Authentication Flow Composer is a UI-based tool to design and configure the authentication flows for the WSO2 Identity Server. This tool allows users to define their authentication flows with a UI-based flow (Visual flow) and a script-based flow. Therefore, even an entry-level user who is not familiar with the WSO2 Identity Server syntax will be able to define their authentication flows easily with this approach.

Configure Identity Server

First, you have to configure the WSO2 Identity Server to run the Authentication Flow Composer tool. You can follow the steps below for that.

  • Download and install the WSO2 Identity Server from here.

Note: In…


Hi everyone. In my previous blog, I gave you a brief introduction to Authentication Flow Composer. Currently, I have started implementing this and I will be discussing the problems I have faced, the main technologies I have used so far, and the reasons for using them in this blog.

Authentication Flow Composer has three main components.

  1. Sidebar where users can select already existing templates of authentication scripts.
  2. Visual editor where you can define the authentication flow through UI.
  3. Script Editor


Hi everyone, In my previous blogs, I have mentioned that I am working on Authentication Flow Composer, an exciting feature of the WSO2 Identity Server, as my internship project. The purpose of this blog is to give you a brief introduction to Authentication Flow Composer.

Currently, the WSO2 identity server supports script-based authentication, where the users can define their authentication flow through a script. But this approach has a learning curve, and therefore, users must first become familiar with the JavaScript syntax and syntax related to WSO2 Identity Server to define an authentication flow for their applications.


Flexible and secure way of authentication

Authentication is the process of proving a user’s digital identity to be true. Usually, applications use a username and a password for this authentication process. But most of the users don’t like to remember passwords as they have to remember several passwords for different applications. As a result, various other factors came into use, which can be categorized as follows.

Something user has — Mobile phone, email

Something user knows — Passwords, PIN numbers

Something user is — Fingerprint, Face Recognition

When the technology developed, the attackers came up with techniques to compromise the systems which use a single factor…


WSO2 Identity Server

Hi everyone, I have started my internship journey at one of the world’s best open-source middle-ware companies, WSO2. And I got a chance to work on an exciting feature in the WSO2 Identity Server that is an Adaptive Authentication Flow Composer. I look forward to sharing blogs with you based on my ideas and what I will learn through this internship journey. In this blog, I will be discussing what the WSO2 Identity Server is and how it can be used to manage identities.

WSO2 Identity Server is a fully open-source, API driven solution for identity and access management. It…

Himashi Rathnayake

Software Engineering Intern at WSO2, Undergraduate — Department of Computer Science and Engineering, University of Moratuwa

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store