The latest articles on DEV Community by Harsha Thirimanna (@harsha_thirimanna_39edfd6). https://dev.to/harsha_thirimanna_39edfd6 https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F1658956%2F97cd417a-520d-48cf-9081-d2d777076b98.jpg https://dev.to/harsha_thirimanna_39edfd6 en Harsha Thirimanna Fri, 21 Jun 2024 20:19:15 +0000 https://dev.to/harsha_thirimanna_39edfd6/modernizing-legacy-applications-with-ballerina-1hei https://dev.to/harsha_thirimanna_39edfd6/modernizing-legacy-applications-with-ballerina-1hei <p><a href="https://www.meetup.com/austin-developer-community/events/301626607/?utm_medium=referral&amp;utm_campaign=share-btn_savedevents_share_modal&amp;utm_source=linkedin">https://www.meetup.com/austin-developer-community/events/301626607/?utm_medium=referral&amp;utm_campaign=share-btn_savedevents_share_modal&amp;utm_source=linkedin</a></p> <p><a href="https://res.cloudinary.com/practicaldev/image/fetch/s--JUaFhb5p--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_800/..." class="article-body-image-wrapper"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--JUaFhb5p--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_800/..." alt="Uploading image" width="" height=""></a></p> Harsha Thirimanna Thu, 20 Jun 2024 19:39:33 +0000 https://dev.to/harsha_thirimanna_39edfd6/introducing-identity-server-70-the-most-powerful-and-developer-friendly-release-yet-5dk5 https://dev.to/harsha_thirimanna_39edfd6/introducing-identity-server-70-the-most-powerful-and-developer-friendly-release-yet-5dk5 <p><strong>Refreshing Look and Feel for the Console UI</strong></p> <p>The console has received a major upgrade with our brand-new, lightning-fast Oxygen UI! The beta console UI, accessible via https://:/console, introduced in version 5.11.0, is now available for production usage for administrative and developer tasks.</p> <p>With this upgrade, concepts such as service providers, identity providers, inbound/outbound authentication, previously utilized in the Carbon-based management console, have evolved into 'applications' and 'connections', respectively. WSO2 Identity Server 7.0.0 introduces application templates for Single Page Applications (SPAs), web applications with server-side rendering, mobile applications, and machine-to-machine (M2M) applications. It also offers a variety of authentication options, including social login, multi-factor authentication (MFA), passwordless authentication, etc., which can be selected from the available connections.</p> <p><strong>Productized Support for B2B CIAM Use Cases</strong></p> <p>WSO2 Identity Server now enables secure access for your B2B business customers with flexible organization management capabilities. B2B CIAM is the identity foundation that helps organizations that work with business customers, franchises, distributors and suppliers get their apps and services to market quickly and securely.</p> <p><em>Key Highlights:</em></p> <p>Onboard enterprise IDP, or invite users to register at organizations<br> Configure varied login options for organizations<br> Hierarchical organization management<br> Delegated administration<br> Different branding for organizations<br> Resolve organization at login as the user inputs the organization name, based on the user’s email domain mapped for a particular organization or based on a query or path parameter in the URL</p> <p><strong>Authentication API for App-Native Authentication</strong></p> <p>This release introduces an API-based authentication capability, allowing developers to implement complete authentication workflows within their applications, focusing on enhanced user experience.</p> <p><em>Key Highlights:</em></p> <p>A flexible API containing all necessary details to render UIs inside the application itself<br> Support for handling authentication orchestration logic at the WSO2 Identity Server without taking that overhead to the application (e.g: Based on the device the user logs in to the app, prompt the second factor)<br> APIs based on OAuth 2.0/Open ID Connect standards, requiring no browser support<br> Ensures identity and proof of possession of the client in handling authentication credentials</p> <p><strong>Compliance with FAPI 1.0 Profiles</strong></p> <p>WSO2 IS is now compliant with FAPI 1.0 Baseline and Advanced profiles, ensuring secure and compliant financial services operations.</p> <p><em>Key Highlights:</em></p> <p>Create FAPI compliant applications from DCR. This validates FAPI enforcements a FAPI compliant application should have like Software Statement Assertions(SSA) validation that ensures the third party is trusted with the regulatory body of the region<br> Support for certificate bound access tokens.<br> Support for pairwise subject identifiers<br> Enforcing request object validations for FAPI compliance<br> Mandate sending a request object in the authorization request passed via the request or request_uri parameter.<br> Mandatory request object parameter validations (scope, redirect_uri, nonce)<br> Request object signing algorithm restriction (PS256, ES256)<br> Mandate PKCE for PAR<br> Enforce nbf &amp; exp claim validations<br> Enforcing FAPI allowed client authentication methods and signature algorithms</p> <p><strong>First-Class Support for Securing API Resources</strong></p> <p>Comprehensive support for API Authorization via RBAC is now available, allowing easy representation, subscription, and role-based access control for API resources.</p> <p><em>Key Highlights:</em></p> <p>Easily represent API Resources and scopes associated with your applications.<br> Seamlessly subscribe API Resources to applications.<br> Define roles collecting API scopes.<br> Enable RBAC when authorizing APIs.<br> Role assignment for users and groups connected from various sources (from user stores, from external IdPs)<br> Role-Based scope validation during token issuing.</p>