Identity Federation and Strong Authentication
with WSO2 Identity Server

History shows that most enterprises grow today via acquisitions, mergers, and partnerships. This exposes their systems to more external users. Research done by analyst firm Quocirca confirms this. In Europe, 58% transact directly with users from other businesses and/or customers and for the UK alone that figure is 65%.

What does this mean for enterprise identity management? You would have to work with multiple heterogeneous user stores,  authentication protocols ,  legacy systems, and more. Standards like SAML, OpenID, OpenID Connect, and WS-Federation all support identity federation  and  cross-domain authentication. But can we expect all parties in a federation use case to support these standards?

Another problem you might face is that most federation systems we see today are in silos. It can be a silo of SAML federation, a silo of OpenID Connect federation or a silo of OpenID federation. It’s difficult to communicate between silos and this is a common challenge in identity and access management.

In this workshop, we will discuss how to break such silos and build an identity federation in a more meaningful way with WSO2 Identity Server.

This workshop will explore:

  • Identity federation standards and how to choose the right one
  • Federation silos and spaghetti identity
  • Introduction to WSO2 Identity Server
  • Identity bridging with WSO2 Identity Server
  • Strong and adaptive authentication with WSO2 Identity Server

Presented by:

Prabath Siriwardena
Senior Director, Security Architecture, WSO2

Prabath Siriwardena (@prabath) is the Senior Director of Security Architecture at WSO2 having more than 10 years of industry experience in designing and building critical Identity and Access Management (IAM) infrastructure for global enterprises, including many Fortune 100/500 companies.

Prabath spent most of his time in last ten years with the WSO2 IAM team, in developing the open source WSO2 Identity Server (Apache 2.0 license), which is used by hundreds of top companies globally, hundreds of Universities in USA and Canada, and also within the open source communities. WSO2 Identity Server serves more than 50 million identities globally.

As a technology evangelist, Prabath has published four books, including the one on Advanced API Security. He blogs at on various topics from blockchain, PSD2, GDPR, IAM to microservices security. He also runs a ​Youtube channel to educate the public on various topics related to IAM.

Prabath has spoken at numerous conferences including RSAConference, Identiverse (Cloud Identity Summit), European Identity Conference (Keynote 2015), Consumer Identity World (Keynote 2018), API World, API Strategy & Practice Con, OSCON and WSO2Con - and traveled the world conducting workshops in evangelizing WSO2 technologies. He is also the founder of the ​Silicon Valley IAM User Group, which is the largest IAM meetup in the San Francisco Bay Area.

He is a member of OASIS Identity Metasystem Interoperability (IMI) TC, OASIS eXtensible Access Control Markup Language (XACML) TC, OASIS Security Services (SAML) TC, OASIS Identity in the Cloud TC and OASIS Cloud Authorization (CloudAuthZ) TC. Prabath is also a member of Apache Axis PMC and has spoken at numerous international conferences including OSCON, QCon, ApacheCon, WSO2Con, EIC, IDentity Next, RSAC, and OSDC. He has more than 10 years of industry experience and has worked with many Fortune 100 companies.



Wednesday, July 11
9:30 a.m. to 1:30 p.m.
1800 Tysons Boulevard,
Tysons Corner,