Anuradha Karunarathna
120 FOLLOWERS
Stories by Anuradha Karunarathna about identity management, ID management access and tools, security and more! Anuradha Karunarathna is Senior Software Engineer at WSO2 with computer engineering background.
Anuradha Karunarathna
1y ago
If you are a tech guy, I don’t think I need to say what is Stack Overflow at all. In case you don’t know what it is check it out https://stackoverflow.com/. Stackoverflow is an online platform where developers can learn and share their knowledge and help each other to solve programming issues, resolve issues in digital offerings, etc.
I have been a Stack Overflow member for 4 years and 10 months now. Today I thought to write down this post because recently, I reached a noteworthy milestone on Stack Overflow — a reputation of 2500+.
You might now think, is that a big deal compared to the ..read more
Anuradha Karunarathna
1y ago
Leverage the extensibility of Charon library for your purpose
Did you know that WSO2 Identity Server(IS)- which is a leading open-source IAM solution provider in the market is a SCIM service provider?
Yes, it is. If you check more on WSO2 IS, you will find that SCIM is the main protocol used for identity management in WSO2 IS. The exciting thing here is, SCIM is an open standard for identity provisioning and management, and its widely used in the industry. If you were searching for an IAM solution that supports SCIM, WSO2 IS a good fit for you!?
High-level overview of SCIM Service Pr ..read more
Anuradha Karunarathna
1y ago
Try WSO2 Identity Server (IS) capability to lock user accounts based on SMS/Email OTP and TOTP failed attempts If the user makes multiple failed OTP verification attempts, the user account gets lockedIntroduction
I’m sure all of you may know password brute force attacks. It’s nothing but guessing the password of a user account systematically trying out every possible combination of allowed characters(letters, numbers, symbols, etc). In order to mitigate this attack Identity and Access Management solutions provide multiple options. Some of them are as follows.
Strong Password&nb ..read more
Anuradha Karunarathna
2y ago
Then you can write tons of integrations on Salesforce events with low code
User Story:
Company XYZ creates its leads (people who are interested in their product/service. ie: potential customers) in salesforce based on user engagement in marketing activities such as completing lead forms, clicking on LinkedIn ads, and registering for company events etc.
Once the account manager of company XYZ contacts a lead to have a meeting, show product demos, and convert the lead to an account/contact. Company XYZ needs to communicate that event to a slack group, send an email to an email group ..read more
Anuradha Karunarathna
2y ago
This is a step-by-step guide to configure the Oracle database as the data source in the WSO2 Identity Server. Nevertheless, you can use this guide to create an Oracle DB for any of your purposes in quite an easy way.
Let's get started!!
Download the Docker image
We use Oracle Database Server Docker Image containing the Oracle Database Server 12.2.0.1 Enterprise Edition running on Oracle Linux 7 for this guide.
Sign in to https://hub.docker.com/ using your credentials. (If you don’t have an account yet signup now)
Access the Oracle database docker image from https://hub.do ..read more
Anuradha Karunarathna
2y ago
Let’s find out the Bulk operation support in WSO2 IS-5.10.0 with samples from one place
What is Bulk operation?
The capability to send multiple resource operations in a single request.
This is an optional feature for a SCIM service provider.
Bulk operation is described in RFC7644 section 3.7 in detail.
POST operation for /Bulk endpoint is defined.
Following is the structure of a Bulk request body.
The following section elaborates how the request body should be formed.
1. Manage User Resource 1.1 Bulk user import/ creation
This sample request is to cr ..read more
Anuradha Karunarathna
2y ago
Register your users in an easy way
https://unsplash.com/s/photos/company-registration
Setup WSO2 IS for self-registration
Add an SMS event publisher with the file nameSMSPublisher.xml to <IS_HOME>/repository/deployment/server/eventpublishers location. You can use the provided sample. This is a sample publisher is for publishing the account confirmation code of signup flow to an SMS API. (NOTE: This file may be available in later versions like 5.12.0)
https://medium.com/media/31da35febb5fc2cb6d552bb84ad502b6/href
NOTE:
You need to provide the HTTP request body based on the se ..read more
Anuradha Karunarathna
2y ago
Send your notification as you wish
When you are finding this blog, you might be searching for “how to send a google chat notification from a GitHub action”. You may have already tried out several marketplace actions available for google chat notifications; such as,
google-chat-github-notification - GitHub Marketplace
google-chat-notification - GitHub Marketplace
but you are not satisfied with them because they don't provide much flexibility to alter your notification as you wish. If that is the case, you have come to the right place.
I’ll solve your problem without any third ..read more
Anuradha Karunarathna
2y ago
OAuth 2.0 Authorization Framework defines two types of clients based on their ability to authenticate securely with the authorization server (RFC 6749 Section 2.1):
Confidential Client — client implemented on a secure server with
restricted access to the client credentials.
Public Client — Clients executing on the device used by the
resource owner.
Out of these two types, confidential clients MUST require client authentication when accessing the token endpoint to request an access token.
OAuth 2.0 Token API supports the following client authentication methods:
(Refer: RFC 6749 ..read more
Anuradha Karunarathna
2y ago
Try WSO2 Identity Server (IS) capability to lock user accounts based on SMS/Email OTP and TOTP failed attempts If the user makes multiple failed OTP verification attempts, the user account gets lockedIntroduction
I’m sure all of you may know password brute force attacks. It’s nothing but guessing the password of a user account systematically trying out every possible combination of allowed characters(letters, numbers, symbols, etc). In order to mitigate this attack Identity and Access Management solutions provide multiple options. Some of them are as follows.
Strong Password&nb ..read more