Re: [Dev] [Architecture] [VOTE] Release of WSO2 Identity Server 5.6.0 RC3

[Madawa Soysa]

Hi all,

Thanks for testing WSO2 Identity Server 5.6.0-RC3.

Since this vote passed with 18 +1s and 0 -1s, we’re hereby closing this vote
 and proceeding with the Identity Server 5.6.0 GA release.

Thanks,
Madawa

On Wed, Jun 20, 2018 at 11:25 AM Amalka Subasinghe  wrote:

> Hi all,
>
> We tested following
> - Private key jwt authentication
> - OIDC login/logout flow
> - OIDC Hybrid flow with "code id_token" response type
>
> No blocking issues found. Hence +1 for the release
>
> Thanks
> Amalka
>
> On Wed, Jun 20, 2018 at 11:08 AM Ayesha Dissanayaka 
> wrote:
>
>> Hi All,
>>
>> I have tested following Identity Management Scenarios.
>>
>> User Self Registration
>> Username Recovery
>> Password Self Recovery
>>
>> via Email
>>
>> via Challenge Questions
>>
>>
>> Admin Forced Password reset
>>
>> via Email link
>>
>> via OTP in Email
>>
>> via Offline OTP
>>
>>
>> Email Notifications
>>
>> Resend Account Verification link
>>
>> Account lock/unlock
>>
>> Start password recovery flow with challenge questions
>>
>> +1 for the release as no blocking issue is found.
>>
>> Thanks!
>> -Ayesha
>>
>>
>> On Tue, Jun 19, 2018 at 5:27 PM, Madawa Soysa  wrote:
>>
>>> Hi All,
>>>
>>> I have tested the following,
>>>
>>>- Generating MP-JWT 1.0 compatible token.
>>>- Microprofile JWT Sample
>>>
>>> No blocking issues found. Hence +1 for the release.
>>>
>>> On Tue, Jun 19, 2018 at 5:08 PM Biruntha Gnaneswaran 
>>> wrote:
>>>
 Hi All,

 I have tested the following,

 Create service provider and tested OAuth flow with playground when
 hashing access tokens, refresh tokens, client secrets, and authorization
 codes feature enabled.

 No blocking issues found.

 [+] Stable - go ahead and release

 Thanks,

 On Tue, Jun 19, 2018 at 4:52 PM, Nadeeshani Pathirennehelage <
 nadeesha...@wso2.com> wrote:

> Hi All,
>
> +1 from Platform Security Team.
>
> Thank You,
> Nadeeshani.
>
> On Tue, Jun 19, 2018 at 4:42 PM, Ashen Weerathunga 
> wrote:
>
>> Hi All,
>>
>> I have tested the following and found no issues.
>>
>>- Consent Management for Self Sign Up.
>>- Creating Users with the Ask Password Option.
>>- Password pattern validation.
>>- SAML SSO with Consent Management.
>>
>> [+] Stable - go ahead and release
>>
>> Thanks,
>> Ashen
>>
>>
>> On Tue, Jun 19, 2018 at 3:59 PM Ishara Karunarathna 
>> wrote:
>>
>>> Hi All,
>>>
>>> Tested the IS 5.6.0-RC3 integration with IS-Analytics-5.6.0
>>> And check the session analytics reports.
>>>
>>>
>>> No blocking issues found.
>>> [+] Stable
>>>
>>> Thanks,
>>> Ishara
>>>
>>>
>>>
>>>
>>>
>>> On Tue, Jun 19, 2018 at 3:48 PM Isuri Anuradha 
>>> wrote:
>>>
 Hi all,

 I've tested following scenarios on the IS 5.6.0-RC3 pack.

- SAML to SAML federation flow.
- Publish and Update XACML policies.
- OAuth token revocation.

 No blocking issues found.

 [+] Stable

 Thanks
 Isuri.

 On Tue, Jun 19, 2018 at 3:34 PM, Omindu Rathnaweera <
 omi...@wso2.com> wrote:

> Hi All,
>
> Tested SCIM 2.0 basic operations. No blocking issues found
>
> [+] Stable - Go ahead and release
>
> Regards,
> Omindu.
>
>
>
>
>
> On Tue, Jun 19, 2018 at 3:14 PM Nipuni Bhagya 
> wrote:
>
>> Hi all,
>>
>> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>>
>>- Configuring Single-Sign-On with SAML2
>>- Configuring Single-Sign-On with OIDC
>>- Configuring Multi-Factor Authentication
>>- Configuring Twitter as a Federated Authenticator
>>- Setting up Self-Signup
>>- Creating a workflow
>>- Tested Consent management API (Add/Retrieve purposes,
>>Add/revoke consents.)
>>
>> No blocking issues found.
>>
>> [+] Stable
>>
>> Thanks,
>>
>>
>> On Tue, Jun 19, 2018 at 2:38 AM Pulasthi Mahawithana <
>> pulast...@wso2.com> wrote:
>>
>>> Hi,
>>>
>>> Tested SSO with Multi step/multi option authentication, Google
>>> and Twitter authenticators
>>>
>>> No blocking issues found.
>>>
>>> [+] Stable - Go ahead and release
>>>
>>>
>>> On Tue, Jun 19, 2018 at 2:59 PM Hasanthi Purnima Dissanayake <
>>> hasan...@wso2.com> wrote:
>>>
 Hi,

 Tested below scenarios on IS 5.6.0-RC3 pack,

 - Register a service provider

Re: [Dev] [Architecture] [VOTE] Release of WSO2 Identity Server 5.6.0 RC3

[Amalka Subasinghe]

Hi all,

We tested following
- Private key jwt authentication
- OIDC login/logout flow
- OIDC Hybrid flow with "code id_token" response type

No blocking issues found. Hence +1 for the release

Thanks
Amalka

On Wed, Jun 20, 2018 at 11:08 AM Ayesha Dissanayaka  wrote:

> Hi All,
>
> I have tested following Identity Management Scenarios.
>
> User Self Registration
> Username Recovery
> Password Self Recovery
>
> via Email
>
> via Challenge Questions
>
>
> Admin Forced Password reset
>
> via Email link
>
> via OTP in Email
>
> via Offline OTP
>
>
> Email Notifications
>
> Resend Account Verification link
>
> Account lock/unlock
>
> Start password recovery flow with challenge questions
>
> +1 for the release as no blocking issue is found.
>
> Thanks!
> -Ayesha
>
>
> On Tue, Jun 19, 2018 at 5:27 PM, Madawa Soysa  wrote:
>
>> Hi All,
>>
>> I have tested the following,
>>
>>- Generating MP-JWT 1.0 compatible token.
>>- Microprofile JWT Sample
>>
>> No blocking issues found. Hence +1 for the release.
>>
>> On Tue, Jun 19, 2018 at 5:08 PM Biruntha Gnaneswaran 
>> wrote:
>>
>>> Hi All,
>>>
>>> I have tested the following,
>>>
>>> Create service provider and tested OAuth flow with playground when
>>> hashing access tokens, refresh tokens, client secrets, and authorization
>>> codes feature enabled.
>>>
>>> No blocking issues found.
>>>
>>> [+] Stable - go ahead and release
>>>
>>> Thanks,
>>>
>>> On Tue, Jun 19, 2018 at 4:52 PM, Nadeeshani Pathirennehelage <
>>> nadeesha...@wso2.com> wrote:
>>>
 Hi All,

 +1 from Platform Security Team.

 Thank You,
 Nadeeshani.

 On Tue, Jun 19, 2018 at 4:42 PM, Ashen Weerathunga 
 wrote:

> Hi All,
>
> I have tested the following and found no issues.
>
>- Consent Management for Self Sign Up.
>- Creating Users with the Ask Password Option.
>- Password pattern validation.
>- SAML SSO with Consent Management.
>
> [+] Stable - go ahead and release
>
> Thanks,
> Ashen
>
>
> On Tue, Jun 19, 2018 at 3:59 PM Ishara Karunarathna 
> wrote:
>
>> Hi All,
>>
>> Tested the IS 5.6.0-RC3 integration with IS-Analytics-5.6.0
>> And check the session analytics reports.
>>
>>
>> No blocking issues found.
>> [+] Stable
>>
>> Thanks,
>> Ishara
>>
>>
>>
>>
>>
>> On Tue, Jun 19, 2018 at 3:48 PM Isuri Anuradha 
>> wrote:
>>
>>> Hi all,
>>>
>>> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>>>
>>>- SAML to SAML federation flow.
>>>- Publish and Update XACML policies.
>>>- OAuth token revocation.
>>>
>>> No blocking issues found.
>>>
>>> [+] Stable
>>>
>>> Thanks
>>> Isuri.
>>>
>>> On Tue, Jun 19, 2018 at 3:34 PM, Omindu Rathnaweera >> > wrote:
>>>
 Hi All,

 Tested SCIM 2.0 basic operations. No blocking issues found

 [+] Stable - Go ahead and release

 Regards,
 Omindu.





 On Tue, Jun 19, 2018 at 3:14 PM Nipuni Bhagya 
 wrote:

> Hi all,
>
> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>
>- Configuring Single-Sign-On with SAML2
>- Configuring Single-Sign-On with OIDC
>- Configuring Multi-Factor Authentication
>- Configuring Twitter as a Federated Authenticator
>- Setting up Self-Signup
>- Creating a workflow
>- Tested Consent management API (Add/Retrieve purposes,
>Add/revoke consents.)
>
> No blocking issues found.
>
> [+] Stable
>
> Thanks,
>
>
> On Tue, Jun 19, 2018 at 2:38 AM Pulasthi Mahawithana <
> pulast...@wso2.com> wrote:
>
>> Hi,
>>
>> Tested SSO with Multi step/multi option authentication, Google
>> and Twitter authenticators
>>
>> No blocking issues found.
>>
>> [+] Stable - Go ahead and release
>>
>>
>> On Tue, Jun 19, 2018 at 2:59 PM Hasanthi Purnima Dissanayake <
>> hasan...@wso2.com> wrote:
>>
>>> Hi,
>>>
>>> Tested below scenarios on IS 5.6.0-RC3 pack,
>>>
>>> - Register a service provider
>>> - Obtain an access token using JWT grant type
>>> - Invoke user info endpoint using the token.
>>>
>>> No blocking issues found.
>>>
>>> [+] Stable - Go ahead and release
>>>
>>> Thanks,
>>> Hasanthi
>>>
>>> On Tue, Jun 19, 2018 at 2:44 PM, Dewni Weeraman 
>>> wrote:
>>>
 Hi,

 Tested below scenarios on IS 5.6.0-RC3 pack,

- Invoke the 

Re: [Dev] [Architecture] [VOTE] Release of WSO2 Identity Server 5.6.0 RC3

[Ayesha Dissanayaka]

Hi All,

I have tested following Identity Management Scenarios.

User Self Registration
Username Recovery
Password Self Recovery

via Email

via Challenge Questions


Admin Forced Password reset

via Email link

via OTP in Email

via Offline OTP


Email Notifications

Resend Account Verification link

Account lock/unlock

Start password recovery flow with challenge questions

+1 for the release as no blocking issue is found.

Thanks!
-Ayesha


On Tue, Jun 19, 2018 at 5:27 PM, Madawa Soysa  wrote:

> Hi All,
>
> I have tested the following,
>
>- Generating MP-JWT 1.0 compatible token.
>- Microprofile JWT Sample
>
> No blocking issues found. Hence +1 for the release.
>
> On Tue, Jun 19, 2018 at 5:08 PM Biruntha Gnaneswaran 
> wrote:
>
>> Hi All,
>>
>> I have tested the following,
>>
>> Create service provider and tested OAuth flow with playground when
>> hashing access tokens, refresh tokens, client secrets, and authorization
>> codes feature enabled.
>>
>> No blocking issues found.
>>
>> [+] Stable - go ahead and release
>>
>> Thanks,
>>
>> On Tue, Jun 19, 2018 at 4:52 PM, Nadeeshani Pathirennehelage <
>> nadeesha...@wso2.com> wrote:
>>
>>> Hi All,
>>>
>>> +1 from Platform Security Team.
>>>
>>> Thank You,
>>> Nadeeshani.
>>>
>>> On Tue, Jun 19, 2018 at 4:42 PM, Ashen Weerathunga 
>>> wrote:
>>>
 Hi All,

 I have tested the following and found no issues.

- Consent Management for Self Sign Up.
- Creating Users with the Ask Password Option.
- Password pattern validation.
- SAML SSO with Consent Management.

 [+] Stable - go ahead and release

 Thanks,
 Ashen


 On Tue, Jun 19, 2018 at 3:59 PM Ishara Karunarathna 
 wrote:

> Hi All,
>
> Tested the IS 5.6.0-RC3 integration with IS-Analytics-5.6.0
> And check the session analytics reports.
>
>
> No blocking issues found.
> [+] Stable
>
> Thanks,
> Ishara
>
>
>
>
>
> On Tue, Jun 19, 2018 at 3:48 PM Isuri Anuradha  wrote:
>
>> Hi all,
>>
>> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>>
>>- SAML to SAML federation flow.
>>- Publish and Update XACML policies.
>>- OAuth token revocation.
>>
>> No blocking issues found.
>>
>> [+] Stable
>>
>> Thanks
>> Isuri.
>>
>> On Tue, Jun 19, 2018 at 3:34 PM, Omindu Rathnaweera 
>> wrote:
>>
>>> Hi All,
>>>
>>> Tested SCIM 2.0 basic operations. No blocking issues found
>>>
>>> [+] Stable - Go ahead and release
>>>
>>> Regards,
>>> Omindu.
>>>
>>>
>>>
>>>
>>>
>>> On Tue, Jun 19, 2018 at 3:14 PM Nipuni Bhagya 
>>> wrote:
>>>
 Hi all,

 I've tested following scenarios on the IS 5.6.0-RC3 pack.

- Configuring Single-Sign-On with SAML2
- Configuring Single-Sign-On with OIDC
- Configuring Multi-Factor Authentication
- Configuring Twitter as a Federated Authenticator
- Setting up Self-Signup
- Creating a workflow
- Tested Consent management API (Add/Retrieve purposes,
Add/revoke consents.)

 No blocking issues found.

 [+] Stable

 Thanks,


 On Tue, Jun 19, 2018 at 2:38 AM Pulasthi Mahawithana <
 pulast...@wso2.com> wrote:

> Hi,
>
> Tested SSO with Multi step/multi option authentication, Google
> and Twitter authenticators
>
> No blocking issues found.
>
> [+] Stable - Go ahead and release
>
>
> On Tue, Jun 19, 2018 at 2:59 PM Hasanthi Purnima Dissanayake <
> hasan...@wso2.com> wrote:
>
>> Hi,
>>
>> Tested below scenarios on IS 5.6.0-RC3 pack,
>>
>> - Register a service provider
>> - Obtain an access token using JWT grant type
>> - Invoke user info endpoint using the token.
>>
>> No blocking issues found.
>>
>> [+] Stable - Go ahead and release
>>
>> Thanks,
>> Hasanthi
>>
>> On Tue, Jun 19, 2018 at 2:44 PM, Dewni Weeraman 
>> wrote:
>>
>>> Hi,
>>>
>>> Tested below scenarios on IS 5.6.0-RC3 pack,
>>>
>>>- Invoke the OAuth Introspection Endpoint.
>>>- OAuth token revocation.
>>>- Entitlement policy creation using write policy in xml and
>>>publishing.
>>>- Using REST APIs via XACML to manage entitlement.
>>>- Create, update, get, delete an OAuth app using Dynamic
>>>Client Registration endpoint.
>>>
>>>
>>> No blocking issues found.
>>>
>>> [+] Stable - Go ahead and release
>>>
>>> 

Re: [Dev] [Architecture] [VOTE] Release of WSO2 Identity Server 5.6.0 RC3

[Madawa Soysa]

Hi All,

I have tested the following,

   - Generating MP-JWT 1.0 compatible token.
   - Microprofile JWT Sample

No blocking issues found. Hence +1 for the release.

On Tue, Jun 19, 2018 at 5:08 PM Biruntha Gnaneswaran 
wrote:

> Hi All,
>
> I have tested the following,
>
> Create service provider and tested OAuth flow with playground when hashing
> access tokens, refresh tokens, client secrets, and authorization codes
> feature enabled.
>
> No blocking issues found.
>
> [+] Stable - go ahead and release
>
> Thanks,
>
> On Tue, Jun 19, 2018 at 4:52 PM, Nadeeshani Pathirennehelage <
> nadeesha...@wso2.com> wrote:
>
>> Hi All,
>>
>> +1 from Platform Security Team.
>>
>> Thank You,
>> Nadeeshani.
>>
>> On Tue, Jun 19, 2018 at 4:42 PM, Ashen Weerathunga 
>> wrote:
>>
>>> Hi All,
>>>
>>> I have tested the following and found no issues.
>>>
>>>- Consent Management for Self Sign Up.
>>>- Creating Users with the Ask Password Option.
>>>- Password pattern validation.
>>>- SAML SSO with Consent Management.
>>>
>>> [+] Stable - go ahead and release
>>>
>>> Thanks,
>>> Ashen
>>>
>>>
>>> On Tue, Jun 19, 2018 at 3:59 PM Ishara Karunarathna 
>>> wrote:
>>>
 Hi All,

 Tested the IS 5.6.0-RC3 integration with IS-Analytics-5.6.0
 And check the session analytics reports.


 No blocking issues found.
 [+] Stable

 Thanks,
 Ishara





 On Tue, Jun 19, 2018 at 3:48 PM Isuri Anuradha  wrote:

> Hi all,
>
> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>
>- SAML to SAML federation flow.
>- Publish and Update XACML policies.
>- OAuth token revocation.
>
> No blocking issues found.
>
> [+] Stable
>
> Thanks
> Isuri.
>
> On Tue, Jun 19, 2018 at 3:34 PM, Omindu Rathnaweera 
> wrote:
>
>> Hi All,
>>
>> Tested SCIM 2.0 basic operations. No blocking issues found
>>
>> [+] Stable - Go ahead and release
>>
>> Regards,
>> Omindu.
>>
>>
>>
>>
>>
>> On Tue, Jun 19, 2018 at 3:14 PM Nipuni Bhagya 
>> wrote:
>>
>>> Hi all,
>>>
>>> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>>>
>>>- Configuring Single-Sign-On with SAML2
>>>- Configuring Single-Sign-On with OIDC
>>>- Configuring Multi-Factor Authentication
>>>- Configuring Twitter as a Federated Authenticator
>>>- Setting up Self-Signup
>>>- Creating a workflow
>>>- Tested Consent management API (Add/Retrieve purposes,
>>>Add/revoke consents.)
>>>
>>> No blocking issues found.
>>>
>>> [+] Stable
>>>
>>> Thanks,
>>>
>>>
>>> On Tue, Jun 19, 2018 at 2:38 AM Pulasthi Mahawithana <
>>> pulast...@wso2.com> wrote:
>>>
 Hi,

 Tested SSO with Multi step/multi option authentication, Google
 and Twitter authenticators

 No blocking issues found.

 [+] Stable - Go ahead and release


 On Tue, Jun 19, 2018 at 2:59 PM Hasanthi Purnima Dissanayake <
 hasan...@wso2.com> wrote:

> Hi,
>
> Tested below scenarios on IS 5.6.0-RC3 pack,
>
> - Register a service provider
> - Obtain an access token using JWT grant type
> - Invoke user info endpoint using the token.
>
> No blocking issues found.
>
> [+] Stable - Go ahead and release
>
> Thanks,
> Hasanthi
>
> On Tue, Jun 19, 2018 at 2:44 PM, Dewni Weeraman 
> wrote:
>
>> Hi,
>>
>> Tested below scenarios on IS 5.6.0-RC3 pack,
>>
>>- Invoke the OAuth Introspection Endpoint.
>>- OAuth token revocation.
>>- Entitlement policy creation using write policy in xml and
>>publishing.
>>- Using REST APIs via XACML to manage entitlement.
>>- Create, update, get, delete an OAuth app using Dynamic
>>Client Registration endpoint.
>>
>>
>> No blocking issues found.
>>
>> [+] Stable - Go ahead and release
>>
>> Thanks,
>> Dewni
>>
>> On Tue, Jun 19, 2018 at 1:43 PM, Sathya Bandara 
>> wrote:
>>
>>> Hi all,
>>>
>>> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>>>
>>> User management (add/update/remove users).
>>> User management in secondary userstores (Read-Write LDAP).
>>> Consent Management in SAML SSO.
>>> SAML to SAML federation.
>>> Creating workflows definitions for primary userstore users.
>>> Engaging/Disabling workflows on user-store operations.
>>> Enable role based authorization using XACML for service
>>> providers.
>>> Tenant 

Re: [Dev] [Architecture] [VOTE] Release of WSO2 Identity Server 5.6.0 RC3

[Biruntha Gnaneswaran]

Hi All,

I have tested the following,

Create service provider and tested OAuth flow with playground when hashing
access tokens, refresh tokens, client secrets, and authorization codes
feature enabled.

No blocking issues found.

[+] Stable - go ahead and release

Thanks,

On Tue, Jun 19, 2018 at 4:52 PM, Nadeeshani Pathirennehelage <
nadeesha...@wso2.com> wrote:

> Hi All,
>
> +1 from Platform Security Team.
>
> Thank You,
> Nadeeshani.
>
> On Tue, Jun 19, 2018 at 4:42 PM, Ashen Weerathunga  wrote:
>
>> Hi All,
>>
>> I have tested the following and found no issues.
>>
>>- Consent Management for Self Sign Up.
>>- Creating Users with the Ask Password Option.
>>- Password pattern validation.
>>- SAML SSO with Consent Management.
>>
>> [+] Stable - go ahead and release
>>
>> Thanks,
>> Ashen
>>
>>
>> On Tue, Jun 19, 2018 at 3:59 PM Ishara Karunarathna 
>> wrote:
>>
>>> Hi All,
>>>
>>> Tested the IS 5.6.0-RC3 integration with IS-Analytics-5.6.0
>>> And check the session analytics reports.
>>>
>>>
>>> No blocking issues found.
>>> [+] Stable
>>>
>>> Thanks,
>>> Ishara
>>>
>>>
>>>
>>>
>>>
>>> On Tue, Jun 19, 2018 at 3:48 PM Isuri Anuradha  wrote:
>>>
 Hi all,

 I've tested following scenarios on the IS 5.6.0-RC3 pack.

- SAML to SAML federation flow.
- Publish and Update XACML policies.
- OAuth token revocation.

 No blocking issues found.

 [+] Stable

 Thanks
 Isuri.

 On Tue, Jun 19, 2018 at 3:34 PM, Omindu Rathnaweera 
 wrote:

> Hi All,
>
> Tested SCIM 2.0 basic operations. No blocking issues found
>
> [+] Stable - Go ahead and release
>
> Regards,
> Omindu.
>
>
>
>
>
> On Tue, Jun 19, 2018 at 3:14 PM Nipuni Bhagya 
> wrote:
>
>> Hi all,
>>
>> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>>
>>- Configuring Single-Sign-On with SAML2
>>- Configuring Single-Sign-On with OIDC
>>- Configuring Multi-Factor Authentication
>>- Configuring Twitter as a Federated Authenticator
>>- Setting up Self-Signup
>>- Creating a workflow
>>- Tested Consent management API (Add/Retrieve purposes,
>>Add/revoke consents.)
>>
>> No blocking issues found.
>>
>> [+] Stable
>>
>> Thanks,
>>
>>
>> On Tue, Jun 19, 2018 at 2:38 AM Pulasthi Mahawithana <
>> pulast...@wso2.com> wrote:
>>
>>> Hi,
>>>
>>> Tested SSO with Multi step/multi option authentication, Google
>>> and Twitter authenticators
>>>
>>> No blocking issues found.
>>>
>>> [+] Stable - Go ahead and release
>>>
>>>
>>> On Tue, Jun 19, 2018 at 2:59 PM Hasanthi Purnima Dissanayake <
>>> hasan...@wso2.com> wrote:
>>>
 Hi,

 Tested below scenarios on IS 5.6.0-RC3 pack,

 - Register a service provider
 - Obtain an access token using JWT grant type
 - Invoke user info endpoint using the token.

 No blocking issues found.

 [+] Stable - Go ahead and release

 Thanks,
 Hasanthi

 On Tue, Jun 19, 2018 at 2:44 PM, Dewni Weeraman 
 wrote:

> Hi,
>
> Tested below scenarios on IS 5.6.0-RC3 pack,
>
>- Invoke the OAuth Introspection Endpoint.
>- OAuth token revocation.
>- Entitlement policy creation using write policy in xml and
>publishing.
>- Using REST APIs via XACML to manage entitlement.
>- Create, update, get, delete an OAuth app using Dynamic
>Client Registration endpoint.
>
>
> No blocking issues found.
>
> [+] Stable - Go ahead and release
>
> Thanks,
> Dewni
>
> On Tue, Jun 19, 2018 at 1:43 PM, Sathya Bandara 
> wrote:
>
>> Hi all,
>>
>> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>>
>> User management (add/update/remove users).
>> User management in secondary userstores (Read-Write LDAP).
>> Consent Management in SAML SSO.
>> SAML to SAML federation.
>> Creating workflows definitions for primary userstore users.
>> Engaging/Disabling workflows on user-store operations.
>> Enable role based authorization using XACML for service providers.
>> Tenant creation/update/disabling.
>>
>> No blocking issues are found.
>>
>> [+] Stable - go ahead and release.
>>
>> Thanks,
>> Sathya
>>
>>
>> On Tue, Jun 19, 2018 at 12:26 PM, Vihanga Liyanage <
>> viha...@wso2.com> wrote:
>>
>>> Hi all,
>>>
>>> I've tested following scenarios on the IS 5.6.0-RC3 pack with
>>> 

Re: [Dev] [Architecture] [VOTE] Release of WSO2 Identity Server 5.6.0 RC3

[Nadeeshani Pathirennehelage]

Hi All,

+1 from Platform Security Team.

Thank You,
Nadeeshani.

On Tue, Jun 19, 2018 at 4:42 PM, Ashen Weerathunga  wrote:

> Hi All,
>
> I have tested the following and found no issues.
>
>- Consent Management for Self Sign Up.
>- Creating Users with the Ask Password Option.
>- Password pattern validation.
>- SAML SSO with Consent Management.
>
> [+] Stable - go ahead and release
>
> Thanks,
> Ashen
>
>
> On Tue, Jun 19, 2018 at 3:59 PM Ishara Karunarathna 
> wrote:
>
>> Hi All,
>>
>> Tested the IS 5.6.0-RC3 integration with IS-Analytics-5.6.0
>> And check the session analytics reports.
>>
>>
>> No blocking issues found.
>> [+] Stable
>>
>> Thanks,
>> Ishara
>>
>>
>>
>>
>>
>> On Tue, Jun 19, 2018 at 3:48 PM Isuri Anuradha  wrote:
>>
>>> Hi all,
>>>
>>> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>>>
>>>- SAML to SAML federation flow.
>>>- Publish and Update XACML policies.
>>>- OAuth token revocation.
>>>
>>> No blocking issues found.
>>>
>>> [+] Stable
>>>
>>> Thanks
>>> Isuri.
>>>
>>> On Tue, Jun 19, 2018 at 3:34 PM, Omindu Rathnaweera 
>>> wrote:
>>>
 Hi All,

 Tested SCIM 2.0 basic operations. No blocking issues found

 [+] Stable - Go ahead and release

 Regards,
 Omindu.





 On Tue, Jun 19, 2018 at 3:14 PM Nipuni Bhagya  wrote:

> Hi all,
>
> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>
>- Configuring Single-Sign-On with SAML2
>- Configuring Single-Sign-On with OIDC
>- Configuring Multi-Factor Authentication
>- Configuring Twitter as a Federated Authenticator
>- Setting up Self-Signup
>- Creating a workflow
>- Tested Consent management API (Add/Retrieve purposes, Add/revoke
>consents.)
>
> No blocking issues found.
>
> [+] Stable
>
> Thanks,
>
>
> On Tue, Jun 19, 2018 at 2:38 AM Pulasthi Mahawithana <
> pulast...@wso2.com> wrote:
>
>> Hi,
>>
>> Tested SSO with Multi step/multi option authentication, Google
>> and Twitter authenticators
>>
>> No blocking issues found.
>>
>> [+] Stable - Go ahead and release
>>
>>
>> On Tue, Jun 19, 2018 at 2:59 PM Hasanthi Purnima Dissanayake <
>> hasan...@wso2.com> wrote:
>>
>>> Hi,
>>>
>>> Tested below scenarios on IS 5.6.0-RC3 pack,
>>>
>>> - Register a service provider
>>> - Obtain an access token using JWT grant type
>>> - Invoke user info endpoint using the token.
>>>
>>> No blocking issues found.
>>>
>>> [+] Stable - Go ahead and release
>>>
>>> Thanks,
>>> Hasanthi
>>>
>>> On Tue, Jun 19, 2018 at 2:44 PM, Dewni Weeraman 
>>> wrote:
>>>
 Hi,

 Tested below scenarios on IS 5.6.0-RC3 pack,

- Invoke the OAuth Introspection Endpoint.
- OAuth token revocation.
- Entitlement policy creation using write policy in xml and
publishing.
- Using REST APIs via XACML to manage entitlement.
- Create, update, get, delete an OAuth app using Dynamic Client
Registration endpoint.


 No blocking issues found.

 [+] Stable - Go ahead and release

 Thanks,
 Dewni

 On Tue, Jun 19, 2018 at 1:43 PM, Sathya Bandara 
 wrote:

> Hi all,
>
> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>
> User management (add/update/remove users).
> User management in secondary userstores (Read-Write LDAP).
> Consent Management in SAML SSO.
> SAML to SAML federation.
> Creating workflows definitions for primary userstore users.
> Engaging/Disabling workflows on user-store operations.
> Enable role based authorization using XACML for service providers.
> Tenant creation/update/disabling.
>
> No blocking issues are found.
>
> [+] Stable - go ahead and release.
>
> Thanks,
> Sathya
>
>
> On Tue, Jun 19, 2018 at 12:26 PM, Vihanga Liyanage <
> viha...@wso2.com> wrote:
>
>> Hi all,
>>
>> I've tested following scenarios on the IS 5.6.0-RC3 pack with
>> default database setup.
>>
>>- Enable user self-registration and self-register a new user.
>>- Add multiple consent purposes with multiple PII categories.
>>- Login to dashboard and see whether we can see the default
>>consent and above added PII categories.
>>- Confirm claims are getting filtered based on consents.
>>- Configure a service provider with OpenID Connect and
>>acquire access tokens via Authorization Code, Implicit, Client 
>> Credential

Re: [Dev] [Architecture] [VOTE] Release of WSO2 Identity Server 5.6.0 RC3

[Ashen Weerathunga]

Hi All,

I have tested the following and found no issues.

   - Consent Management for Self Sign Up.
   - Creating Users with the Ask Password Option.
   - Password pattern validation.
   - SAML SSO with Consent Management.

[+] Stable - go ahead and release

Thanks,
Ashen


On Tue, Jun 19, 2018 at 3:59 PM Ishara Karunarathna 
wrote:

> Hi All,
>
> Tested the IS 5.6.0-RC3 integration with IS-Analytics-5.6.0
> And check the session analytics reports.
>
>
> No blocking issues found.
> [+] Stable
>
> Thanks,
> Ishara
>
>
>
>
>
> On Tue, Jun 19, 2018 at 3:48 PM Isuri Anuradha  wrote:
>
>> Hi all,
>>
>> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>>
>>- SAML to SAML federation flow.
>>- Publish and Update XACML policies.
>>- OAuth token revocation.
>>
>> No blocking issues found.
>>
>> [+] Stable
>>
>> Thanks
>> Isuri.
>>
>> On Tue, Jun 19, 2018 at 3:34 PM, Omindu Rathnaweera 
>> wrote:
>>
>>> Hi All,
>>>
>>> Tested SCIM 2.0 basic operations. No blocking issues found
>>>
>>> [+] Stable - Go ahead and release
>>>
>>> Regards,
>>> Omindu.
>>>
>>>
>>>
>>>
>>>
>>> On Tue, Jun 19, 2018 at 3:14 PM Nipuni Bhagya  wrote:
>>>
 Hi all,

 I've tested following scenarios on the IS 5.6.0-RC3 pack.

- Configuring Single-Sign-On with SAML2
- Configuring Single-Sign-On with OIDC
- Configuring Multi-Factor Authentication
- Configuring Twitter as a Federated Authenticator
- Setting up Self-Signup
- Creating a workflow
- Tested Consent management API (Add/Retrieve purposes, Add/revoke
consents.)

 No blocking issues found.

 [+] Stable

 Thanks,


 On Tue, Jun 19, 2018 at 2:38 AM Pulasthi Mahawithana <
 pulast...@wso2.com> wrote:

> Hi,
>
> Tested SSO with Multi step/multi option authentication, Google
> and Twitter authenticators
>
> No blocking issues found.
>
> [+] Stable - Go ahead and release
>
>
> On Tue, Jun 19, 2018 at 2:59 PM Hasanthi Purnima Dissanayake <
> hasan...@wso2.com> wrote:
>
>> Hi,
>>
>> Tested below scenarios on IS 5.6.0-RC3 pack,
>>
>> - Register a service provider
>> - Obtain an access token using JWT grant type
>> - Invoke user info endpoint using the token.
>>
>> No blocking issues found.
>>
>> [+] Stable - Go ahead and release
>>
>> Thanks,
>> Hasanthi
>>
>> On Tue, Jun 19, 2018 at 2:44 PM, Dewni Weeraman 
>> wrote:
>>
>>> Hi,
>>>
>>> Tested below scenarios on IS 5.6.0-RC3 pack,
>>>
>>>- Invoke the OAuth Introspection Endpoint.
>>>- OAuth token revocation.
>>>- Entitlement policy creation using write policy in xml and
>>>publishing.
>>>- Using REST APIs via XACML to manage entitlement.
>>>- Create, update, get, delete an OAuth app using Dynamic Client
>>>Registration endpoint.
>>>
>>>
>>> No blocking issues found.
>>>
>>> [+] Stable - Go ahead and release
>>>
>>> Thanks,
>>> Dewni
>>>
>>> On Tue, Jun 19, 2018 at 1:43 PM, Sathya Bandara 
>>> wrote:
>>>
 Hi all,

 I've tested following scenarios on the IS 5.6.0-RC3 pack.

 User management (add/update/remove users).
 User management in secondary userstores (Read-Write LDAP).
 Consent Management in SAML SSO.
 SAML to SAML federation.
 Creating workflows definitions for primary userstore users.
 Engaging/Disabling workflows on user-store operations.
 Enable role based authorization using XACML for service providers.
 Tenant creation/update/disabling.

 No blocking issues are found.

 [+] Stable - go ahead and release.

 Thanks,
 Sathya


 On Tue, Jun 19, 2018 at 12:26 PM, Vihanga Liyanage <
 viha...@wso2.com> wrote:

> Hi all,
>
> I've tested following scenarios on the IS 5.6.0-RC3 pack with
> default database setup.
>
>- Enable user self-registration and self-register a new user.
>- Add multiple consent purposes with multiple PII categories.
>- Login to dashboard and see whether we can see the default
>consent and above added PII categories.
>- Confirm claims are getting filtered based on consents.
>- Configure a service provider with OpenID Connect and acquire
>access tokens via Authorization Code, Implicit, Client Credential 
> and
>Password grant types.
>- Enable ID token encryption for the service provider and test
>the flow with decryption for all grant types.
>- Delete the self-signed up user, create another user with the
>exact same username, log in to the dashboard and see what are the

Re: [Dev] [Architecture] [VOTE] Release of WSO2 Identity Server 5.6.0 RC3

[Ishara Karunarathna]

Hi All,

Tested the IS 5.6.0-RC3 integration with IS-Analytics-5.6.0
And check the session analytics reports.


No blocking issues found.
[+] Stable

Thanks,
Ishara





On Tue, Jun 19, 2018 at 3:48 PM Isuri Anuradha  wrote:

> Hi all,
>
> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>
>- SAML to SAML federation flow.
>- Publish and Update XACML policies.
>- OAuth token revocation.
>
> No blocking issues found.
>
> [+] Stable
>
> Thanks
> Isuri.
>
> On Tue, Jun 19, 2018 at 3:34 PM, Omindu Rathnaweera 
> wrote:
>
>> Hi All,
>>
>> Tested SCIM 2.0 basic operations. No blocking issues found
>>
>> [+] Stable - Go ahead and release
>>
>> Regards,
>> Omindu.
>>
>>
>>
>>
>>
>> On Tue, Jun 19, 2018 at 3:14 PM Nipuni Bhagya  wrote:
>>
>>> Hi all,
>>>
>>> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>>>
>>>- Configuring Single-Sign-On with SAML2
>>>- Configuring Single-Sign-On with OIDC
>>>- Configuring Multi-Factor Authentication
>>>- Configuring Twitter as a Federated Authenticator
>>>- Setting up Self-Signup
>>>- Creating a workflow
>>>- Tested Consent management API (Add/Retrieve purposes, Add/revoke
>>>consents.)
>>>
>>> No blocking issues found.
>>>
>>> [+] Stable
>>>
>>> Thanks,
>>>
>>>
>>> On Tue, Jun 19, 2018 at 2:38 AM Pulasthi Mahawithana 
>>> wrote:
>>>
 Hi,

 Tested SSO with Multi step/multi option authentication, Google
 and Twitter authenticators

 No blocking issues found.

 [+] Stable - Go ahead and release


 On Tue, Jun 19, 2018 at 2:59 PM Hasanthi Purnima Dissanayake <
 hasan...@wso2.com> wrote:

> Hi,
>
> Tested below scenarios on IS 5.6.0-RC3 pack,
>
> - Register a service provider
> - Obtain an access token using JWT grant type
> - Invoke user info endpoint using the token.
>
> No blocking issues found.
>
> [+] Stable - Go ahead and release
>
> Thanks,
> Hasanthi
>
> On Tue, Jun 19, 2018 at 2:44 PM, Dewni Weeraman 
> wrote:
>
>> Hi,
>>
>> Tested below scenarios on IS 5.6.0-RC3 pack,
>>
>>- Invoke the OAuth Introspection Endpoint.
>>- OAuth token revocation.
>>- Entitlement policy creation using write policy in xml and
>>publishing.
>>- Using REST APIs via XACML to manage entitlement.
>>- Create, update, get, delete an OAuth app using Dynamic Client
>>Registration endpoint.
>>
>>
>> No blocking issues found.
>>
>> [+] Stable - Go ahead and release
>>
>> Thanks,
>> Dewni
>>
>> On Tue, Jun 19, 2018 at 1:43 PM, Sathya Bandara 
>> wrote:
>>
>>> Hi all,
>>>
>>> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>>>
>>> User management (add/update/remove users).
>>> User management in secondary userstores (Read-Write LDAP).
>>> Consent Management in SAML SSO.
>>> SAML to SAML federation.
>>> Creating workflows definitions for primary userstore users.
>>> Engaging/Disabling workflows on user-store operations.
>>> Enable role based authorization using XACML for service providers.
>>> Tenant creation/update/disabling.
>>>
>>> No blocking issues are found.
>>>
>>> [+] Stable - go ahead and release.
>>>
>>> Thanks,
>>> Sathya
>>>
>>>
>>> On Tue, Jun 19, 2018 at 12:26 PM, Vihanga Liyanage >> > wrote:
>>>
 Hi all,

 I've tested following scenarios on the IS 5.6.0-RC3 pack with
 default database setup.

- Enable user self-registration and self-register a new user.
- Add multiple consent purposes with multiple PII categories.
- Login to dashboard and see whether we can see the default
consent and above added PII categories.
- Confirm claims are getting filtered based on consents.
- Configure a service provider with OpenID Connect and acquire
access tokens via Authorization Code, Implicit, Client Credential 
 and
Password grant types.
- Enable ID token encryption for the service provider and test
the flow with decryption for all grant types.
- Delete the self-signed up user, create another user with the
exact same username, log in to the dashboard and see what are the
consents shown.
- Revoke consents of the user via the dashboard and try
accessing the SP to verify the consents are asked again.
- Delete the SP, login to the dashboard and see whether the
consents are deleted for that SP.

 No blocking issues are found.

 [+] Stable - go ahead and release.

 Thanks,
 Vihanga.

 On Fri, Jun 15, 2018 at 6:29 PM Madawa Soysa 
 wrote:

> Hi all,
>
> 

Re: [Dev] [Architecture] [VOTE] Release of WSO2 Identity Server 5.6.0 RC3

[Thanuja Jayasinghe]

Hi All,

Tested user account association scenarios. No blocking issues found.

[+] Stable - Go ahead and release

Thanks,
Thanuja

On Tue, Jun 19, 2018 at 3:48 PM Isuri Anuradha  wrote:

> Hi all,
>
> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>
>- SAML to SAML federation flow.
>- Publish and Update XACML policies.
>- OAuth token revocation.
>
> No blocking issues found.
>
> [+] Stable
>
> Thanks
> Isuri.
>
> On Tue, Jun 19, 2018 at 3:34 PM, Omindu Rathnaweera 
> wrote:
>
>> Hi All,
>>
>> Tested SCIM 2.0 basic operations. No blocking issues found
>>
>> [+] Stable - Go ahead and release
>>
>> Regards,
>> Omindu.
>>
>>
>>
>>
>>
>> On Tue, Jun 19, 2018 at 3:14 PM Nipuni Bhagya  wrote:
>>
>>> Hi all,
>>>
>>> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>>>
>>>- Configuring Single-Sign-On with SAML2
>>>- Configuring Single-Sign-On with OIDC
>>>- Configuring Multi-Factor Authentication
>>>- Configuring Twitter as a Federated Authenticator
>>>- Setting up Self-Signup
>>>- Creating a workflow
>>>- Tested Consent management API (Add/Retrieve purposes, Add/revoke
>>>consents.)
>>>
>>> No blocking issues found.
>>>
>>> [+] Stable
>>>
>>> Thanks,
>>>
>>>
>>> On Tue, Jun 19, 2018 at 2:38 AM Pulasthi Mahawithana 
>>> wrote:
>>>
 Hi,

 Tested SSO with Multi step/multi option authentication, Google
 and Twitter authenticators

 No blocking issues found.

 [+] Stable - Go ahead and release


 On Tue, Jun 19, 2018 at 2:59 PM Hasanthi Purnima Dissanayake <
 hasan...@wso2.com> wrote:

> Hi,
>
> Tested below scenarios on IS 5.6.0-RC3 pack,
>
> - Register a service provider
> - Obtain an access token using JWT grant type
> - Invoke user info endpoint using the token.
>
> No blocking issues found.
>
> [+] Stable - Go ahead and release
>
> Thanks,
> Hasanthi
>
> On Tue, Jun 19, 2018 at 2:44 PM, Dewni Weeraman 
> wrote:
>
>> Hi,
>>
>> Tested below scenarios on IS 5.6.0-RC3 pack,
>>
>>- Invoke the OAuth Introspection Endpoint.
>>- OAuth token revocation.
>>- Entitlement policy creation using write policy in xml and
>>publishing.
>>- Using REST APIs via XACML to manage entitlement.
>>- Create, update, get, delete an OAuth app using Dynamic Client
>>Registration endpoint.
>>
>>
>> No blocking issues found.
>>
>> [+] Stable - Go ahead and release
>>
>> Thanks,
>> Dewni
>>
>> On Tue, Jun 19, 2018 at 1:43 PM, Sathya Bandara 
>> wrote:
>>
>>> Hi all,
>>>
>>> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>>>
>>> User management (add/update/remove users).
>>> User management in secondary userstores (Read-Write LDAP).
>>> Consent Management in SAML SSO.
>>> SAML to SAML federation.
>>> Creating workflows definitions for primary userstore users.
>>> Engaging/Disabling workflows on user-store operations.
>>> Enable role based authorization using XACML for service providers.
>>> Tenant creation/update/disabling.
>>>
>>> No blocking issues are found.
>>>
>>> [+] Stable - go ahead and release.
>>>
>>> Thanks,
>>> Sathya
>>>
>>>
>>> On Tue, Jun 19, 2018 at 12:26 PM, Vihanga Liyanage >> > wrote:
>>>
 Hi all,

 I've tested following scenarios on the IS 5.6.0-RC3 pack with
 default database setup.

- Enable user self-registration and self-register a new user.
- Add multiple consent purposes with multiple PII categories.
- Login to dashboard and see whether we can see the default
consent and above added PII categories.
- Confirm claims are getting filtered based on consents.
- Configure a service provider with OpenID Connect and acquire
access tokens via Authorization Code, Implicit, Client Credential 
 and
Password grant types.
- Enable ID token encryption for the service provider and test
the flow with decryption for all grant types.
- Delete the self-signed up user, create another user with the
exact same username, log in to the dashboard and see what are the
consents shown.
- Revoke consents of the user via the dashboard and try
accessing the SP to verify the consents are asked again.
- Delete the SP, login to the dashboard and see whether the
consents are deleted for that SP.

 No blocking issues are found.

 [+] Stable - go ahead and release.

 Thanks,
 Vihanga.

 On Fri, Jun 15, 2018 at 6:29 PM Madawa Soysa 
 wrote:

> Hi all,
>
> We are pleased to announce the third 

Re: [Dev] [Architecture] [VOTE] Release of WSO2 Identity Server 5.6.0 RC3

[Isuri Anuradha]

Hi all,

I've tested following scenarios on the IS 5.6.0-RC3 pack.

   - SAML to SAML federation flow.
   - Publish and Update XACML policies.
   - OAuth token revocation.

No blocking issues found.

[+] Stable

Thanks
Isuri.

On Tue, Jun 19, 2018 at 3:34 PM, Omindu Rathnaweera  wrote:

> Hi All,
>
> Tested SCIM 2.0 basic operations. No blocking issues found
>
> [+] Stable - Go ahead and release
>
> Regards,
> Omindu.
>
>
>
>
>
> On Tue, Jun 19, 2018 at 3:14 PM Nipuni Bhagya  wrote:
>
>> Hi all,
>>
>> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>>
>>- Configuring Single-Sign-On with SAML2
>>- Configuring Single-Sign-On with OIDC
>>- Configuring Multi-Factor Authentication
>>- Configuring Twitter as a Federated Authenticator
>>- Setting up Self-Signup
>>- Creating a workflow
>>- Tested Consent management API (Add/Retrieve purposes, Add/revoke
>>consents.)
>>
>> No blocking issues found.
>>
>> [+] Stable
>>
>> Thanks,
>>
>>
>> On Tue, Jun 19, 2018 at 2:38 AM Pulasthi Mahawithana 
>> wrote:
>>
>>> Hi,
>>>
>>> Tested SSO with Multi step/multi option authentication, Google
>>> and Twitter authenticators
>>>
>>> No blocking issues found.
>>>
>>> [+] Stable - Go ahead and release
>>>
>>>
>>> On Tue, Jun 19, 2018 at 2:59 PM Hasanthi Purnima Dissanayake <
>>> hasan...@wso2.com> wrote:
>>>
 Hi,

 Tested below scenarios on IS 5.6.0-RC3 pack,

 - Register a service provider
 - Obtain an access token using JWT grant type
 - Invoke user info endpoint using the token.

 No blocking issues found.

 [+] Stable - Go ahead and release

 Thanks,
 Hasanthi

 On Tue, Jun 19, 2018 at 2:44 PM, Dewni Weeraman  wrote:

> Hi,
>
> Tested below scenarios on IS 5.6.0-RC3 pack,
>
>- Invoke the OAuth Introspection Endpoint.
>- OAuth token revocation.
>- Entitlement policy creation using write policy in xml and
>publishing.
>- Using REST APIs via XACML to manage entitlement.
>- Create, update, get, delete an OAuth app using Dynamic Client
>Registration endpoint.
>
>
> No blocking issues found.
>
> [+] Stable - Go ahead and release
>
> Thanks,
> Dewni
>
> On Tue, Jun 19, 2018 at 1:43 PM, Sathya Bandara 
> wrote:
>
>> Hi all,
>>
>> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>>
>> User management (add/update/remove users).
>> User management in secondary userstores (Read-Write LDAP).
>> Consent Management in SAML SSO.
>> SAML to SAML federation.
>> Creating workflows definitions for primary userstore users.
>> Engaging/Disabling workflows on user-store operations.
>> Enable role based authorization using XACML for service providers.
>> Tenant creation/update/disabling.
>>
>> No blocking issues are found.
>>
>> [+] Stable - go ahead and release.
>>
>> Thanks,
>> Sathya
>>
>>
>> On Tue, Jun 19, 2018 at 12:26 PM, Vihanga Liyanage 
>> wrote:
>>
>>> Hi all,
>>>
>>> I've tested following scenarios on the IS 5.6.0-RC3 pack with
>>> default database setup.
>>>
>>>- Enable user self-registration and self-register a new user.
>>>- Add multiple consent purposes with multiple PII categories.
>>>- Login to dashboard and see whether we can see the default
>>>consent and above added PII categories.
>>>- Confirm claims are getting filtered based on consents.
>>>- Configure a service provider with OpenID Connect and acquire
>>>access tokens via Authorization Code, Implicit, Client Credential and
>>>Password grant types.
>>>- Enable ID token encryption for the service provider and test
>>>the flow with decryption for all grant types.
>>>- Delete the self-signed up user, create another user with the
>>>exact same username, log in to the dashboard and see what are the
>>>consents shown.
>>>- Revoke consents of the user via the dashboard and try
>>>accessing the SP to verify the consents are asked again.
>>>- Delete the SP, login to the dashboard and see whether the
>>>consents are deleted for that SP.
>>>
>>> No blocking issues are found.
>>>
>>> [+] Stable - go ahead and release.
>>>
>>> Thanks,
>>> Vihanga.
>>>
>>> On Fri, Jun 15, 2018 at 6:29 PM Madawa Soysa 
>>> wrote:
>>>
 Hi all,

 We are pleased to announce the third release candidate of WSO2
 Identity Server 5.6.0.

 This release fixes the following issues

- 5.6.0-RC Fixes

- 5.6.0-Beta Fixes

- 5.6.0-Alpha2 Fixes

Re: [Dev] [Architecture] [VOTE] Release of WSO2 Identity Server 5.6.0 RC3

[Omindu Rathnaweera]

Hi All,

Tested SCIM 2.0 basic operations. No blocking issues found

[+] Stable - Go ahead and release

Regards,
Omindu.





On Tue, Jun 19, 2018 at 3:14 PM Nipuni Bhagya  wrote:

> Hi all,
>
> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>
>- Configuring Single-Sign-On with SAML2
>- Configuring Single-Sign-On with OIDC
>- Configuring Multi-Factor Authentication
>- Configuring Twitter as a Federated Authenticator
>- Setting up Self-Signup
>- Creating a workflow
>- Tested Consent management API (Add/Retrieve purposes, Add/revoke
>consents.)
>
> No blocking issues found.
>
> [+] Stable
>
> Thanks,
>
>
> On Tue, Jun 19, 2018 at 2:38 AM Pulasthi Mahawithana 
> wrote:
>
>> Hi,
>>
>> Tested SSO with Multi step/multi option authentication, Google
>> and Twitter authenticators
>>
>> No blocking issues found.
>>
>> [+] Stable - Go ahead and release
>>
>>
>> On Tue, Jun 19, 2018 at 2:59 PM Hasanthi Purnima Dissanayake <
>> hasan...@wso2.com> wrote:
>>
>>> Hi,
>>>
>>> Tested below scenarios on IS 5.6.0-RC3 pack,
>>>
>>> - Register a service provider
>>> - Obtain an access token using JWT grant type
>>> - Invoke user info endpoint using the token.
>>>
>>> No blocking issues found.
>>>
>>> [+] Stable - Go ahead and release
>>>
>>> Thanks,
>>> Hasanthi
>>>
>>> On Tue, Jun 19, 2018 at 2:44 PM, Dewni Weeraman  wrote:
>>>
 Hi,

 Tested below scenarios on IS 5.6.0-RC3 pack,

- Invoke the OAuth Introspection Endpoint.
- OAuth token revocation.
- Entitlement policy creation using write policy in xml and
publishing.
- Using REST APIs via XACML to manage entitlement.
- Create, update, get, delete an OAuth app using Dynamic Client
Registration endpoint.


 No blocking issues found.

 [+] Stable - Go ahead and release

 Thanks,
 Dewni

 On Tue, Jun 19, 2018 at 1:43 PM, Sathya Bandara 
 wrote:

> Hi all,
>
> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>
> User management (add/update/remove users).
> User management in secondary userstores (Read-Write LDAP).
> Consent Management in SAML SSO.
> SAML to SAML federation.
> Creating workflows definitions for primary userstore users.
> Engaging/Disabling workflows on user-store operations.
> Enable role based authorization using XACML for service providers.
> Tenant creation/update/disabling.
>
> No blocking issues are found.
>
> [+] Stable - go ahead and release.
>
> Thanks,
> Sathya
>
>
> On Tue, Jun 19, 2018 at 12:26 PM, Vihanga Liyanage 
> wrote:
>
>> Hi all,
>>
>> I've tested following scenarios on the IS 5.6.0-RC3 pack with
>> default database setup.
>>
>>- Enable user self-registration and self-register a new user.
>>- Add multiple consent purposes with multiple PII categories.
>>- Login to dashboard and see whether we can see the default
>>consent and above added PII categories.
>>- Confirm claims are getting filtered based on consents.
>>- Configure a service provider with OpenID Connect and acquire
>>access tokens via Authorization Code, Implicit, Client Credential and
>>Password grant types.
>>- Enable ID token encryption for the service provider and test
>>the flow with decryption for all grant types.
>>- Delete the self-signed up user, create another user with the
>>exact same username, log in to the dashboard and see what are the
>>consents shown.
>>- Revoke consents of the user via the dashboard and try accessing
>>the SP to verify the consents are asked again.
>>- Delete the SP, login to the dashboard and see whether the
>>consents are deleted for that SP.
>>
>> No blocking issues are found.
>>
>> [+] Stable - go ahead and release.
>>
>> Thanks,
>> Vihanga.
>>
>> On Fri, Jun 15, 2018 at 6:29 PM Madawa Soysa 
>> wrote:
>>
>>> Hi all,
>>>
>>> We are pleased to announce the third release candidate of WSO2
>>> Identity Server 5.6.0.
>>>
>>> This release fixes the following issues
>>>
>>>- 5.6.0-RC Fixes
>>>
>>>- 5.6.0-Beta Fixes
>>>
>>>- 5.6.0-Alpha2 Fixes
>>>
>>>- 5.6.0-Alpha Fixes
>>>
>>>- 5.6.0-M7 Fixes
>>>
>>>- 5.6.0-M6 Fixes
>>>
>>>- 5.6.0-M5 Fixes
>>>
>>>- 

Re: [Dev] [Architecture] [VOTE] Release of WSO2 Identity Server 5.6.0 RC3

[Pulasthi Mahawithana]

Hi,

Tested SSO with Multi step/multi option authentication, Google and Twitter
authenticators

No blocking issues found.

[+] Stable - Go ahead and release


On Tue, Jun 19, 2018 at 2:59 PM Hasanthi Purnima Dissanayake <
hasan...@wso2.com> wrote:

> Hi,
>
> Tested below scenarios on IS 5.6.0-RC3 pack,
>
> - Register a service provider
> - Obtain an access token using JWT grant type
> - Invoke user info endpoint using the token.
>
> No blocking issues found.
>
> [+] Stable - Go ahead and release
>
> Thanks,
> Hasanthi
>
> On Tue, Jun 19, 2018 at 2:44 PM, Dewni Weeraman  wrote:
>
>> Hi,
>>
>> Tested below scenarios on IS 5.6.0-RC3 pack,
>>
>>- Invoke the OAuth Introspection Endpoint.
>>- OAuth token revocation.
>>- Entitlement policy creation using write policy in xml and
>>publishing.
>>- Using REST APIs via XACML to manage entitlement.
>>- Create, update, get, delete an OAuth app using Dynamic Client
>>Registration endpoint.
>>
>>
>> No blocking issues found.
>>
>> [+] Stable - Go ahead and release
>>
>> Thanks,
>> Dewni
>>
>> On Tue, Jun 19, 2018 at 1:43 PM, Sathya Bandara  wrote:
>>
>>> Hi all,
>>>
>>> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>>>
>>> User management (add/update/remove users).
>>> User management in secondary userstores (Read-Write LDAP).
>>> Consent Management in SAML SSO.
>>> SAML to SAML federation.
>>> Creating workflows definitions for primary userstore users.
>>> Engaging/Disabling workflows on user-store operations.
>>> Enable role based authorization using XACML for service providers.
>>> Tenant creation/update/disabling.
>>>
>>> No blocking issues are found.
>>>
>>> [+] Stable - go ahead and release.
>>>
>>> Thanks,
>>> Sathya
>>>
>>>
>>> On Tue, Jun 19, 2018 at 12:26 PM, Vihanga Liyanage 
>>> wrote:
>>>
 Hi all,

 I've tested following scenarios on the IS 5.6.0-RC3 pack with default
 database setup.

- Enable user self-registration and self-register a new user.
- Add multiple consent purposes with multiple PII categories.
- Login to dashboard and see whether we can see the default consent
and above added PII categories.
- Confirm claims are getting filtered based on consents.
- Configure a service provider with OpenID Connect and acquire
access tokens via Authorization Code, Implicit, Client Credential and
Password grant types.
- Enable ID token encryption for the service provider and test the
flow with decryption for all grant types.
- Delete the self-signed up user, create another user with the
exact same username, log in to the dashboard and see what are the
consents shown.
- Revoke consents of the user via the dashboard and try accessing
the SP to verify the consents are asked again.
- Delete the SP, login to the dashboard and see whether the consents
are deleted for that SP.

 No blocking issues are found.

 [+] Stable - go ahead and release.

 Thanks,
 Vihanga.

 On Fri, Jun 15, 2018 at 6:29 PM Madawa Soysa  wrote:

> Hi all,
>
> We are pleased to announce the third release candidate of WSO2
> Identity Server 5.6.0.
>
> This release fixes the following issues
>
>- 5.6.0-RC Fixes
>
>- 5.6.0-Beta Fixes
>
>- 5.6.0-Alpha2 Fixes
>
>- 5.6.0-Alpha Fixes
>
>- 5.6.0-M7 Fixes
>
>- 5.6.0-M6 Fixes
>
>- 5.6.0-M5 Fixes
>
>- 5.6.0-M4 Fixes
>
>- 5.6.0-M3 Fixes
>
>- 5.6.0-M2 Fixes
>
>- 5.6.0-M1 Fixes
>
>
> Source and distribution,
> Runtime -
> https://github.com/wso2/product-is/releases/tag/v5.6.0-rc3
> Analytics -
> https://github.com/wso2/analytics-is/releases/v5.6.0-rc3
>
> Please download, test the product and vote.
>
> [+] Stable - go ahead and release
> [-] Broken - do not release (explain why)
>
> Thanks,
> WSO2 Identity and Access Management Team
> --
>
> Madawa Soysa / Senior Software Engineer
> mada...@wso2.com / +94714616050
>
> *WSO2 Inc.*
> lean.enterprise.middleware
>
>   

Re: [Dev] [Architecture] [VOTE] Release of WSO2 Identity Server 5.6.0 RC3

[Isura Karunaratne]

Hi,

Tested followed scenarios in super tenant, primary user store.


   - Account Locking
   - Self Registration with email confirmation.
   - Self-care portal operations.
   - Password reset through a notification.
   - Password reset through challenge questions.
   - Account Recovery.
   - Password History validation.
   - Password Pattern validation.

No blocking issues found.

[+] Stable - Go ahead and release

Thanks
Isura.

On Tue, Jun 19, 2018 at 2:46 PM Dewni Weeraman  wrote:

> Hi,
>
> Tested below scenarios on IS 5.6.0-RC3 pack,
>
>- Invoke the OAuth Introspection Endpoint.
>- OAuth token revocation.
>- Entitlement policy creation using write policy in xml and publishing.
>- Using REST APIs via XACML to manage entitlement.
>- Create, update, get, delete an OAuth app using Dynamic Client
>Registration endpoint.
>
>
> No blocking issues found.
>
> [+] Stable - Go ahead and release
>
> Thanks,
> Dewni
>
> On Tue, Jun 19, 2018 at 1:43 PM, Sathya Bandara  wrote:
>
>> Hi all,
>>
>> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>>
>> User management (add/update/remove users).
>> User management in secondary userstores (Read-Write LDAP).
>> Consent Management in SAML SSO.
>> SAML to SAML federation.
>> Creating workflows definitions for primary userstore users.
>> Engaging/Disabling workflows on user-store operations.
>> Enable role based authorization using XACML for service providers.
>> Tenant creation/update/disabling.
>>
>> No blocking issues are found.
>>
>> [+] Stable - go ahead and release.
>>
>> Thanks,
>> Sathya
>>
>>
>> On Tue, Jun 19, 2018 at 12:26 PM, Vihanga Liyanage 
>> wrote:
>>
>>> Hi all,
>>>
>>> I've tested following scenarios on the IS 5.6.0-RC3 pack with default
>>> database setup.
>>>
>>>- Enable user self-registration and self-register a new user.
>>>- Add multiple consent purposes with multiple PII categories.
>>>- Login to dashboard and see whether we can see the default consent
>>>and above added PII categories.
>>>- Confirm claims are getting filtered based on consents.
>>>- Configure a service provider with OpenID Connect and acquire
>>>access tokens via Authorization Code, Implicit, Client Credential and
>>>Password grant types.
>>>- Enable ID token encryption for the service provider and test the
>>>flow with decryption for all grant types.
>>>- Delete the self-signed up user, create another user with the exact
>>>same username, log in to the dashboard and see what are the consents
>>>shown.
>>>- Revoke consents of the user via the dashboard and try accessing
>>>the SP to verify the consents are asked again.
>>>- Delete the SP, login to the dashboard and see whether the consents
>>>are deleted for that SP.
>>>
>>> No blocking issues are found.
>>>
>>> [+] Stable - go ahead and release.
>>>
>>> Thanks,
>>> Vihanga.
>>>
>>> On Fri, Jun 15, 2018 at 6:29 PM Madawa Soysa  wrote:
>>>
 Hi all,

 We are pleased to announce the third release candidate of WSO2 Identity
 Server 5.6.0.

 This release fixes the following issues

- 5.6.0-RC Fixes

- 5.6.0-Beta Fixes

- 5.6.0-Alpha2 Fixes

- 5.6.0-Alpha Fixes

- 5.6.0-M7 Fixes

- 5.6.0-M6 Fixes

- 5.6.0-M5 Fixes

- 5.6.0-M4 Fixes

- 5.6.0-M3 Fixes

- 5.6.0-M2 Fixes

- 5.6.0-M1 Fixes


 Source and distribution,
 Runtime -
 https://github.com/wso2/product-is/releases/tag/v5.6.0-rc3
 Analytics -
 https://github.com/wso2/analytics-is/releases/v5.6.0-rc3

 Please download, test the product and vote.

 [+] Stable - go ahead and release
 [-] Broken - do not release (explain why)

 Thanks,
 WSO2 Identity and Access Management Team
 --

 Madawa Soysa / Senior Software Engineer
 mada...@wso2.com / +94714616050

 *WSO2 Inc.*
 lean.enterprise.middleware

   




>>>
>>> --
>>>
>>> Vihanga Liyanage
>>>
>>> Software Engineer | WS*O₂* Inc.
>>>
>>> M : +*94710124103* | http://wso2.com
>>>
>>> [image: http://wso2.com/signature] 
>>>
>>> 

Re: [Dev] [Architecture] [VOTE] Release of WSO2 Identity Server 5.6.0 RC3

[Hasanthi Purnima Dissanayake]

Hi,

Tested below scenarios on IS 5.6.0-RC3 pack,

- Register a service provider
- Obtain an access token using JWT grant type
- Invoke user info endpoint using the token.

No blocking issues found.

[+] Stable - Go ahead and release

Thanks,
Hasanthi

On Tue, Jun 19, 2018 at 2:44 PM, Dewni Weeraman  wrote:

> Hi,
>
> Tested below scenarios on IS 5.6.0-RC3 pack,
>
>- Invoke the OAuth Introspection Endpoint.
>- OAuth token revocation.
>- Entitlement policy creation using write policy in xml and publishing.
>- Using REST APIs via XACML to manage entitlement.
>- Create, update, get, delete an OAuth app using Dynamic Client
>Registration endpoint.
>
>
> No blocking issues found.
>
> [+] Stable - Go ahead and release
>
> Thanks,
> Dewni
>
> On Tue, Jun 19, 2018 at 1:43 PM, Sathya Bandara  wrote:
>
>> Hi all,
>>
>> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>>
>> User management (add/update/remove users).
>> User management in secondary userstores (Read-Write LDAP).
>> Consent Management in SAML SSO.
>> SAML to SAML federation.
>> Creating workflows definitions for primary userstore users.
>> Engaging/Disabling workflows on user-store operations.
>> Enable role based authorization using XACML for service providers.
>> Tenant creation/update/disabling.
>>
>> No blocking issues are found.
>>
>> [+] Stable - go ahead and release.
>>
>> Thanks,
>> Sathya
>>
>>
>> On Tue, Jun 19, 2018 at 12:26 PM, Vihanga Liyanage 
>> wrote:
>>
>>> Hi all,
>>>
>>> I've tested following scenarios on the IS 5.6.0-RC3 pack with default
>>> database setup.
>>>
>>>- Enable user self-registration and self-register a new user.
>>>- Add multiple consent purposes with multiple PII categories.
>>>- Login to dashboard and see whether we can see the default consent
>>>and above added PII categories.
>>>- Confirm claims are getting filtered based on consents.
>>>- Configure a service provider with OpenID Connect and acquire
>>>access tokens via Authorization Code, Implicit, Client Credential and
>>>Password grant types.
>>>- Enable ID token encryption for the service provider and test the
>>>flow with decryption for all grant types.
>>>- Delete the self-signed up user, create another user with the exact
>>>same username, log in to the dashboard and see what are the consents
>>>shown.
>>>- Revoke consents of the user via the dashboard and try accessing
>>>the SP to verify the consents are asked again.
>>>- Delete the SP, login to the dashboard and see whether the consents
>>>are deleted for that SP.
>>>
>>> No blocking issues are found.
>>>
>>> [+] Stable - go ahead and release.
>>>
>>> Thanks,
>>> Vihanga.
>>>
>>> On Fri, Jun 15, 2018 at 6:29 PM Madawa Soysa  wrote:
>>>
 Hi all,

 We are pleased to announce the third release candidate of WSO2 Identity
 Server 5.6.0.

 This release fixes the following issues

- 5.6.0-RC Fixes

- 5.6.0-Beta Fixes

- 5.6.0-Alpha2 Fixes

- 5.6.0-Alpha Fixes

- 5.6.0-M7 Fixes

- 5.6.0-M6 Fixes

- 5.6.0-M5 Fixes

- 5.6.0-M4 Fixes

- 5.6.0-M3 Fixes

- 5.6.0-M2 Fixes

- 5.6.0-M1 Fixes


 Source and distribution,
 Runtime -  https://github.com/wso2/pro
 duct-is/releases/tag/v5.6.0-rc3
 Analytics - https://github.com/wso2/anal
 ytics-is/releases/v5.6.0-rc3

 Please download, test the product and vote.

 [+] Stable - go ahead and release
 [-] Broken - do not release (explain why)

 Thanks,
 WSO2 Identity and Access Management Team
 --

 Madawa Soysa / Senior Software Engineer
 mada...@wso2.com / +94714616050

 *WSO2 Inc.*
 lean.enterprise.middleware

   




>>>
>>> --
>>>
>>> Vihanga Liyanage
>>>
>>> Software Engineer | WS*O₂* Inc.
>>>
>>> M : +*94710124103* | http://wso2.com
>>>
>>> [image: http://wso2.com/signature] 
>>>
>>> ___
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>>
>> --
>> Sathya Bandara
>> Software