Open-Source Trend in Digital Identity
In recent years, open-source solutions in the field of Digital Identity/Customer Identity and Access Management (CIAM) have positioned themselves very strongly. Thanks to new, feature-rich products that address core digital identity requirements very well on the one hand and offer the opportunity to optimize processes and workflows on the other, potential customers can choose from a variety of features. These products can be expanded and easily integrated into existing IT landscapes. Potential customers thus have a cost-efficient way of easily implementing an initial connection for a proof of concept project.
WSO2 versus Keycloak
The main difference between WSO2 Identity Server and Keycloak lies in the support of the complex CIAM requirements and in the integrability of the two products.Keycloak is a lightweight single sign-on product with limited support for advanced CIAM use cases. The product integrates with little or almost no development effort.
WSO2 Identity Server is an API-based 360° digital identity product. Essential and complex CIAM features are natively supported in the product. The single sign-on standards - SAML 2.0, OAuth 2.0 and OpenID Connect - are supported. In addition, inbound/outbound/just-in-time account provisioning and deployment on-premise, cloud or hybrid.
WSO2 was recognized as an Overall Leader, Technology Leader and Innovation Leader in the KuppingerCole Leadership Compass. Gartner recognized WSO2 as a developer-focused solution in the CIAM report. Forrester has named WSO2 a “Strong Performer” in CIAM.
Single-Sign-On and MFA
In terms of single sign-on, both products support the latest SAML and OpenID Connect protocols. Identity federation, social login and multi-factor authentication can be configured. In this area, WSO2 Identity Server definitely offers more options for using advanced features such as Passwordless FIDO2 Authentication.Custom Integration
Both products offer a REST API for integration with existing IT systems. In addition, WSO2 Identity Server can be controlled via a SCIM2 API, which enables native integration with other identity management solutions. SCIM2 stands for System for Cross-domain Identity Management.Download
Conclusion
Both service providers want to increase customer satisfaction. This is achieved through the lowest possible implementation effort. A lightweight tool like Keycloak has an advantage in initial proof of concept project phases because it is very easy to configure. At the latest in a more advanced project phase, however, WSO2 has a clear advantage because complex digital identity workflows can be implemented.“Thanks to our 15 years of experience in Identity Management Consulting, manufacturers are happy to subsequently expand CIAM solutions with new, fee-based features. These functional extensions are a significant cost driver for the customer. If a complex customer-experience-driven product such as WSO2 Identity Server provides many of the required features out-of-the-box and open source, the costs and time required for a subsequent expansion of the range of functions used are reduced. Native support for industry standards also ensures compliance with CIAM best practices, which partner companies and users are expected to support.”
Ventum 2022