Thunder v0.31.0

WSO2 Thunder ⚡

Identity Management Suite

Thunder is a modern, open-source identity management service designed for teams building secure, customizable authentication experiences across applications, services, and AI agents. It enables developers to design and orchestrate login, registration, and recovery flows using a flexible identity flow designer.

Designed for extensibility, scalability, and seamless containerized deployment, Thunder integrates naturally with microservices and DevOps environments—serving as the core identity layer for your cloud platform.

What's Changed

🚀 Features

• Add Self Registration Invite Flow by @Dilusha-Madushan in #1970

✨ Improvements

• Add logoUrl field to organization units and update related resources by @brionmario in #2005
• Add integration tests for declarative resources by @rajithacharith in #1872
• Refactor application service by @thiva-k in #1956
• Add font design support for gate preview by @DonOmalVindula in #2052
• Add type filter for role assingment API by @sahandilshan in #2026
• Add coderabbit.yaml with specific instructions by @sahandilshan in #2094
• Add Redis username configuration by @KaveeshaPiumini in #2100
• Provide support for Role UI by @sahandilshan in #1938
• Make listing UI actions consistent by @brionmario in #2149
• Refactor user schema and group service interfaces to include 'includeDisplay' parameter by @DonOmalVindula in #2134
• Provide support to return the roles with tokens by @sahandilshan in #2137
• Add support for organization unit selection in user type resolution in user invite flow by @DonOmalVindula in #2147
• Add 'include=display' support for thunder-console by @DonOmalVindula in #2138
• Add display names to bootstrap schema properties by @DonOmalVindula in #2178
• Update default flows to show signup link on sign in page by @rajithacharith in #2181

🐛 Bug Fixes

• Fix UI inconsistency issues in Listing & other UIs in Thunder Console by @brionmario in #2069
• Fix application logo resolving in default flows by @rajithacharith in #2072
• Update postman collection for latest apis by @rajithacharith in #2071
• Fix AuthPageLayout background fallback and CI merge queue skips by @DonOmalVindula in #2126
• Hide credential attributes from token attribute selection UI by @ThaminduR in #2003
• Update navigation path in Create Application button inside Thunder Home by @brionmario in #2153
• Remove registration flow info box and role edit handle field by @DonOmalVindula in #2180

Full Changelog: v0.30.0...v0.31.0

⚡ Quickstart

This Quickstart guide will help you get started with WSO2 Thunder quickly. It walks you through downloading and running the product, trying out the sample app, and exploring registering a user, logging in, and using the Client Credentials flow.

Download and Run WSO2 Thunder

You can run WSO2 Thunder either by downloading the release artifact or using the official Docker image.

Option 1: Run from Release Artifact

Follow these steps to download the 0.31.0 release of WSO2 Thunder and run it locally.

1. Download the distribution from the 0.31.0 release

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	thunder-0.31.0-macos-arm64.zip
   macOS	x64 (Intel)	thunder-0.31.0-macos-x64.zip
   Linux	x64	thunder-0.31.0-linux-x64.zip
   Linux	ARM64	thunder-0.31.0-linux-arm64.zip
   Windows	x64	thunder-0.31.0-win-x64.zip

2. Unzip the product

   Unzip the downloaded file using the following command:

   unzip thunder-0.31.0-<os>-<arch>.zip

   Navigate to the unzipped directory:

   cd thunder-0.31.0-<os>-<arch>/

3. Setup the product

   You need to setup the server with the initial configurations and data before starting the server for the first time.

   If you are using a Linux or macOS machine:

   ./setup.sh

   If you are using a Windows machine:

   .\setup.ps1

   Note the id of the sample app indicated with the log line [INFO] Sample App ID: <id>. You'll need it for the sample app configuration.

4. Start the product

   If you are using a Linux or macOS machine:

   ./start.sh

   If you are using a Windows machine:

   .\start.ps1

   The product will start on https://localhost:8090.

Option 2: Run with Docker Compose

Follow these steps to run WSO2 Thunder using Docker Compose.

1. Download the Docker Compose file

   Download the docker-compose.yml file using the following command:

   curl -o docker-compose.yml https://raw.githubusercontent.com/asgardeo/thunder/v0.31.0/install/quick-start/docker-compose.yml

2. Start Thunder

   Run the following command in the directory where you downloaded the docker-compose.yml file:

   docker compose up

   This will automatically:

   • Initialize the database
   • Run the setup process
   • Start the Thunder server

   Note the id of the sample app indicated with the log line [INFO] Sample App ID: <id> in the setup logs. You'll need it for the sample app configuration.

   The product will start on https://localhost:8090.

Try Out the Product

Try out the Thunder Console

Follow these steps to access the Thunder Console:

1. Open your browser and navigate to https://localhost:8090/console.

2. Log in using the admin credentials created during the initial data setup (admin / admin).

Try Out with the Sample App

Thunder provides two sample applications to help you get started quickly:

• React Vanilla Sample — Sample React application demonstrating direct API integration without external SDKs. Supports Native Flow API or Standard OAuth/OIDC.
• React SDK Sample — Sample React application demonstrating SDK-based integration using @asgardeo/react for OAuth 2.0/OIDC authentication.

React Vanilla Sample

1. Download the sample

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	sample-app-react-vanilla-0.31.0-macos-arm64.zip
   macOS	x64 (Intel)	sample-app-react-vanilla-0.31.0-macos-x64.zip
   Linux	x64	sample-app-react-vanilla-0.31.0-linux-x64.zip
   Linux	ARM64	sample-app-react-vanilla-0.31.0-linux-arm64.zip
   Windows	x64	sample-app-react-vanilla-0.31.0-win-x64.zip

2. Unzip and navigate to the sample app directory

   unzip sample-app-react-vanilla-0.31.0-<os>-<arch>.zip
   cd sample-app-react-vanilla-0.31.0-<os>-<arch>/

3. Configure the sample

   Open app/runtime.json and set the applicationID to the sample app ID generated during "Setup the product":

   {
       "applicationID": "{your-application-id}"
   }

4. Start the sample

   ./start.sh

   Open your browser and navigate to https://localhost:3000 to access the sample app.

   📖 Refer to the README.md inside the...

Thunder v0.30.0

WSO2 Thunder ⚡

Identity Management Suite

Thunder is a modern, open-source identity management service designed for teams building secure, customizable authentication experiences across applications, services, and AI agents. It enables developers to design and orchestrate login, registration, and recovery flows using a flexible identity flow designer.

Designed for extensibility, scalability, and seamless containerized deployment, Thunder integrates naturally with microservices and DevOps environments—serving as the core identity layer for your cloud platform.

What's Changed

⚠️ Breaking Changes

• Add argon2id support by @hwupathum in #1599
• Move API request body attributes to camelCase by @rajithacharith in #1897
• Add clientId to context runtime data and standardize userId usage by @ThaminduDilshan in #1984

🚀 Features

• Implement Redis cache support by @KaveeshaPiumini in #1880
• Add custom CSS builder UI with iframe preview by @DonOmalVindula in #1949

✨ Improvements

• Add include=display query param int GET users/{userId} endpoint by @DonOmalVindula in #1885
• Pack consent server with thunder distribution by @ThaminduDilshan in #1934
• Improve Application Token & Advanced sections by @brionmario in #1942
• Add OU selection backend support for invited users by @DonOmalVindula in #1962
• Improve Theme Thumbnail in Thunder Design by @brionmario in #1975
• Add OU selection UI for user invite wizard by @DonOmalVindula in #1963
• Add consent documentation by @ThaminduDilshan in #1982
• Update OC deployment artifacts to support latest OC version by @ayeshajay in #1953
• Add isReadOnly attribute for list response by @rajithacharith in #1870
• Support mounting declarative resources via helm by @rajithacharith in #1994
• Add allowed user schema support to node poperty by @thiva-k in #1996

🐛 Bug Fixes

• Validate application flow types during creation by @Dilusha-Madushan in #1906
• Update asgardeo react version to 0.19.0 by @rajithacharith in #1961
• Fix missing clientId in Windows bootstrap for Console app by @DonOmalVindula in #1990
• Add description to ApplicationMetadata in flow/meta response by @ThaminduR in #1983
• Fix schema validation failing on user update when credentials are absent by @DonOmalVindula in #1995
• Refactor graph cache to use in-memory cache implementation and enhance logging by @KaveeshaPiumini in #1997

New Contributors

• @Dilusha-Madushan made their first contribution in #1906
• @ThaminduR made their first contribution in #1983

Full Changelog: v0.29.0...v0.30.0

⚡ Quickstart

This Quickstart guide will help you get started with WSO2 Thunder quickly. It walks you through downloading and running the product, trying out the sample app, and exploring registering a user, logging in, and using the Client Credentials flow.

Download and Run WSO2 Thunder

You can run WSO2 Thunder either by downloading the release artifact or using the official Docker image.

Option 1: Run from Release Artifact

Follow these steps to download the 0.30.0 release of WSO2 Thunder and run it locally.

1. Download the distribution from the 0.30.0 release

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	thunder-0.30.0-macos-arm64.zip
   macOS	x64 (Intel)	thunder-0.30.0-macos-x64.zip
   Linux	x64	thunder-0.30.0-linux-x64.zip
   Linux	ARM64	thunder-0.30.0-linux-arm64.zip
   Windows	x64	thunder-0.30.0-win-x64.zip

2. Unzip the product

   Unzip the downloaded file using the following command:

   unzip thunder-0.30.0-<os>-<arch>.zip

   Navigate to the unzipped directory:

   cd thunder-0.30.0-<os>-<arch>/

3. Setup the product

   You need to setup the server with the initial configurations and data before starting the server for the first time.

   If you are using a Linux or macOS machine:

   ./setup.sh

   If you are using a Windows machine:

   .\setup.ps1

   Note the id of the sample app indicated with the log line [INFO] Sample App ID: <id>. You'll need it for the sample app configuration.

4. Start the product

   If you are using a Linux or macOS machine:

   ./start.sh

   If you are using a Windows machine:

   .\start.ps1

   The product will start on https://localhost:8090.

Option 2: Run with Docker Compose

Follow these steps to run WSO2 Thunder using Docker Compose.

1. Download the Docker Compose file

   Download the docker-compose.yml file using the following command:

   curl -o docker-compose.yml https://raw.githubusercontent.com/asgardeo/thunder/v0.30.0/install/quick-start/docker-compose.yml

2. Start Thunder

   Run the following command in the directory where you downloaded the docker-compose.yml file:

   docker compose up

   This will automatically:

   • Initialize the database
   • Run the setup process
   • Start the Thunder server

   Note the id of the sample app indicated with the log line [INFO] Sample App ID: <id> in the setup logs. You'll need it for the sample app configuration.

   The product will start on https://localhost:8090.

Try Out the Product

Try out the Thunder Console

Follow these steps to access the Thunder Console:

1. Open your browser and navigate to https://localhost:8090/console.

2. Log in using the admin credentials created during the initial data setup (admin / admin).

Try Out with the Sample App

Thunder provides two sample applications to help you get started quickly:

• React Vanilla Sample — Sample React application demonstrating direct API integration without external SDKs. Supports Native Flow API or Standard OAuth/OIDC.
• React SDK Sample — Sample React application demonstrating SDK-based integration using @asgardeo/react for OAuth 2.0/OIDC authentication.

React Vanilla Sample

1. Download the sample

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	sample-app-react-vanilla-0.30.0-macos-arm64.zip
   macOS	x64 (Intel)	sample-app-react-vanilla-0.30.0-macos-x64.zip
   Linux	x64	sample-app-react-vanilla-0.30.0-linux-x64.zip
   Linux	ARM64	sample-app-react-vanilla-0.30.0-linux-arm64.zip
   Windows	x64	sample-app-react-vanilla-0.30.0-win-x64.zip

2. Unzip and navigate to the sample app directory

   unzip sample-app-react-vanilla-0.30.0-<os>-<arch>.zip
   cd sample-app-react-vanilla-0.30.0-<os>-<arch>/

3. Configure the sample

   Open app/runtime.json and set the applicationID to the sample app ID generated during "Setup the product":

   {
       "applicationID": "{your-application-id}"
   }

4. Start the sample

   ./start.sh

   Open your browser and navigate to https://localhost:3000 to...

Thunder v0.29.0

WSO2 Thunder ⚡

Identity Management Suite

Thunder is a modern, open-source identity management service designed for teams building secure, customizable authentication experiences across applications, services, and AI agents. It enables developers to design and orchestrate login, registration, and recovery flows using a flexible identity flow designer.

Designed for extensibility, scalability, and seamless containerized deployment, Thunder integrates naturally with microservices and DevOps environments—serving as the core identity layer for your cloud platform.

What's Changed

⚠️ Breaking Changes

• Standardize OU reference field name and rename OrganizationUnitID to OUID by @DonOmalVindula in #1840

🚀 Features

• Introduce a Emoji Picker for Resource Logos by @brionmario in #1838
• Email Template & Scenario Type Support for Email Executor by @RandithaK in #1831

✨ Improvements

• Remove usage of context.TODO by @JeethJJ in #1830
• Resolve errors being masked with transactioner by @JeethJJ in #1866
• Bump @asgardeo/react to 0.15.2 and remove redundant AcceptInvite validation by @thiva-k in #1869
• Minor improvements in composite stores by @rajithacharith in #1725
• Use attribute cache for generating tokens and userinfo response by @ThumulaPerera in #1853
• Improve application validation logic by @thiva-k in #1798
• Improve consent form with toggles by @ThaminduDilshan in #1900
• Add custom CSS capability to Gate App by @DonOmalVindula in #1898
• Remove database dependency from transections by @JeethJJ in #1871
• Add a unique handle in Theme and Layout schema by @brionmario in #1901
• Add initial quickstarts and guides to Thunder by @himeshsiriwardana in #1911
• feat(docs): add i18n localization support infrastructure by @littleKitchen in #1254

🐛 Bug Fixes

• Fix consent executor to include special attributes by @ThaminduDilshan in #1844
• Fixes white labeling Issues in Thunder Gate by @brionmario in #1875
• Fix refresh issues in Thunder Gate by @brionmario in #1894
• Fix composite get and uuid validation by @rajithacharith in #1883
• Fix Invite flows to support i18n translations via Thunder Console by @brionmario in #1910
• Remove logo from accept invite by @thiva-k in #1915

New Contributors

• @littleKitchen made their first contribution in #1254

Full Changelog: v0.28.0...v0.29.0

⚡ Quickstart

This Quickstart guide will help you get started with WSO2 Thunder quickly. It walks you through downloading and running the product, trying out the sample app, and exploring registering a user, logging in, and using the Client Credentials flow.

Download and Run WSO2 Thunder

You can run WSO2 Thunder either by downloading the release artifact or using the official Docker image.

Option 1: Run from Release Artifact

Follow these steps to download the 0.29.0 release of WSO2 Thunder and run it locally.

1. Download the distribution from the 0.29.0 release

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	thunder-0.29.0-macos-arm64.zip
   macOS	x64 (Intel)	thunder-0.29.0-macos-x64.zip
   Linux	x64	thunder-0.29.0-linux-x64.zip
   Linux	ARM64	thunder-0.29.0-linux-arm64.zip
   Windows	x64	thunder-0.29.0-win-x64.zip

2. Unzip the product

   Unzip the downloaded file using the following command:

   unzip thunder-0.29.0-<os>-<arch>.zip

   Navigate to the unzipped directory:

   cd thunder-0.29.0-<os>-<arch>/

3. Setup the product

   You need to setup the server with the initial configurations and data before starting the server for the first time.

   If you are using a Linux or macOS machine:

   ./setup.sh

   If you are using a Windows machine:

   .\setup.ps1

   Note the id of the sample app indicated with the log line [INFO] Sample App ID: <id>. You'll need it for the sample app configuration.

4. Start the product

   If you are using a Linux or macOS machine:

   ./start.sh

   If you are using a Windows machine:

   .\start.ps1

   The product will start on https://localhost:8090.

Option 2: Run with Docker Compose

Follow these steps to run WSO2 Thunder using Docker Compose.

1. Download the Docker Compose file

   Download the docker-compose.yml file using the following command:

   curl -o docker-compose.yml https://raw.githubusercontent.com/asgardeo/thunder/v0.29.0/install/quick-start/docker-compose.yml

2. Start Thunder

   Run the following command in the directory where you downloaded the docker-compose.yml file:

   docker compose up

   This will automatically:

   • Initialize the database
   • Run the setup process
   • Start the Thunder server

   Note the id of the sample app indicated with the log line [INFO] Sample App ID: <id> in the setup logs. You'll need it for the sample app configuration.

   The product will start on https://localhost:8090.

Try Out the Product

Try out the Thunder Console

Follow these steps to access the Thunder Console:

1. Open your browser and navigate to https://localhost:8090/console.

2. Log in using the admin credentials created during the initial data setup (admin / admin).

Try Out with the Sample App

Thunder provides two sample applications to help you get started quickly:

• React Vanilla Sample — Sample React application demonstrating direct API integration without external SDKs. Supports Native Flow API or Standard OAuth/OIDC.
• React SDK Sample — Sample React application demonstrating SDK-based integration using @asgardeo/react for OAuth 2.0/OIDC authentication.

React Vanilla Sample

1. Download the sample

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	sample-app-react-vanilla-0.29.0-macos-arm64.zip
   macOS	x64 (Intel)	sample-app-react-vanilla-0.29.0-macos-x64.zip
   Linux	x64	sample-app-react-vanilla-0.29.0-linux-x64.zip
   Linux	ARM64	sample-app-react-vanilla-0.29.0-linux-arm64.zip
   Windows	x64	sample-app-react-vanilla-0.29.0-win-x64.zip

2. Unzip and navigate to the sample app directory

   unzip sample-app-react-vanilla-0.29.0-<os>-<arch>.zip
   cd sample-app-react-vanilla-0.29.0-<os>-<arch>/

3. Configure the sample

   Open app/runtime.json and set the applicationID to the sample app ID generated during "Setup the product":

   {
       "applicationID": "{your-application-id}"
   }

4. Start the sample

   ./start.sh

   Open your browser and navigate to https://localhost:3000 to access the sample app.

   📖 Refer to the README.md inside the extracted sample app for detailed configuration options including OAuth redirect-based login.

React SDK Sample

1. Download the sample

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	sample-app-react-sdk-0.29.0-macos-arm64.zip

Thunder v0.28.0

WSO2 Thunder ⚡

Identity Management Suite

Thunder is a modern, open-source identity management service designed for teams building secure, customizable authentication experiences across applications, services, and AI agents. It enables developers to design and orchestrate login, registration, and recovery flows using a flexible identity flow designer.

Designed for extensibility, scalability, and seamless containerized deployment, Thunder integrates naturally with microservices and DevOps environments—serving as the core identity layer for your cloud platform.

What's Changed

✨ Improvements

• Process essential attributes based on oidc claims parameter by @ThaminduDilshan in #1808
• Add credential support and disable unique when credential is checked by @DonOmalVindula in #1818
• Create administrators group in boostrap by @senthalan in #1832
• Rename app: thunder-develop -> thunder-console by @jeradrutnam in #1802
• Add support to get unique schema attributes by @thiva-k in #1845
• Clear user inputs in prompt nodes for failures by @thiva-k in #1839
• Add unique attribute validation for invite flow by @thiva-k in #1848
• Remove phone number in the user invite flow by @darshanasbg in #1849

🐛 Bug Fixes

• Improve Application Settings Contacts field & Fix Home page cards responsive issues by @brionmario in #1805
• Disable local cache in helm setup by @senthalan in #1827
• Fix scopes not returned for group-assigned roles by @senthalan in #1815

Full Changelog: v0.27.0...v0.28.0

⚡ Quickstart

This Quickstart guide will help you get started with WSO2 Thunder quickly. It walks you through downloading and running the product, trying out the sample app, and exploring registering a user, logging in, and using the Client Credentials flow.

Download and Run WSO2 Thunder

You can run WSO2 Thunder either by downloading the release artifact or using the official Docker image.

Option 1: Run from Release Artifact

Follow these steps to download the 0.28.0 release of WSO2 Thunder and run it locally.

1. Download the distribution from the 0.28.0 release

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	thunder-0.28.0-macos-arm64.zip
   macOS	x64 (Intel)	thunder-0.28.0-macos-x64.zip
   Linux	x64	thunder-0.28.0-linux-x64.zip
   Linux	ARM64	thunder-0.28.0-linux-arm64.zip
   Windows	x64	thunder-0.28.0-win-x64.zip

2. Unzip the product

   Unzip the downloaded file using the following command:

   unzip thunder-0.28.0-<os>-<arch>.zip

   Navigate to the unzipped directory:

   cd thunder-0.28.0-<os>-<arch>/

3. Setup the product

   You need to setup the server with the initial configurations and data before starting the server for the first time.

   If you are using a Linux or macOS machine:

   ./setup.sh

   If you are using a Windows machine:

   .\setup.ps1

   Note the id of the sample app indicated with the log line [INFO] Sample App ID: <id>. You'll need it for the sample app configuration.

4. Start the product

   If you are using a Linux or macOS machine:

   ./start.sh

   If you are using a Windows machine:

   .\start.ps1

   The product will start on https://localhost:8090.

Option 2: Run with Docker Compose

Follow these steps to run WSO2 Thunder using Docker Compose.

1. Download the Docker Compose file

   Download the docker-compose.yml file using the following command:

   curl -o docker-compose.yml https://raw.githubusercontent.com/asgardeo/thunder/v0.28.0/install/quick-start/docker-compose.yml

2. Start Thunder

   Run the following command in the directory where you downloaded the docker-compose.yml file:

   docker compose up

   This will automatically:

   • Initialize the database
   • Run the setup process
   • Start the Thunder server

   Note the id of the sample app indicated with the log line [INFO] Sample App ID: <id> in the setup logs. You'll need it for the sample app configuration.

   The product will start on https://localhost:8090.

Try Out the Product

Try out the Thunder Console

Follow these steps to access the Thunder Console:

1. Open your browser and navigate to https://localhost:8090/console.

2. Log in using the admin credentials created during the initial data setup (admin / admin).

Try Out with the Sample App

Thunder provides two sample applications to help you get started quickly:

• React Vanilla Sample — Sample React application demonstrating direct API integration without external SDKs. Supports Native Flow API or Standard OAuth/OIDC.
• React SDK Sample — Sample React application demonstrating SDK-based integration using @asgardeo/react for OAuth 2.0/OIDC authentication.

React Vanilla Sample

1. Download the sample

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	sample-app-react-vanilla-0.28.0-macos-arm64.zip
   macOS	x64 (Intel)	sample-app-react-vanilla-0.28.0-macos-x64.zip
   Linux	x64	sample-app-react-vanilla-0.28.0-linux-x64.zip
   Linux	ARM64	sample-app-react-vanilla-0.28.0-linux-arm64.zip
   Windows	x64	sample-app-react-vanilla-0.28.0-win-x64.zip

2. Unzip and navigate to the sample app directory

   unzip sample-app-react-vanilla-0.28.0-<os>-<arch>.zip
   cd sample-app-react-vanilla-0.28.0-<os>-<arch>/

3. Configure the sample

   Open app/runtime.json and set the applicationID to the sample app ID generated during "Setup the product":

   {
       "applicationID": "{your-application-id}"
   }

4. Start the sample

   ./start.sh

   Open your browser and navigate to https://localhost:3000 to access the sample app.

   📖 Refer to the README.md inside the extracted sample app for detailed configuration options including OAuth redirect-based login.

React SDK Sample

1. Download the sample

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	sample-app-react-sdk-0.28.0-macos-arm64.zip
   macOS	x64 (Intel)	sample-app-react-sdk-0.28.0-macos-x64.zip
   Linux	x64	sample-app-react-sdk-0.28.0-linux-x64.zip
   Linux	ARM64	sample-app-react-sdk-0.28.0-linux-arm64.zip
   Windows	x64	sample-app-react-sdk-0.28.0-win-x64.zip

2. Unzip and navigate to the sample app directory

   unzip sample-app-react-sdk-0.28.0-<os>-<arch>.zip
   cd sample-app-react-sdk-0.28.0-<os>-<arch>/

3. Start the sample

   ./start.sh

   Open your browser and navigate to https://localhost:3000 to access the sample app.

   📖 Refer to th...

Thunder v0.27.0

WSO2 Thunder ⚡

Identity Management Suite

Thunder is a modern, open-source identity management service designed for teams building secure, customizable authentication experiences across applications, services, and AI agents. It enables developers to design and orchestrate login, registration, and recovery flows using a flexible identity flow designer.

Designed for extensibility, scalability, and seamless containerized deployment, Thunder integrates naturally with microservices and DevOps environments—serving as the core identity layer for your cloud platform.

What's Changed

⚠️ Breaking Changes

• Add attribute caching layer by @ThumulaPerera in #1753
• Unify name attributes to OIDC standard (given_name/family_name) by @DonOmalVindula in #1742
• Introduce EXPIRY_TIME column to FLOW_CONTEXT table by @KaveeshaPiumini in #1731
• Remove enabled flag from application login consent config by @ThaminduDilshan in #1771
• Refactor SQL indexes for improved lookup efficiency and consistency by @KaveeshaPiumini in #1706

🚀 Features

• Integrate consent login page UIs to gate by @ThaminduDilshan in #1737
• Introduce a Theme Builder by @brionmario in #1729
• Add consent components to flow builder UI by @ThaminduDilshan in #1745
• Home Page for Thunder Develop by @brionmario in #1789

✨ Improvements

• Support TLS Termination in Gateway API via Helm Chart using Envoy Gateway by @DharshanSR in #1481
• Application service context propagation and transection usage by @JeethJJ in #1673
• Add OUResolverExecutor by @thiva-k in #1763
• Remove redundant client credentials grant validation by @thiva-k in #1747
• Improve OAuth package error handling by @thiva-k in #1716
• Add database cleanup procedure for expired data by @KaveeshaPiumini in #1760
• Add include=display support to OU user listing endpoints by @DonOmalVindula in #1768
• Add display name and avatar support to OU UIs by @DonOmalVindula in #1784
• Add optional displayName field to user schema property definitions by @DonOmalVindula in #1782
• oauth service context propagation and transection usage by @JeethJJ in #1754
• Display name UI for user type attributes by @DonOmalVindula in #1787
• Integration of User Onboarding flow with Email Mechanism by @RandithaK in #1748
• Flow service context propagation and transection usage by @JeethJJ in #1765
• Add Runtime Database Cleanup Script by @KaveeshaPiumini in #1734
• Bump oxygen-ui version to v0.8.2 which have fixes for app shell scrolling issues by @jeradrutnam in #1796
• Add credential support and property management to user type edit page by @DonOmalVindula in #1799

🐛 Bug Fixes

• Initialize transactioner regardless the DB mode by @JeethJJ in #1762
• Fix consent filtering for the default client by @ThaminduDilshan in #1773
• Add Sign Up URL Widget to Flows & remove the static sign up url in Thunder Gate by @brionmario in #1785
• Fix Application URL update issues in Edit view by @brionmario in #1794
• Remove secret regenerate component for public client in develop app by @thiva-k in #1800

Full Changelog: v0.26.0...v0.27.0

⚡ Quickstart

This Quickstart guide will help you get started with WSO2 Thunder quickly. It walks you through downloading and running the product, trying out the sample app, and exploring registering a user, logging in, and using the Client Credentials flow.

Download and Run WSO2 Thunder

You can run WSO2 Thunder either by downloading the release artifact or using the official Docker image.

Option 1: Run from Release Artifact

Follow these steps to download the 0.27.0 release of WSO2 Thunder and run it locally.

1. Download the distribution from the 0.27.0 release

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	thunder-0.27.0-macos-arm64.zip
   macOS	x64 (Intel)	thunder-0.27.0-macos-x64.zip
   Linux	x64	thunder-0.27.0-linux-x64.zip
   Linux	ARM64	thunder-0.27.0-linux-arm64.zip
   Windows	x64	thunder-0.27.0-win-x64.zip

2. Unzip the product

   Unzip the downloaded file using the following command:

   unzip thunder-0.27.0-<os>-<arch>.zip

   Navigate to the unzipped directory:

   cd thunder-0.27.0-<os>-<arch>/

3. Setup the product

   You need to setup the server with the initial configurations and data before starting the server for the first time.

   If you are using a Linux or macOS machine:

   ./setup.sh

   If you are using a Windows machine:

   .\setup.ps1

   Note the id of the sample app indicated with the log line [INFO] Sample App ID: <id>. You'll need it for the sample app configuration.

4. Start the product

   If you are using a Linux or macOS machine:

   ./start.sh

   If you are using a Windows machine:

   .\start.ps1

   The product will start on https://localhost:8090.

Option 2: Run with Docker Compose

Follow these steps to run WSO2 Thunder using Docker Compose.

1. Download the Docker Compose file

   Download the docker-compose.yml file using the following command:

   curl -o docker-compose.yml https://raw.githubusercontent.com/asgardeo/thunder/v0.27.0/install/quick-start/docker-compose.yml

2. Start Thunder

   Run the following command in the directory where you downloaded the docker-compose.yml file:

   docker compose up

   This will automatically:

   • Initialize the database
   • Run the setup process
   • Start the Thunder server

   Note the id of the sample app indicated with the log line [INFO] Sample App ID: <id> in the setup logs. You'll need it for the sample app configuration.

   The product will start on https://localhost:8090.

Try Out the Product

Try out the Developer Console

Follow these steps to access the Developer Console:

1. Open your browser and navigate to https://localhost:8090/develop.

2. Log in using the admin credentials created during the initial data setup (admin / admin).

Try Out with the Sample App

Thunder provides two sample applications to help you get started quickly:

• React Vanilla Sample — Sample React application demonstrating direct API integration without external SDKs. Supports Native Flow API or Standard OAuth/OIDC.
• React SDK Sample — Sample React application demonstrating SDK-based integration using @asgardeo/react for OAuth 2.0/OIDC authentication.

React Vanilla Sample

1. Download the sample

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	sample-app-react-vanilla-0.27.0-macos-arm64.zip
   macOS	x64 (Intel)	sample-app-react-vanilla-0.27.0-macos-x64.zip
   Linux	x64	sample-app-react-vanilla-0.27.0-linux-x64.zip
   Linux	ARM64	[sample-app-react-vanilla-0.27.0-linux-arm64.zip](https://github.com/asgardeo/thunder/releases/download/v0.27.0/sample-app-react-vanilla-0.27.0-linux-a...

Thunder v0.26.0

WSO2 Thunder ⚡

Identity Management Suite

Thunder is a modern, open-source identity management service designed for teams building secure, customizable authentication experiences across applications, services, and AI agents. It enables developers to design and orchestrate login, registration, and recovery flows using a flexible identity flow designer.

Designed for extensibility, scalability, and seamless containerized deployment, Thunder integrates naturally with microservices and DevOps environments—serving as the core identity layer for your cloud platform.

What's Changed

🚀 Features

• Add core email sending capability with system config and SMTP client by @RandithaK in #1655

✨ Improvements

• Add cache-backed user schema store and display attribute methods by @DonOmalVindula in #1679
• Introduce Stack component to flows by @brionmario in #1702
• [Docs] Introduce use cases section for the documentation with B2C, B2B, and AI agent use cases by @AnuradhaSK in #1703
• Add batch fetch support for users and groups and fix display attribute resolution by @DonOmalVindula in #1690
• Refactor invite executor to support send/verify modes by @thiva-k in #1719
• Add UI for showing display attribute of users by @DonOmalVindula in #1735
• Add include=display support for user and group listing endpoints by @DonOmalVindula in #1710
• Define display attribute in default user schemas by @darshanasbg in #1740

🐛 Bug Fixes

• Fix GitHub edit URL in documentation by @ayeshajay in #1722
• Fix declarative resource validations by @rajithacharith in #1720

New Contributors

• @AnuradhaSK made their first contribution in #1703

Full Changelog: v0.25.0...v0.26.0

⚡ Quickstart

This Quickstart guide will help you get started with WSO2 Thunder quickly. It walks you through downloading and running the product, trying out the sample app, and exploring registering a user, logging in, and using the Client Credentials flow.

Download and Run WSO2 Thunder

You can run WSO2 Thunder either by downloading the release artifact or using the official Docker image.

Option 1: Run from Release Artifact

Follow these steps to download the 0.26.0 release of WSO2 Thunder and run it locally.

1. Download the distribution from the 0.26.0 release

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	thunder-0.26.0-macos-arm64.zip
   macOS	x64 (Intel)	thunder-0.26.0-macos-x64.zip
   Linux	x64	thunder-0.26.0-linux-x64.zip
   Linux	ARM64	thunder-0.26.0-linux-arm64.zip
   Windows	x64	thunder-0.26.0-win-x64.zip

2. Unzip the product

   Unzip the downloaded file using the following command:

   unzip thunder-0.26.0-<os>-<arch>.zip

   Navigate to the unzipped directory:

   cd thunder-0.26.0-<os>-<arch>/

3. Setup the product

   You need to setup the server with the initial configurations and data before starting the server for the first time.

   If you are using a Linux or macOS machine:

   ./setup.sh

   If you are using a Windows machine:

   .\setup.ps1

   Note the id of the sample app indicated with the log line [INFO] Sample App ID: <id>. You'll need it for the sample app configuration.

4. Start the product

   If you are using a Linux or macOS machine:

   ./start.sh

   If you are using a Windows machine:

   .\start.ps1

   The product will start on https://localhost:8090.

Option 2: Run with Docker Compose

Follow these steps to run WSO2 Thunder using Docker Compose.

1. Download the Docker Compose file

   Download the docker-compose.yml file using the following command:

   curl -o docker-compose.yml https://raw.githubusercontent.com/asgardeo/thunder/v0.26.0/install/quick-start/docker-compose.yml

2. Start Thunder

   Run the following command in the directory where you downloaded the docker-compose.yml file:

   docker compose up

   This will automatically:

   • Initialize the database
   • Run the setup process
   • Start the Thunder server

   Note the id of the sample app indicated with the log line [INFO] Sample App ID: <id> in the setup logs. You'll need it for the sample app configuration.

   The product will start on https://localhost:8090.

Try Out the Product

Try out the Developer Console

Follow these steps to access the Developer Console:

1. Open your browser and navigate to https://localhost:8090/develop.

2. Log in using the admin credentials created during the initial data setup (admin / admin).

Try Out with the Sample App

Thunder provides two sample applications to help you get started quickly:

• React Vanilla Sample — Sample React application demonstrating direct API integration without external SDKs. Supports Native Flow API or Standard OAuth/OIDC.
• React SDK Sample — Sample React application demonstrating SDK-based integration using @asgardeo/react for OAuth 2.0/OIDC authentication.

React Vanilla Sample

1. Download the sample

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	sample-app-react-vanilla-0.26.0-macos-arm64.zip
   macOS	x64 (Intel)	sample-app-react-vanilla-0.26.0-macos-x64.zip
   Linux	x64	sample-app-react-vanilla-0.26.0-linux-x64.zip
   Linux	ARM64	sample-app-react-vanilla-0.26.0-linux-arm64.zip
   Windows	x64	sample-app-react-vanilla-0.26.0-win-x64.zip

2. Unzip and navigate to the sample app directory

   unzip sample-app-react-vanilla-0.26.0-<os>-<arch>.zip
   cd sample-app-react-vanilla-0.26.0-<os>-<arch>/

3. Configure the sample

   Open app/runtime.json and set the applicationID to the sample app ID generated during "Setup the product":

   {
       "applicationID": "{your-application-id}"
   }

4. Start the sample

   ./start.sh

   Open your browser and navigate to https://localhost:3000 to access the sample app.

   📖 Refer to the README.md inside the extracted sample app for detailed configuration options including OAuth redirect-based login.

React SDK Sample

1. Download the sample

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	sample-app-react-sdk-0.26.0-macos-arm64.zip
   macOS	x64 (Intel)	sample-app-react-sdk-0.26.0-macos-x64.zip
   Linux	x64	sample-app-react-sdk-0.26.0-linux-x64.zip
   Linux	ARM64	sample-app-react-sdk-0.26.0-linux-arm64.zip
   Windows	x64	sample-app-react-sdk-0.26.0-win-x64.zip

2. Unzip and navigate to the sample app directory

   unzip sample-app-react-sdk-0.26.0-<os>-<arch>.zip
   cd sample-app-react-sdk-0.26.0-<os>-...

Thunder v0.25.0

WSO2 Thunder ⚡

Identity Management Suite

Thunder is a modern, open-source identity management service designed for teams building secure, customizable authentication experiences across applications, services, and AI agents. It enables developers to design and orchestrate login, registration, and recovery flows using a flexible identity flow designer.

Designed for extensibility, scalability, and seamless containerized deployment, Thunder integrates naturally with microservices and DevOps environments—serving as the core identity layer for your cloud platform.

What's Changed

⚠️ Breaking Changes

• Add support to persist authenticated user token and available attributes in flow context by @ThumulaPerera in #1579
• Rename UUID-based primary key columns to ID by @KaveeshaPiumini in #1605
• Refactoring thunderdb/identitydb to configdb by @KaveeshaPiumini in #1678
• Remove plain method support in pkce by @thiva-k in #1586

🚀 Features

• Introduce Translations UI by @brionmario in #1626
• Add systemAttributes support to user schema by @DonOmalVindula in #1657
• Add consent mgt service with attribute config integration by @ThaminduDilshan in #1619
• Add Client Secret regeneration functionality and related components by @kavindadimuthu in #1669
• Integrate system authz for group package by @senthalan in #1677
• feature: private_key_jwt client authentication by @sacrana0 in #1555
• Add consent enforcer service and consent executor by @ThaminduDilshan in #1697

✨ Improvements

• Add Windows prerequisites for SQLite3 and PowerShell 7 by @yehenidodanwela in #1502
• Migrate user types API hooks to TanStack Query by @DonOmalVindula in #1606
• Return initialize errors to servicemanager by @JeethJJ in #1567
• 1551 | Add nonce support for OIDC authorization code flow by @nandhu-kumar in #1604
• Refactor OU hierarchy resolver to decouple self-inclusion logic by @senthalan in #1649
• Add userinfo to discovery endpoints by @thiva-k in #1642
• Update auth code generation mechanism by @thiva-k in #1643
• Make basic auth scheme comparison case-insensitive. by @thiva-k in #1636
• Add strict attribute validation in user schema by @DonOmalVindula in #1630
• Refactor exporters structs by @rajithacharith in #1650
• Update aud in introspect to support array by @thiva-k in #1658
• Add URL decode for basic auth client credentials by @thiva-k in #1634
• Add configuration for switching userprovider implementation by @ThumulaPerera in #1639
• Improve authz code consumption logic by @thiva-k in #1632
• Add organization unit selection step to user creation wizard by @DonOmalVindula in #1666
• Add strict display attribute validation with dot-notation support in user schema by @DonOmalVindula in #1664
• Improve thunder_integrate_react_sdk for app native login by @rajithacharith in #1676
• [Docs] Enabling Docusaurus versions by @indeewari in #1312
• OU service context propagation and transection usage by @JeethJJ in #1651
• Add front-end email validation for user form by @garuka-satharasinghe in #1623
• Add prompt parameter support in authorize request by @thiva-k in #1656
• Add WWW-Authenticate for client auth errors by @thiva-k in #1660
• Add authentication for token introspect endpoint by @thiva-k in #1686
• Use ouId from token as fallback during user creation by @senthalan in #1685
• Add HTTP headers to prevent frame embedding authz requests by @thiva-k in #1681

🐛 Bug Fixes

• Add handling for THUNDER_SKIP_SECURITY environment variable in setup script by @yehenidodanwela in #1554
• Change refresh grant error for additional scopes by @thiva-k in #1641
• Update inconsistent OAuth error codes by @thiva-k in #1637
• Fix: Replace xxd with openssl in build.sh by @RandithaK in #1611
• Update token exchange error code by @thiva-k in #1628
• Remove CORS from authz request by @thiva-k in #1659
• Fix incorrect refactoring from thunderdb to configdb in .github/workflows/release-builder.yml by @KaveeshaPiumini in #1684
• Update ROLE_PERMISSION.PERMISSION column Size by @senthalan in #1695
• Fix OIDC scope filtering in flow initialization by @thiva-k in #1700

New Contributors

• @yehenidodanwela made their first contribution in #1554
• @RandithaK made their first contribution in #1611
• @indeewari made their first contribution in #1312
• @garuka-satharasinghe made their first contribution in #1623
• @kavindadimuthu made their first contribution in #1669

Full Changelog: v0.24.0...v0.25.0

⚡ Quickstart

This Quickstart guide will help you get started with WSO2 Thunder quickly. It walks you through downloading and running the product, trying out the sample app, and exploring registering a user, logging in, and using the Client Credentials flow.

Download and Run WSO2 Thunder

You can run WSO2 Thunder either by downloading the release artifact or using the official Docker image.

Option 1: Run from Release Artifact

Follow these steps to download the 0.25.0 release of WSO2 Thunder and run it locally.

1. Download the distribution from the 0.25.0 release

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	thunder-0.25.0-macos-arm64.zip
   macOS	x64 (Intel)	thunder-0.25.0-macos-x64.zip
   Linux	x64	thunder-0.25.0-linux-x64.zip
   Linux	ARM64	thunder-0.25.0-linux-arm64.zip
   Windows	x64	thunder-0.25.0-win-x64.zip

2. Unzip the product

   Unzip the downloaded file using the following command:

   unzip thunder-0.25.0-<os>-<arch>.zip

   Navigate to the unzipped directory:

   cd thunder-0.25.0-<os>-<arch>/

3. Setup the product

   You need to setup the server with the initial configurations and data before starting the server for the first time.

   If you are using a Linux or macOS machine:

   ./setup.sh

   If you are using a Windows machine:

   .\setup.ps1

   Note the id of the sample app indicated with the log line [INFO] Sample App ID: <id>. You'll need it for the sample app configuration.

4. Start the product

   If you are using a Linux or macOS machine:

   ./start.sh

   If you are using a Windows machine:

   .\start.ps1

   The product will start on https://localhost:8090.

Option 2: Run with Docker Compose

Follow these steps to run WSO2 Thunder using Docker Compose.

1. Download the Docker Compose file

   Download the docker-compose.yml file using the following command:

   curl -o docker-compose.yml https://raw.githubusercontent.com/asgardeo/thunder/v0.25.0/install/quick-start/docker-co...

Thunder v0.24.0

WSO2 Thunder ⚡

Identity Management Suite

Thunder is a modern, open-source identity management service designed for teams building secure, customizable authentication experiences across applications, services, and AI agents. It enables developers to design and orchestrate login, registration, and recovery flows using a flexible identity flow designer.

Designed for extensibility, scalability, and seamless containerized deployment, Thunder integrates naturally with microservices and DevOps environments—serving as the core identity layer for your cloud platform.

What's Changed

⚠️ Breaking Changes

• Refactor resource package to remove int based FK reference by @KaveeshaPiumini in #1557
• Implement Schema-driven credential attributes logic by @DonOmalVindula in #1552
• Remove INT ID column in DB Schema by @KaveeshaPiumini in #1547
• Refactor flow/mgt package to remove int based FK reference by @KaveeshaPiumini in #1584

🚀 Features

• Implement Schema-driven credential attributes UI by @DonOmalVindula in #1560
• Integrate system authz for OU package by @senthalan in #1534
• Integrate system authz for user package by @senthalan in #1575
• Integrate system authz for user schema package by @senthalan in #1602

✨ Improvements

• fixed: unit testcase failure in observability package by @sacrana0 in #1423
• Add pagination support for Organization Unit tree picker by @DonOmalVindula in #1492
• Update Oxygen UI version to 0.7.0 release along with few bug fixes and test coverage improvements by @jeradrutnam in #1465
• Update list table to oxygen UI ListingTable.DataGrid.Card component by @jeradrutnam in #1505
• Onboard system authorization core by @senthalan in #1500
• Add edit/view icons to Applications, Users, UserTypes listings by @jeradrutnam in #1529
• Notification service context propagation and transection usage by @JeethJJ in #1535
• IDP service context propagation and transection usage by @JeethJJ in #1548
• Improve thunder docs landing page by @DonOmalVindula in #1470
• Move transaction initialization logic to init.go by @JeethJJ in #1541
• Support configurable OAuth UserInfo response_type (JSON/JWS) with JWS signing implementation by @nandhu-kumar in #1362
• Support storing application metadata and passing metadata to authn provider by @ThumulaPerera in #1559
• Improve OAuth handler-service layer separation by @thiva-k in #1509
• Add credential input field for user creation wizard by @DonOmalVindula in #1572
• Support composite store for roles by @rajithacharith in #1532
• Update the default resource limits and requests in helm chart by @rajithacharith in #1573
• Resolve context conflicts in nodecontext and enginecontext by @JeethJJ in #1571
• Improve styling in thunder-docs landing pages by @DonOmalVindula in #1576
• Composite store support for IdP by @rajithacharith in #1401
• Support composite store for resource service by @rajithacharith in #1530
• Add composite store support for user schemas by @rajithacharith in #1570
• Add access token validator for userinfo by @thiva-k in #1590
• Onboard Action wise system authz policy by @senthalan in #1577
• Add ID token in refresh token grant flow by @thiva-k in #1585
• Add composite store support for themes and layouts by @rajithacharith in #1600
• Define structure for requested attributes by @ThumulaPerera in #1574
• Add composite store support for users by @rajithacharith in #1607

🐛 Bug Fixes

• Support registration in authz executor by @rajithacharith in #1145
• Fix authnprovider dependency in auth assert executor by @ThumulaPerera in #1549
• Add meta for default-basic-passkey-flow by @KaveeshaPiumini in #1533
• Add missing attributes in application yaml mapping by @rajithacharith in #1563
• Add at+jwt in access token header by @thiva-k in #1588

New Contributors

• @DharshanSR made their first contribution in #1531
• @nandhu-kumar made their first contribution in #1362

Full Changelog: v0.23.0...v0.24.0

⚡ Quickstart

This Quickstart guide will help you get started with WSO2 Thunder quickly. It walks you through downloading and running the product, trying out the sample app, and exploring registering a user, logging in, and using the Client Credentials flow.

Download and Run WSO2 Thunder

You can run WSO2 Thunder either by downloading the release artifact or using the official Docker image.

Option 1: Run from Release Artifact

Follow these steps to download the 0.24.0 release of WSO2 Thunder and run it locally.

1. Download the distribution from the 0.24.0 release

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	thunder-0.24.0-macos-arm64.zip
   macOS	x64 (Intel)	thunder-0.24.0-macos-x64.zip
   Linux	x64	thunder-0.24.0-linux-x64.zip
   Linux	ARM64	thunder-0.24.0-linux-arm64.zip
   Windows	x64	thunder-0.24.0-win-x64.zip

2. Unzip the product

   Unzip the downloaded file using the following command:

   unzip thunder-0.24.0-<os>-<arch>.zip

   Navigate to the unzipped directory:

   cd thunder-0.24.0-<os>-<arch>/

3. Setup the product

   You need to setup the server with the initial configurations and data before starting the server for the first time.

   If you are using a Linux or macOS machine:

   ./setup.sh

   If you are using a Windows machine:

   .\setup.ps1

   Note the id of the sample app indicated with the log line [INFO] Sample App ID: <id>. You'll need it for the sample app configuration.

4. Start the product

   If you are using a Linux or macOS machine:

   ./start.sh

   If you are using a Windows machine:

   .\start.ps1

   The product will start on https://localhost:8090.

Option 2: Run with Docker Compose

Follow these steps to run WSO2 Thunder using Docker Compose.

1. Download the Docker Compose file

   Download the docker-compose.yml file using the following command:

   curl -o docker-compose.yml https://raw.githubusercontent.com/asgardeo/thunder/v0.24.0/install/quick-start/docker-compose.yml

2. Start Thunder

   Run the following command in the directory where you downloaded the docker-compose.yml file:

   docker compose up

   This will automatically:

   • Initialize the database
   • Run the setup process
   • Start the Thunder server

   Note the id of the sample app indicated with the log line [INFO] Sample App ID: <id> in the setup logs. You'll need it for the sample app configuration.

   The product will start on https://localhost:8090.

Try Out the Product

Try out the Developer Console

Follow these steps to access the Developer Console:

1. Open your browser and navigate to https://localhost:8090/develop.

2. Log in using the admin credentials created during the initial data setup (admin / admin).

Try Out with the Sample App

Thunder provides two sample applications to help you get started quickly:

• React Vanilla Sample — Sample React application demonstrating direct API integration without external SDKs. Supports Native Flow API or Standard OAuth/OIDC.
• React SDK Sample — Sample React application demonstrating SDK-based integration using @asgardeo/react for OAuth 2.0/OIDC authentication.

React Vanilla Sample

1. Download the sample

...

Thunder v0.23.0

WSO2 Thunder ⚡

Identity Management Suite

Thunder is a modern, open-source identity management service designed for teams building secure, customizable authentication experiences across applications, services, and AI agents. It enables developers to design and orchestrate login, registration, and recovery flows using a flexible identity flow designer.

Designed for extensibility, scalability, and seamless containerized deployment, Thunder integrates naturally with microservices and DevOps environments—serving as the core identity layer for your cloud platform.

What's Changed

⚠️ Breaking Changes

• Refactor application DB schema by @thiva-k in #1444
• Add support for external IDPs in user invite flows by @thiva-k in #1448
• Add user core pluggability by @ThumulaPerera in #1420
• Remove application-level issuer configs by @thiva-k in #1464
• Add authorization for DCR endpoint by @thiva-k in #1486

🚀 Features

• Introduce an aggregated flow metadata endpoint by @brionmario in #1410
• Add group management UI by @DonOmalVindula in #1483

✨ Improvements

• Resource service context propagation and transection usage by @JeethJJ in #1402
• [DOC] Add Passkey Docs by @KaveeshaPiumini in #1333
• Ignore generated release page from commits by @himeshsiriwardana in #1408
• Improve declarative resources in OU by @rajithacharith in #1419
• Add Gateway API HTTPRoute support in helm chart by @isala404 in #1403
• Update Go version to 1.26 by @thiva-k in #1437
• Update golang base image by @ayeshajay in #1433
• Composite store support for Flows by @rajithacharith in #1404
• Add onIncomplete support for task execution nodes by @ThaminduDilshan in #1454
• Improve skip security middleware handling by @thiva-k in #1453
• Add group member add/remove endpoints and other improvements to /groups endpoint by @DonOmalVindula in #1434
• Add composite store support for applications by @rajithacharith in #1396
• Add onIncomplete edge support to the flow builder by @ThaminduDilshan in #1468
• Userschema service context propagation and transection usage by @JeethJJ in #1436

🐛 Bug Fixes

• Improve client secret update logic by @thiva-k in #1415
• Add scope_claims, Scopes, and UserInfo to declartive resource parsing by @rajithacharith in #1449
• Allow retrying authentication with basic auth errors by @ThaminduDilshan in #1477
• Fix user credential update through PUT endpoint by @nishagii in #1432

New Contributors

• @sacrana0 made their first contribution in #1413
• @isala404 made their first contribution in #1403
• @nishagii made their first contribution in #1432

Full Changelog: v0.22.0...v0.23.0

⚡ Quickstart

This Quickstart guide will help you get started with WSO2 Thunder quickly. It walks you through downloading and running the product, trying out the sample app, and exploring registering a user, logging in, and using the Client Credentials flow.

Download and Run WSO2 Thunder

You can run WSO2 Thunder either by downloading the release artifact or using the official Docker image.

Option 1: Run from Release Artifact

Follow these steps to download the 0.23.0 release of WSO2 Thunder and run it locally.

1. Download the distribution from the 0.23.0 release

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	thunder-0.23.0-macos-arm64.zip
   macOS	x64 (Intel)	thunder-0.23.0-macos-x64.zip
   Linux	x64	thunder-0.23.0-linux-x64.zip
   Linux	ARM64	thunder-0.23.0-linux-arm64.zip
   Windows	x64	thunder-0.23.0-win-x64.zip

2. Unzip the product

   Unzip the downloaded file using the following command:

   unzip thunder-0.23.0-<os>-<arch>.zip

   Navigate to the unzipped directory:

   cd thunder-0.23.0-<os>-<arch>/

3. Setup the product

   You need to setup the server with the initial configurations and data before starting the server for the first time.

   If you are using a Linux or macOS machine:

   ./setup.sh

   If you are using a Windows machine:

   .\setup.ps1

   Note the id of the sample app indicated with the log line [INFO] Sample App ID: <id>. You'll need it for the sample app configuration.

4. Start the product

   If you are using a Linux or macOS machine:

   ./start.sh

   If you are using a Windows machine:

   .\start.ps1

   The product will start on https://localhost:8090.

Option 2: Run with Docker Compose

Follow these steps to run WSO2 Thunder using Docker Compose.

1. Download the Docker Compose file

   Download the docker-compose.yml file using the following command:

   curl -o docker-compose.yml https://raw.githubusercontent.com/asgardeo/thunder/v0.23.0/install/quick-start/docker-compose.yml

2. Start Thunder

   Run the following command in the directory where you downloaded the docker-compose.yml file:

   docker compose up

   This will automatically:

   • Initialize the database
   • Run the setup process
   • Start the Thunder server

   Note the id of the sample app indicated with the log line [INFO] Sample App ID: <id> in the setup logs. You'll need it for the sample app configuration.

   The product will start on https://localhost:8090.

Try Out the Product

Try out the Developer Console

Follow these steps to access the Developer Console:

1. Open your browser and navigate to https://localhost:8090/develop.

2. Log in using the admin credentials created during the initial data setup (admin / admin).

Try Out with the Sample App

Thunder provides two sample applications to help you get started quickly:

• React Vanilla Sample — Sample React application demonstrating direct API integration without external SDKs. Supports Native Flow API or Standard OAuth/OIDC.
• React SDK Sample — Sample React application demonstrating SDK-based integration using @asgardeo/react for OAuth 2.0/OIDC authentication.

React Vanilla Sample

1. Download the sample

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	sample-app-react-vanilla-0.23.0-macos-arm64.zip
   macOS	x64 (Intel)	sample-app-react-vanilla-0.23.0-macos-x64.zip
   Linux	x64	sample-app-react-vanilla-0.23.0-linux-x64.zip
   Linux	ARM64	sample-app-react-vanilla-0.23.0-linux-arm64.zip
   Windows	x64	sample-app-react-vanilla-0.23.0-win-x64.zip

2. Unzip and navigate to the sample app directory

   unzip sample-app-react-vanilla-0.23.0-<os>-<arch>.zip
   cd sample-app-react-vanilla-0.23.0-<os>-<arch>/

3. Configure the sample

   Open app/runtime.json and set the applicationID to the sample app ID generated during "Setup the product":

   {
       "applicationID": "{your-application-id}"
   }

4. Start the sample

   ./start.sh

   Open your browser and navigate to https://localhost:3000 to access the sample app.

   📖 Refer to the README.md inside the extracted sample app for detailed configuration options including OAuth redirect-based login.

React SDK Sample

1. Download the sample

   | OS | Architecture | Download Link |
   |-------|-------------...

Thunder v0.22.0

WSO2 Thunder ⚡

Identity Management Suite

Thunder is a modern, open-source identity management service designed for teams building secure, customizable authentication experiences across applications, services, and AI agents. It enables developers to design and orchestrate login, registration, and recovery flows using a flexible identity flow designer.

Designed for extensibility, scalability, and seamless containerized deployment, Thunder integrates naturally with microservices and DevOps environments—serving as the core identity layer for your cloud platform.

What's Changed

⚠️ Breaking Changes

• Update auth assertion callback URL by @thiva-k in #1311
• Add support for configuring separate attributes for OIDC userinfo by @ThaminduDilshan in #1309
• Introduce a new /design API to replace /branding API by @brionmario in #1326

✨ Improvements

• Add MCP authorization by @thiva-k in #1184
• Disable registration flow in Develop App by @KaveeshaPiumini in #1330
• Reorganize JWT/JWE into JOSE package structure by @Copilot in #1307
• Added copilot instructions for documentation and vale rules for style checks by @himeshsiriwardana in #1303
• Update Passkey Authentication Atomic APIs by @KaveeshaPiumini in #1346
• Add Passkey as an authentication option and dynamically construct the authentication flow graphs at Application Creation by @KaveeshaPiumini in #1348
• Add user info config view to application edit by @ThaminduDilshan in #1337
• Add claims locales parameter support in authorize request by @thiva-k in #1336
• Group service context propagation and transection usage by @JeethJJ in #1344
• Implement Organization Unit Tree UI by @DonOmalVindula in #1350
• Remove Session Cleanup of WebAuthn Session Data Table by @KaveeshaPiumini in #1372
• Add claims support to OIDC discovery by @thiva-k in #1328
• Add offset limit support to composite store by @rajithacharith in #1305
• Added a style guide for human authors and improved agent instructions by @himeshsiriwardana in #1379
• Make appId, idpId, senderId available for flow context by @ThaminduDilshan in #1380
• Improve handling credential inputs in authentication flows by @ThaminduDilshan in #1384
• Cert service context propagation and transection usage by @JeethJJ in #1360
• Add declarative resource support for themes and layouts by @rajithacharith in #1381
• Refactor MCP package by @thiva-k in #1352
• Add support to store a Logo URL & Design Preferences (Theme / Layout) per OU by @brionmario in #1383
• Introduce a Releases page in Thunder documentation by @LinukaAr in #1387

🐛 Bug Fixes

• Stop browsers from caching index.html files by @brionmario in #1324
• Fix incorrect registration flow inference for passkey on-the-fly registration flows by @KaveeshaPiumini in #1331
• Add openid scope validation for userinfo endpoint by @thiva-k in #1371
• Fix on the fly passkey registration ending up in infinite loops because of unnecessary onFailure options. by @KaveeshaPiumini in #1375
• Fix unique attribute conflict with same user when updating by @ThumulaPerera in #1382
• Fix child OU save bug by @DonOmalVindula in #1388
• Add foreign key pragma configs for sqlite by @ThaminduDilshan in #1392
• Add registration graph for default-basic-passkey-flow by @KaveeshaPiumini in #1395

New Contributors

• @LinukaAr made their first contribution in #1387

Full Changelog: v0.21.0...v0.22.0

⚡ Quickstart

This Quickstart guide will help you get started with WSO2 Thunder quickly. It walks you through downloading and running the product, trying out the sample app, and exploring registering a user, logging in, and using the Client Credentials flow.

Download and Run WSO2 Thunder

You can run WSO2 Thunder either by downloading the release artifact or using the official Docker image.

Option 1: Run from Release Artifact

Follow these steps to download the 0.22.0 release of WSO2 Thunder and run it locally.

1. Download the distribution from the 0.22.0 release

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	thunder-0.22.0-macos-arm64.zip
   macOS	x64 (Intel)	thunder-0.22.0-macos-x64.zip
   Linux	x64	thunder-0.22.0-linux-x64.zip
   Linux	ARM64	thunder-0.22.0-linux-arm64.zip
   Windows	x64	thunder-0.22.0-win-x64.zip

2. Unzip the product

   Unzip the downloaded file using the following command:

   unzip thunder-0.22.0-<os>-<arch>.zip

   Navigate to the unzipped directory:

   cd thunder-0.22.0-<os>-<arch>/

3. Setup the product

   You need to setup the server with the initial configurations and data before starting the server for the first time.

   If you are using a Linux or macOS machine:

   ./setup.sh

   If you are using a Windows machine:

   .\setup.ps1

   Note the id of the sample app indicated with the log line [INFO] Sample App ID: <id>. You'll need it for the sample app configuration.

4. Start the product

   If you are using a Linux or macOS machine:

   ./start.sh

   If you are using a Windows machine:

   .\start.ps1

   The product will start on https://localhost:8090.

Option 2: Run with Docker Compose

Follow these steps to run WSO2 Thunder using Docker Compose.

1. Download the Docker Compose file

   Download the docker-compose.yml file using the following command:

   curl -o docker-compose.yml https://raw.githubusercontent.com/asgardeo/thunder/v0.22.0/install/quick-start/docker-compose.yml

2. Start Thunder

   Run the following command in the directory where you downloaded the docker-compose.yml file:

   docker compose up

   This will automatically:

   • Initialize the database
   • Run the setup process
   • Start the Thunder server

   Note the id of the sample app indicated with the log line [INFO] Sample App ID: <id> in the setup logs. You'll need it for the sample app configuration.

   The product will start on https://localhost:8090.

Try Out the Product

Try out the Developer Console

Follow these steps to access the Developer Console:

1. Open your browser and navigate to https://localhost:8090/develop.

2. Log in using the admin credentials created during the initial data setup (admin / admin).

Try Out with the Sample App

Thunder provides two sample applications to help you get started quickly:

• React Vanilla Sample — Sample React application demonstrating direct API integration without external SDKs. Supports Native Flow API or Standard OAuth/OIDC.
• React SDK Sample — Sample React application demonstrating SDK-based integration using @asgardeo/react for OAuth 2.0/OIDC authentication.

React Vanilla Sample

1. Download the sample

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	sample-app-react-vanilla-0.22.0-macos-arm64.zip
   macOS	x64 (Intel)	sample-app-react-vanilla-0.22.0-macos-x64.zip
   Linux	x64	sample-app-react-vanilla-0.22.0-linux-x64.zip
   Linux	ARM64	sample-app-react-vanilla-0.22.0-linux-arm64.zip
   Windows	x64	[sample-app-react-vanilla-0.22.0-win-x64.zip](https://gith...