WSO2 has released new AI-driven capabilities to automate Identity and Access Management (IAM). They are available in WSO2 Identity Server open-source software (OSS), Asgardeo identity as a service (IDaaS), and WSO2 Private Identity Cloud. In addition to the AI features, the company has also expanded support for its B2B Cloud IAM (CIAM) products.
According to WSO2, the three products protect more than 1 billion identities worldwide. The company has previously focused on ensuring that the products share a common code base. That makes it easier for customers to deploy them where needed and migrate when necessary.
That shared code base has another benefit. It allows WSO2 to introduce features like this and deploy them across all the solutions easily. For customers, that means they get the benefits immediately, irrespective of which solution(s) they use.
Geethika Cooray, vice president and general manager of identity and access management at WSO2, said, “As AI reshapes how developers create and deliver digital experiences, this evolution needs to extend to how we protect those services and the users who rely on them.
“Through our new and forthcoming AI capabilities, we are not only helping developers to streamline key IAM-related functions; we’re also empowering them to provide a new generation of secure AI-driven applications and services.”
What is in this update?
This is about improving productivity for IT Security teams, many of whom struggle to keep on top of identity management. In large organisations, less than 5% of identities belong to individuals. The remainder are machine identities, used by IoT devices and required by software to connect to systems. With the number of identities continuing to climb, IT Security teams need a better way to manage them.
The new capability will make automating IAM-related processes such as branding and login flows easier. Consistency of branding improves the site’s usability, reduces the risk of developer mistakes and reduces user login errors.
The AI-powered login flow generator delivers additional developer benefits. Using customised workflows, it reduces the complexity around authentication during the login process. That ensures that logins are verified quickly and with increased security confidence.
Later this year, WSO2 says it will add agentic AI for security teams and developers to improve security. The company says the new capabilities will include “a pre-configured application template for AI agents with built-in IAM protocol support along with the ability to extend current AI agent frameworks with agent authentication and access delegation.”
A new API-based architecture and post-quantum security
As part of this announcement, there is a new API-based product extension architecture. It will work with all three IAM products, and targets enterprise developers. It allows them to build and deploy extensions anywhere they choose and connect them to applications using the API.
There are other security enhancements:
- Support for post-quantum safe cryptography.
- Advanced identity verification (IDV) capabilities through integration with OnFido.
- AI-powered fraud decisioning through integration with Sift.
- Sovereign identity proxy from partner InCountry delivers the ability to isolate identity data in other countries to address regulatory requirements.
All these capabilities are available immediately except for the agentic AI functionality.
Enterprise Times: What does this mean?
This is a timely announcement from WSO2. The company will demonstrate the new AI capabilities for IAM at WSO2Con 2025 next week in Barcelona. It is also expected to announce more details of future functionality, including its agentic AI tools.
