Advanced OAuth 2.0 Support to Protect Your Mission-Critical APIs
Enforce rigorous API access management at any scale with WSO2’s IAM solutions, powered by the market’s most comprehensive OAuth 2.0 support, and designed for tight integration with API gateways.
Try Asgardeo
Startups, Enterprises and Entire National Governments Worldwide Trust WSO2 to Secure Trillions of API Transactions
Protect Your API Ecosystem
Your organization requires strong, flexible access and authorization management to secure access to your APIs. Choosing the right solution will help you easily handle all your API access management use cases, even the most challenging, and complex.
Critical considerations for an API access management solution
- Proven in the marketplace
- The most advanced, standards based authorization capabilities
- Close coordination with your API gateway
- A deployment model for your authorization service that matches your architecture strategy
Customer Spotlight
London UK Transit System Uses WSO2 to Secure Mission-Critical APIs for Improved Commuter
Experience
Eight million commuters depend on TFL’s mass transit solutions every day. WSO2 ensures API security for TFL’s technology which handles credit card transactions, routing and scheduling management, emergency response and analytics.
Customer Spotlight
Standard Chartered Bank Ensures Smooth, Secure Business Operations Using WSO2 to Protect Sensitive Internal APIs
SCB’s internal applications exchange data and services between multiple business units, using various API gateways from multiple vendors. WSO2 helps ensure smooth business operations by securing thousands of transactions per second.
Unlock the Full Potential of OAuth 2.0
All the OAuth 2.0 basics you expect
- Support for the access token lifecycle (request, issue, expiry, refresh)
- Defining scopes and claims for authorization
- Creating basic policies and rules to determine who can access APIs
- Support for the most popular token formats including JWT
WSO2 Delivers Above and Beyond the Expected
Consent-based authorization
Require positive user consent before authorizing the request
Attribute-based authorization
Define an ABAC model for authorization policies
Authentication level based authorization
Enhance authorization for more sensitive resources with stronger authentication requirements
Mutual TLS Certificate bound access tokens
Bind the access token provided by the authorization server to the client's certificate
Pushed Access Request (PAR)
Provide a more secure way to initiate an authorization request using backchannel communication
JWT Secured Authorization Response Mode (JARM)
Enhance the security of the authorization response by signing and optionally encrypting it
Token exchange
Enable SSO between mobile apps without opening a separate browser window
Device authorization grant (or Device Flow)
Allow users to sign in to input-constrained devices such as a smart TV, IoT device, or a printer
FAPI Baseline and Advanced Profiles
Implement the higher security standard required for high-value transactions
Authentication flow integrated with the API access itself
Simplify and streamline the application developer experience
Make Your API Gateway More Secure
API gateways need to protect access to critical APIs, but their simple built-in security features are not sufficient for today's challenging environment. Enhance the security of your API gateway with state-of-the-art OAuth 2.0 authentication and authorization.
Proven success working with popular API gateways
- Many popular API gateways support basic OAuth 2.0, but this often falls short of real-world requirements
- WSO2 IAM solutions integrate with all API gateways that support the OAuth 2.0 standard to delegate authorization to an external service
WSO2 enhances third-party API gateway functionality
- WSO2 delivers innovative OAuth 2.0 capabilities (described above) that enhance any API gateway’s authorization flexibility
- WSO2 acts as a centralized access policy service for all your API authorization needs
- WSO2’s full-featured IAM capabilities enable your API authorization policies to tap into features such as user management, authentication, detailed authorization policies, consent management, and more.
Get to production faster by using WSO2’s API gateway solutions
- Reduce custom development for high-value functions
- Automatic JWT token revocation, eliminating the need for short token expiry or additional revocation requests made to the access token service
- Automatic propagation of security events occurring at the API access level, such as a user password change or account disabling, which affect authorization logic
- Specialized access tokens, such as single use
Choose your path: Flexible deployment options
WSO2 IAM products are built on the proven open-source WSO2 Identity Server. You get the same great features whether you prefer SaaS or downloadable software.
Software as a service
Our scalable IDaaS solution minimizes setup and frees you from worrying about uptime and maintenance. Available as multi-tenant public cloud or single-tenant private cloud, you get robust features without the operational burden of IAM.
Learn More
Downloadable software
Our robust open-source software for complete on-premises identity infrastructure control. It provides unparalleled extensibility, deep integration, and the transparency needed for stringent compliance.
Learn More