WSO2 Identity Server 5.9.0 oAuth2 type of configuration

1
votes

I want to use WSO2 as a centralized authentication solution for all my clients.

I'm trying to setup this scenario: Each client as Dev, QA and Prod Environments. Some users should be able to log in into different environment.

So far, as with oAuth2 I could setup an app id for each environment, and allow or deny authentication per application.

With WSO2, I've been trying to setup some type of differentiated identity vaults, or specify this type of relationship, but unfortuantely, documentation hasn't been quite illustrative about how things are done.

Documentation talks about SSO but with SSO you have several IDP, in this scenario I want WSO2 IS 5.9.0 to BE the identity provider for all my infrastructure...

2
oauth-2.0wso2identitywso2is

2 Answers

1
votes

MultiTenancy create an IDP for each tenant automatically.

The only thing needed is to login with the credentials setup when adding the tenant, and WSO2 would handle the rest.

Yes is THAT simple!

1
votes

If you don't want to create a multitenant installation, you may configure a service provider for each environment and also a different userstore for each environment with different credentials and set service providers up with adaptative authentication requesting only authenticated against the matching userstore.

It is explained in this documentation of WSO2: https://docs.wso2.com/display/IS570/Configuring+User+Store-Based+Adaptive+Authentication

You may also do it the same, based on the user's role with adaptative authentication if you don't want to create different userstores.