WSO2 Expands AI and B2B Capabilities Across Identity and Access Management Product Family

Newest WSO2 Identity Server and Asgardeo IDaaS versions speed the deployment of secure AI Agents via new agentic IAM features, expand AI capabilities that improve IAM developers’ experience, and extend WSO2’s leadership in B2B CIAM

Enterprise software developers need to ensure that digital experiences are secure—whether delivered via applications or artificial intelligence (AI) agents. WSO2 empowers developers to deliver this demand with the latest releases of its identity and access management (IAM) products: WSO2 Identity Server open-source software (OSS) and Asgardeo identity as a service (IDaaS). The products offer new agentic IAM capabilities that accelerate the deployment of secure AI agents by treating these agents as first-class entities and supporting authorization of the model context protocol (MCP). Additionally, they extend AI functionality designed to maximize developers’ productivity.

The latest WSO2 Identity Server and Asgardeo releases also extend WSO2’s leadership delivering comprehensive functionality for complex business-to-business (B2B) customer IAM (CIAM) scenarios, including more fine-grained access control to applications and support for additional organizational structures. Other new and enhanced capabilities include real-time event publishing, advanced account linking, and post-quantum security, among others.

“Developers are being tasked to deliver an expanding range of secure, intelligent digital experiences across multiple consumer and business scenarios,” said Geethika Cooray, vice president and general manager of identity and access management at WSO2. “With our latest WSO2 Identity Server and Asgardeo releases, we’re simplifying developers’ experience while empowering them to deliver secure AI-driven applications and agents that serve today’s advanced B2B and consumer demands.”

Also Read: AiThority Interview with Jonathan Kershaw, Director of Product Management, Vonage

The new product versions build on the proven IAM capabilities of WSO2 Identity Server open-source software and Asgardeo, which is available in both multitenant and private SaaS versions. Together, they manage more than 1 billion identities worldwide and support a range of scenarios, CIAM, B2B CIAM, and government-to-citizen (G2C) IAM, among others. Because the products share the same code base and user interface (UI), WSO2 customers have unprecedented flexibility to migrate between cloud, on-premises and hybrid deployments while delivering a consistent, best-in-class user experience for developers, consumers, and other users.

Ensuring the Security of AI Agents

As AI agents take on tasks typically handled by people, they need robust access security and oversight. WSO2 is among the first vendors to address this requirement with the new agent identity management and MCP authorization functionality in WSO2 Identity Server and Asgardeo.

Agent identity management enables organizations to register and manage agents as first-class identities, assign roles and access levels to determine their privileges, issue agent-friendly credentials and authentication, issue and manage tokens for secure communication, and allow agent activity to be audited independently of user activity.

MCP authorization secures MCP servers—a critical function since MCP emerged as the key protocol for allowing AI agents to access corporate resources. With the MCP authorization functionality, customers can:

• Enable registering MCP servers to define precise access controls and maintain consistent authorization rules to protect underlying business resources.
• Set up MCP clients by registering them, creating them as a compliant client, and authorizing them with specific scopes to define permitted access to MCP servers to ensure secure operations.
• Enable governance of user authentication for MCP clients.

AI-Driven Automation for Enhanced Productivity

WSO2 has been at the forefront in leveraging AI to enhance developer productivity. Previously, WSO2 Identity Server and Asgardeo introduced AI-assisted branding, user login creation, and authentication. The newest product versions add AI-assisted self-registration flow generation and MCP server authorization. Now developers choose between natural language and no-code drag-and-drop options to secure access.

User flow orchestration delivers an AI-assisted, no-code, drag-and drop flow builder for crafting key user flows like self-registration, password recovery and invited user onboarding.

AI-assisted MCP authorization set-up lets developers manage application settings and add secure login flows using AI tools like GitHub Copilot without leaving their code editor. This simplifies the implementation of complex security features, such as multi-factor authentication (MFA) and user provisioning—reducing errors and empowering developers to focus on core product logic to speed the creation of secure AI-powered applications and agents.

Expanded Comprehensive B2B Support

WSO2 Identity Server and Asgardeo offer the industry’s most comprehensive B2B CIAM support. With WSO2, enterprises can easily onboard organizations and their consumers or employees; delegate administration to enterprise customers and partners; flexibly manage the complex, multi-level organization hierarchies of distributors, subsidiaries, brands and franchises; and support organizations’ entire B2B application portfolio. The latest WSO2 IAM products extend WSO2’s B2B CIAM leadership by adding new capabilities for streamlined login and security and selective role sharing.

Streamlined login and security for sub-organizations allows enterprises to easily manage a hierarchy of sub-organizations by applying consistent login and registration settings from the parent organization. Child organizations can customize or override inherited settings as needed or revert to parent defaults when required. Child organizations also can automatically inherit user attributes and OpenID Connect (OIDC) scopes. This simplifies governance for login and registration settings and avoids repetitive configurations for typical B2B SaaS scenarios and broader enterprise organization structures.

Selective role sharing for B2B applications lets enterprises decide whether to share all roles, selected roles, or no roles when sharing an application with one or more organizations. So, not only can enterprises determine whether to share certain applications with sub-organizations; they can also decide which portions of applications to share. This allows role sharing to be aligned with pricing tiers or service levels and gives each partner or subsidiary access tailored to their needs.

Expanded Security Features

The newest releases of WSO2’s IAM products feature several other new security features and enhancements:

• New real-time event publishing enables identity events, such as registrations, updates and logins, to be shared in real time with external applications, enabling an identity-first security approach.
• Advanced account linking is now available on any chosen user attribute, not simply predefined attributes like username or email. This offers greater flexibility to configure account linking in line with organizational policies and requirements.
• Workflows is a revamped workflow-based approval framework that supports long-running approval workflows for critical user management operations.
• European digital identity solution support now includes Signicat (pan-European), FranceConnect, and Swiss ID.
• Expanded post-quantum security to protect data against potential future quantum-based attacks now covers both inbound and outbound communication.

Availability

The new capabilities are all generally available now with WSO2 Identity Server 7.2 and the latest release of Asgardeo. More details are available in today’s IAM product blog post. Additionally, developers and other technology professionals can visit WSO2’s website to download WSO2 Identity Server 7.2 or try the Asgardeo IDaaS for free.

Founded in 2005, WSO2 is the largest independent software vendor providing open-source API management, integration, and identity and access management (IAM) to thousands of enterprises in over 90 countries. WSO2’s products and platforms—including our next-gen internal developer platform, Choreo—empower organizations to leverage the full potential of artificial intelligence and APIs for securely delivering the next generation of AI-enabled digital services and applications. Our open-source, AI-driven, API-first approach frees developers and architects from vendor lock-in and enables rapid digital product creation. Recognized as leaders by industry analysts, WSO2 has more than 800 employees worldwide with offices in Australia, Brazil, Germany, India, Sri Lanka, the UAE, the UK, and the US, with over USD100M in annual recurring revenue.

Also Read: A Pulse Check on AI in the Boardroom: Balancing Innovation and Risk in an Era of Regulatory Scrutiny