Re: [Architecture] [Dev] Binding access token to the browser for new IAM Portal Applications

t-single-sign-on/ > > Thanks, > Thanuja > > On Tue, Mar 24, 2020 at 8:40 PM Dinali Dabarera wrote: > >> Hi all, >> >> Do we have an official public documents related to this approach, the >> token binding mechanism used and other information? >> >>

Re: [Architecture] [Dev] Binding access token to the browser for new IAM Portal Applications

Hi all, Do we have an official public documents related to this approach, the token binding mechanism used and other information? Thank you! Dinali On Wed, Nov 20, 2019 at 7:55 PM Janak Amarasena wrote: > Hi All, > > Currently, there is an OAuth2 Spec[1] under development with the key > inten

Re: [Architecture] [IS- 5.10.0] [Role-Permission] Implementation strategy

oups/c39232b1-4856-439b-89be-aae3fce5617d/permissions>* > Thanks, > > On Thu, Aug 29, 2019 at 10:52 AM Dinali Dabarera wrote: > >> Correction: >> >> *Approach 2:* >> Ex: >> >> { >> "totalResults": 1, >> "startIndex

Re: [Architecture] [IS- 5.10.0] [Role-Permission] Implementation strategy

c39232b1-4856-439b-89be-aae3fce5617d/permissions"; <https://localhost:9443/scim2/Groups/c39232b1-4856-439b-89be-aae3fce5617d/permissions>* }, "id": "c39232b1-4856-439b-89be-aae3fce5617d" } ] } On Thu, Aug 29, 2019 at 10:38 AM Dinali Dabarera wrote: > Hi all,

[Architecture] [IS- 5.10.0] [Role-Permission] Implementation strategy

Hi all, We currently have the UserAdmin Service method to return all the permissions in the permission tree as a node list object. There is also a method to return permissions associated with a role. When we try to implement a rest API for this we came up with below two approaches: *Approach 1:*

Re: [Architecture] SAML SP certificate expiry validation

Hi Asela, On Thu, Jul 18, 2019 at 4:49 PM Asela Pathberiya wrote: > > > On Thu, Jul 18, 2019 at 1:55 PM Dinali Dabarera wrote: > >> Hi all, >> >> As an improvement, we have introduced a new validation for SP >> certificate expiry time in SAML request vali

[Architecture] SAML2 Request Validity Period validation

Hi all, As an improvement for the SAML request validations, we have introduced "issueInstant" property validation as per the solution for the pubic issue [1] In order to enable this improvement, we have introduced new two properties in the identity.xml file under tag. *true * * 5* In th

[Architecture] SAML SP certificate expiry validation

Hi all, As an improvement, we have introduced a new validation for SP certificate expiry time in SAML request validation flow flow as a fix for the issue reported in [1]. The fix is as follows [2] We have introduced a new property called ** in the identity.xml file under . In the master impleme

[Architecture] WSO2 Identity Server Samples 2.0.0 Released!

Hi all, We are pleased to announce the release of WSO2 Identity Server Samples 2.0.0 The IS-QSG will demonstrate the key functionalities of the identity server that are mentioned below. - Configuring Single-Sign-On with SAML2 - Configuring Single-Sign-On with OIDC -

Re: [Architecture] [Dev][VOTE] Release WSO2 Identity Server 5.7.0 RC3

Hi all, I have tested the below in H2 DB and no issues were found. - XACML multi-decision profile (JSON/XML format) - Add a policy, update policy, publish policy, publish again by updating. - Add email templates. - Adding consent purposes and Consent management during JIT provisioning

Re: [Architecture] [Dev] [VOTE] Release WSO2 Identity Server 5.7.0 RC2

Hi, I have tested the following in H2 DB and no issues were found. - XACML multi-decision profile JSON/XML format - Add a policy, update policy, publish policy, publish again by updating. - Add email templates. - Adding consent purposes and Consent management during JIT provisioning.

Re: [Architecture] [Dev] [VOTE] Release WSO2 Identity Server 5.5.0 RC2

Hi All, I tested the Tested Below scenario on the IS 5.5.0-RC2 pack. - DCR for in carbon supper and tenant domain. - Authorization code grant flow using play ground - What happened when an un-ticked flow tried. - Introspection +1 to go ahead with the release On Thu, Mar 15, 2018 at

Re: [Architecture] WSO2 Identity Server 5.4.1 Update3 Released !!!

[+Dev] On Thu, Feb 22, 2018 at 8:24 PM, Dinali Dabarera wrote: > The WSO2 Identity and Access Management team is pleased to announce the > release of WSO2 Identity Server 5.4.1 Update3. > You can build the distribution from the source tag, > > Runtime: https://github.com/

[Architecture] WSO2 Identity Server 5.4.1 Update3 Released !!!

The WSO2 Identity and Access Management team is pleased to announce the release of WSO2 Identity Server 5.4.1 Update3. You can build the distribution from the source tag, Runtime: https://github.com/wso2/product-is/releases/tag/v5.4.1-update3 follow the steps given below. *Building from the sour

[Architecture] WSO2 Identity Server 5.4.1 Update2 Released !!!

The WSO2 Identity and Access Management team is pleased to announce the release of WSO2 Identity Server 5.4.1 Update2. You can build the distribution from the source tag, Runtime: https://github.com/ws o2/product-is/releases/tag/v5. 4.1-update2

[Architecture] WSO2 Identity Server 5.4.0 Alpha5 Released!

The WSO2 Identity and Access Management team is pleased to announce the release of WSO2 Identity Server 5.4.0 Alpha5. This distribution can be downloaded from the following location. https://github.com/wso2/product-is/releases/tag/v5.4.0-alpha5 The following list contains all the features, improv

[Architecture] Why we use timestampSkew default value as 300 seconds in identity.xml, why not 0 seconds.

Hi All, In our identity.xml the default timeStampScrew value is used as 300 seconds. Shouldn't this be 0 seconds? Because when we are getting a token from password grant type again and again *without a time delay*, the expiry time of the token increases than its accepted value because of this equ

Re: [Architecture] [C5][IS 6.0.0] Email Verification for Existing User

Hi, On Wed, Mar 22, 2017 at 1:28 AM, Jochen Traunecker < jochen.traunec...@googlemail.com> wrote: > Hi, > > Will there be a concept of primary email and 0..n secondary email > addresses? With such a concept in mind, each email address could be > associated with a state (verified, not verified).

Re: [Architecture] [C5][IS 6.0.0][admin-portal] User Onboarding - Ask Password with email verification

eed to reset step > ​+1 for this, lets supports both ​ ​ HTML based and non HTML based mail clients. while password reset page can support both GET and POST. > > > On Tue, Mar 21, 2017 at 12:33 PM, Dinali Dabarera wrote: > >> We are not going to lock the user since we use a rand

Re: [Architecture] [C5][IS 6.0.0][admin-portal] User Onboarding - Ask Password with email verification

t aware what is >> Domain. >> 3. I guess combo box with available option is not user friendly and what >> about having option buttons which shows available options at once to user ? >> >> >> Thanks >> Godwin >> >> >> On Mon, Mar 20, 2017 at 5:53 PM

[Architecture] [C5][IS 6.0.0][admin-portal] User Onboarding - Ask Password with email verification

Hi All, I am going to implement User Onboarding - Ask Password with email verification according to the User story [1].The wire-frame given by the UX team is [2]. According to these, *In admin side,* - The admin creates a user and put his email and click on Add user. - Then an email is se

Re: [Architecture] [C5][IS 6.0.0 - Admin Portal ] Edit User profile (Update User)

Hi Godwin, Continuing the above email The function of the verify button click is done by this user story [1]. Which is not done by me. At the moment we are not supporting mobile verification. Thanks [1] https://redmine.wso2.com/issues/5752 On Tue, Mar 14, 2017 at 11:44 AM, Dinali Dabarera

Re: [Architecture] [C5][IS 6.0.0 - Admin Portal ] Edit User profile (Update User)

, Godwin Shrimal wrote: > Hi Dinali, > > Can you explain what exactly happens when click on Verify button on email > or phone number ? And how do you filter those claims and display those > buttons ? > > > Thanks > Godwin > > > On Tue, Mar 14, 2017 at 10:52 AM,

[Architecture] [C5][IS 6.0.0 - Admin Portal ] Edit User profile (Update User)

Hi all, I am implementing Edit User profile in the admin portal as designed in [1]. I am using the same account settings profile used in user-portal to implement this. I have started implementing UI part first and next moving to back-end. Since We have to use the same UUF components used in user-p

Re: [Architecture] Applying Machine Learning in Security - A Survey

Hi, I would like to join this (as a part-time researcher) from IS team as I am interested in machine learning and big data stuff. If there's any opportunity please let me know. Thanks! On Thu, Mar 9, 2017 at 11:00 AM, Prabath Siriwardena wrote: > Thanks for sharing! Will go through this... > >

Re: [Architecture] [Dev] Username Recovery Feature in IS 6.0.0

e wrote: > >> >> Hi Dinali, >> >> On Thu, Feb 2, 2017 at 7:55 PM Dinali Dabarera wrote: >> >>> Hi all, >>> >>> In Username Recovery, I need to find a User which is available for >>> multiple claims. >>> So what I do now i

Re: [Architecture] [Dev] Username Recovery Feature in IS 6.0.0

ork to do. But I think it is better to have a method called *getUserList(ArrayList) *with domain or across all domain from the userstore directly than comparing as above. Please leave me comments on this. Thanks. On Fri, Jan 27, 2017 at 3:03 PM, Dinali Dabarera wrote: > Hi all, > > Th

Re: [Architecture] [Dev] Username Recovery Feature in IS 6.0.0

On Sat, Jan 21, 2017 at 4:20 PM, Pushpalanka Jayawardhana < >>> la...@wso2.com> wrote: >>> >>>> Hi All, >>>> >>>> On Sat, Jan 21, 2017 at 1:35 PM, Isura Karunaratne >>>> wrote: >>>> >>>>> Hi Dinali

Re: [Architecture] [Dev] Username Recovery Feature in IS 6.0.0

i, > > On Sat, Jan 21, 2017 at 12:33 PM, Dinali Dabarera wrote: > >> Hi all, >> >> We are working on implementing username recovery feature for IS 6.0.0 >> >> *The admin has to enable the Username Recovery* >> >> >> *When Username Recovery

[Architecture] [Dev] Username Recovery Feature in IS 6.0.0

Hi all, We are working on implementing username recovery feature for IS 6.0.0 *The admin has to enable the Username Recovery* *When Username Recovery enabled:* - User portal user can click on the forget username option. - The User can enter his details of the default profile. - The Sy

Re: [Architecture] [Dev] [VOTE] Release WSO2 Identity Server 5.3.0- RC3

Hi, I tested the following on the Identity Server 5.3.0-RC3 pack, - Discovery - DCR - Form Post - Introspection - SCIM API - User Management Worked fine without any issues. [+] Stable - go ahead and release On Fri, Jan 6, 2017 at 10:06 PM, Pulasthi Mahawithana wrote: > Hi All