About this release¶

WSO2 Identity Server 5.11.0 is the latest WSO2 Identity Server (WSO2 IS) release and is the successor of WSO2 Identity Server 5.10.0.

What's new in this release¶

New features and enhancements¶

WSO2 IS 5.11.0 contains the following new features and enhancements:

• Enhanced My Account application (known as "User Portal" in 5.10.0) for users to manage their account-related preferences. For more information, see My Account.

• Switched to symmetric key encryption as the default encryption method for data protection. For more information, see Symmetric Key Encryption Overview.

• Separated 'user groups' and 'roles', and introduced new role management APIs. For more information, see SCIM 2.0 REST APIs.

• Introduced CORS management APIs. For more information, see CORS management APIs.

• Upgraded to OpenSAML 3

• Introduced Software Development Kits (SDKs) for Java, .Net, and Android for simple and quick integration with simple configurations. For more information, see Using SDKs.

• Integrated with HashiCorp Vault to protect and govern secrets such as database passwords, key store passwords etc.

• Improvements to CIAM (Customer Identity and Access Management) functionality:

  • Trigger email validation upon email address change
  • Trigger SMS-based verification upon mobile number change
  • Enforcing uniqueness and regex validation for challenge question answers to avoid risks due to weaker answers
  • Auto log in the user upon successful password recovery
  • Revoke session-bounded tokens upon logout and session expiry events

Beta features¶

• React-based console application with developer and administrator views to manage and maintain the features offered by WSO2 Identity Server. This is an ongoing effort to improve the user experience with the product.

• Tenant-qualified URLs with the option of switching to tenant qualified endpoints, which consistently qualifies every URL/endpoint of WSO2 Identity Server with the tenant in a path parameter. This improves flexibility for tenant-wise sharding and branding compared to previous releases.

• Managing CORS configurations tenant-wise is possible with this release as the CORS configurations can now be made at application level and enforced at tenant level.

Deprecated Features¶

• /identity/connect/register API
• OAuth 1.0

For more information, see WSO2 Identity Server Feature Deprecation.

Fixed issues¶

Refer below for the improvements and bug fixes available with this release.

• 5.11.0-RC Fixes
• 5.11.0-Beta5 Fixes
• 5.11.0-Beta4 Fixes
• 5.11.0-Beta3 Fixes
• 5.11.0-Beta2 Fixes
• 5.11.0-Beta Fixes
• 5.11.0-Alpha3 Fixes
• 5.11.0-Alpha2 Fixes
• 5.11.0-Alpha Fixes
• 5.11.0-M35 Fixes
• 5.11.0-M34 Fixes
• 5.11.0-M32 Fixes
• 5.11.0-M30 Fixes
• 5.11.0-M29 Fixes
• 5.11.0-M28 Fixes
• 5.11.0-M27 Fixes
• 5.11.0-M26 Fixes
• 5.11.0-M25 Fixes
• 5.11.0-M24 Fixes
• 5.11.0-M23 Fixes
• 5.11.0-M22 Fixes
• 5.11.0-M21 Fixes
• 5.11.0-M20 Fixes
• 5.11.0-M19 Fixes
• 5.11.0-M18 Fixes
• 5.11.0-M17 Fixes
• 5.11.0-M16 Fixes
• 5.11.0-M18 Fixes
• 5.11.0-M17 Fixes
• 5.11.0-M16 Fixes
• 5.11.0-M15 Fixes
• 5.11.0-M14 Fixes
• 5.11.0-M13 Fixes
• 5.11.0-M12 Fixes
• 5.11.0-M11 Fixes
• 5.11.0-M10 Fixes
• 5.11.0-M9 Fixes
• 5.11.0-M4 Fixes

Known issues¶

For a complete list of open issues related to the WSO2 Identity Server runtime, see WSO2 IS Runtime - Open Issues.