
  • OAuth 2.0 client registering for B2B organizations to access B2B APIs
  • Email domain based organization discovery for self registration
  • Support "login_hint" parameter as organization discovery hint
  • Email and SMS template content inheritance with override capability for sub organizations
  • Ability to update shared user profiles and resolve them via organization hierarchy
  • Share users across organization hierarchy with role assignment
• Application-specific Branding
• Right-to-Left (RTL) Support in Login and Recovery Portals
• Rule-based password expiration
• Support for Attribute-Wise Uniqueness Validation Configuration
• Username recovery enhancements
  • Username recovery support for sms channel
  • Usernames recovery when email address is not unique
• On-demand silent password migration
• Notification Template Management API
• Certificate Validation Management API
• Seamless Third-Party SSO Integration with Ready-to-Use Templates
• SMS Template Management UI
• Java 21 runtime support
• Tenant Management UI
• JWT Access Token Attributes
• Support registering multiple email addresses and phone numbers per user

Deprecated features

Refer to the about this release section in the product documentation to find the deprecated from WSO2 IS 7.1.0 onwards. These features will be removed in a future release and we expect you to move to recommended solutions.

Fixes and Improvements

See the complete list of issues fixed in the latest WSO2 IS 7.1.0 release.

Documentation

The product documentation for this version is available at https://is.docs.wso2.com/en/7.1.0

Contribute to WSO2 Identity Server

Mailing Lists
Join our mailing lists and correspond with the developers directly. We also encourage you to take part in discussions related to the product in the architecture mailing list. If you have any questions regarding the product you can use our StackOverflow forum to raise them as well.

Developer List: iam-dev@wso2.org
Architecture List: architecture@wso2.org
User Forum: StackOverflow

Reporting Issues

We encourage you to report issues, improvements, and feature requests regarding WSO2 Identity Server through our public WSO2 Identity Server GIT Issues.

Important: And please be advised that security issues must be reported to security@wso2.com, not as GitHub issues, in order to reach the proper audience. We strongly advise following the WSO2 Security Vulnerability Reporting Guidelines when reporting the security issues.

~ The WSO2 Identity and Access Management Team ~