The WSO2 Identity and Access Management team is pleased to announce the first release candidate of WSO2 Identity Server 7.2.0.
How to run
- Extract the downloaded zip file.
- Go to the bin directory in the extracted folder.
- Run the
wso2server.shfile if you are on a Linux/Mac OS or run thewso2server.batfile if you are on a Windows OS.
What is new in this release
WSO2 Identity Server 7.2.0 is the latest WSO2 Identity Server release and is the successor of WSO2 Identity Server 7.1.0. It contains the following new features and enhancements:
New Features
- Introducing Flow Builder: Build tailored user registration and management flows
- AI agent identity management
- End-to-end authorization support for MCP servers and clients
- Webhook event publishing
- Support for granular role sharing with B2B Applications
- Organizations inherit login and registration settings
- Organizations inherit attributes and OIDC scopes
- Unified the naming convention for root organizations and organizations
- Manage multiple federated associations through dedicated bulk API
- Enhanced language and locale support for My Account & Console
- Custom page editor for end-user portals
- Seamless user impersonation for business applications
- Support for advanced data types in simple attributes
- Support for data types and input formats in user attributes
- Workflow approval for user operations
- Email OTP-based verification when onboarding users
- Support for OTP-based user invite flow
- Support for OTP-based admin-forced password reset
- OAuth-based authentication support for email providers
- Preconfigured React and Next.js application templates
- Automate user attribute verification with pre-update actions
- Support configuring actions for B2B organizations
Enhanced Features
- Out-of-the-box support for Demonstrating Proof of Possession (DPoP)
- Out-of-the-box support for post-quantum TLS
- Unicode character support for user attributes
- Operation-wise access control in SCIM bulk API
- Pre-update password extension support for user registration
- Support attribute sharing in pre-update password extension
- Support for configuring headers and parameters in pre-issue access token and custom authentication actions
- Enhanced organization search in console with nested hierarchy support
- Protocol-specific keystores for root organizations
- User account management enhancements
- Granular application discoverability in My Account
- Enhanced account linking with configurable user attributes for federated–local user association
- New conditional authentication functions for user information retrieval and user association
Deprecated features
Refer to the about this release section in the product documentation to find the deprecated features from WSO2 IS 7.2.0 onwards. These features will be removed in a future release and we expect you to move to recommended solutions.
Fixes and Improvements
A list of all the new features and bug fixes shipped with this release can be found in the following locations:
Known Issues
All the open issues pertaining to WSO2 Identity Server are reported at the following locations:
Contribute to WSO2 Identity Server
Mailing Lists
Join our mailing lists and correspond with the developers directly. We also encourage you to take part in discussions related to the product in the architecture mailing list. If you have any questions regarding the product you can use our StackOverflow forum to raise them as well.
- IAM Developer List: iam-dev@wso2.org
- User Forum: StackOverflow
Discord Channels
Join us via discord for even better communication. You can talk to our developers directly regarding any issues, or concerns about the product. We encourage you to start discussions or join any ongoing discussions with the team, via our discord channels.
- General discussions: General Channel
- Help: Help Channel
- New releases: Product Updates Channel
Reporting Issues
We encourage you to report issues, improvements, and feature requests regarding WSO2 Identity Server through our public WSO2 Identity Server GIT Issues.
Important: Please be advised that security issues must be reported to security@wso2.com, not as GitHub issues, in order to reach the proper audience. We strongly advise following the WSO2 Security Vulnerability Reporting Guidelines when reporting security issues.
For more information about WSO2 Identity Server, please see https://wso2.com/identity-and-access-management or visit the WSO2 Oxygen Tank developer portal for additional resources.
~ The WSO2 Identity and Access Management Team ~