Thunder v0.22.0

WSO2 Thunder ⚡

Identity Management Suite

Thunder is a modern, open-source identity management service designed for teams building secure, customizable authentication experiences across applications, services, and AI agents. It enables developers to design and orchestrate login, registration, and recovery flows using a flexible identity flow designer.

Designed for extensibility, scalability, and seamless containerized deployment, Thunder integrates naturally with microservices and DevOps environments—serving as the core identity layer for your cloud platform.

What's Changed

⚠️ Breaking Changes

• Update auth assertion callback URL by @thiva-k in #1311
• Add support for configuring separate attributes for OIDC userinfo by @ThaminduDilshan in #1309
• Introduce a new /design API to replace /branding API by @brionmario in #1326

✨ Improvements

• Add MCP authorization by @thiva-k in #1184
• Disable registration flow in Develop App by @KaveeshaPiumini in #1330
• Reorganize JWT/JWE into JOSE package structure by @Copilot in #1307
• Added copilot instructions for documentation and vale rules for style checks by @himeshsiriwardana in #1303
• Update Passkey Authentication Atomic APIs by @KaveeshaPiumini in #1346
• Add Passkey as an authentication option and dynamically construct the authentication flow graphs at Application Creation by @KaveeshaPiumini in #1348
• Add user info config view to application edit by @ThaminduDilshan in #1337
• Add claims locales parameter support in authorize request by @thiva-k in #1336
• Group service context propagation and transection usage by @JeethJJ in #1344
• Implement Organization Unit Tree UI by @DonOmalVindula in #1350
• Remove Session Cleanup of WebAuthn Session Data Table by @KaveeshaPiumini in #1372
• Add claims support to OIDC discovery by @thiva-k in #1328
• Add offset limit support to composite store by @rajithacharith in #1305
• Added a style guide for human authors and improved agent instructions by @himeshsiriwardana in #1379
• Make appId, idpId, senderId available for flow context by @ThaminduDilshan in #1380
• Improve handling credential inputs in authentication flows by @ThaminduDilshan in #1384
• Cert service context propagation and transection usage by @JeethJJ in #1360
• Add declarative resource support for themes and layouts by @rajithacharith in #1381
• Refactor MCP package by @thiva-k in #1352
• Add support to store a Logo URL & Design Preferences (Theme / Layout) per OU by @brionmario in #1383
• Introduce a Releases page in Thunder documentation by @LinukaAr in #1387

🐛 Bug Fixes

• Stop browsers from caching index.html files by @brionmario in #1324
• Fix incorrect registration flow inference for passkey on-the-fly registration flows by @KaveeshaPiumini in #1331
• Add openid scope validation for userinfo endpoint by @thiva-k in #1371
• Fix on the fly passkey registration ending up in infinite loops because of unnecessary onFailure options. by @KaveeshaPiumini in #1375
• Fix unique attribute conflict with same user when updating by @ThumulaPerera in #1382
• Fix child OU save bug by @DonOmalVindula in #1388
• Add foreign key pragma configs for sqlite by @ThaminduDilshan in #1392
• Add registration graph for default-basic-passkey-flow by @KaveeshaPiumini in #1395

New Contributors

• @LinukaAr made their first contribution in #1387

Full Changelog: v0.21.0...v0.22.0

⚡ Quickstart

This Quickstart guide will help you get started with WSO2 Thunder quickly. It walks you through downloading and running the product, trying out the sample app, and exploring registering a user, logging in, and using the Client Credentials flow.

Download and Run WSO2 Thunder

You can run WSO2 Thunder either by downloading the release artifact or using the official Docker image.

Option 1: Run from Release Artifact

Follow these steps to download the 0.22.0 release of WSO2 Thunder and run it locally.

1. Download the distribution from the 0.22.0 release

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	thunder-0.22.0-macos-arm64.zip
   macOS	x64 (Intel)	thunder-0.22.0-macos-x64.zip
   Linux	x64	thunder-0.22.0-linux-x64.zip
   Linux	ARM64	thunder-0.22.0-linux-arm64.zip
   Windows	x64	thunder-0.22.0-win-x64.zip

2. Unzip the product

   Unzip the downloaded file using the following command:

   unzip thunder-0.22.0-<os>-<arch>.zip

   Navigate to the unzipped directory:

   cd thunder-0.22.0-<os>-<arch>/

3. Setup the product

   You need to setup the server with the initial configurations and data before starting the server for the first time.

   If you are using a Linux or macOS machine:

   ./setup.sh

   If you are using a Windows machine:

   .\setup.ps1

   Note the id of the sample app indicated with the log line [INFO] Sample App ID: <id>. You'll need it for the sample app configuration.

4. Start the product

   If you are using a Linux or macOS machine:

   ./start.sh

   If you are using a Windows machine:

   .\start.ps1

   The product will start on https://localhost:8090.

Option 2: Run with Docker Compose

Follow these steps to run WSO2 Thunder using Docker Compose.

1. Download the Docker Compose file

   Download the docker-compose.yml file using the following command:

   curl -o docker-compose.yml https://raw.githubusercontent.com/asgardeo/thunder/v0.22.0/install/quick-start/docker-compose.yml

2. Start Thunder

   Run the following command in the directory where you downloaded the docker-compose.yml file:

   docker compose up

   This will automatically:

   • Initialize the database
   • Run the setup process
   • Start the Thunder server

   Note the id of the sample app indicated with the log line [INFO] Sample App ID: <id> in the setup logs. You'll need it for the sample app configuration.

   The product will start on https://localhost:8090.

Try Out the Product

Try out the Developer Console

Follow these steps to access the Developer Console:

1. Open your browser and navigate to https://localhost:8090/develop.

2. Log in using the admin credentials created during the initial data setup (admin / admin).

Try Out with the Sample App

Thunder provides two sample applications to help you get started quickly:

• React Vanilla Sample — Sample React application demonstrating direct API integration without external SDKs. Supports Native Flow API or Standard OAuth/OIDC.
• React SDK Sample — Sample React application demonstrating SDK-based integration using @asgardeo/react for OAuth 2.0/OIDC authentication.

React Vanilla Sample

1. Download the sample

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	sample-app-react-vanilla-0.22.0-macos-arm64.zip
   macOS	x64 (Intel)	sample-app-react-vanilla-0.22.0-macos-x64.zip
   Linux	x64	sample-app-react-vanilla-0.22.0-linux-x64.zip
   Linux	ARM64	sample-app-react-vanilla-0.22.0-linux-arm64.zip
   Windows	x64	[sample-app-react-vanilla-0.22.0-win-x64.zip](https://gith...

Thunder v0.21.0

WSO2 Thunder ⚡

Identity Management Suite

Thunder is a modern, open-source identity management service designed for teams building secure, customizable authentication experiences across applications, services, and AI agents. It enables developers to design and orchestrate login, registration, and recovery flows using a flexible identity flow designer.

Designed for extensibility, scalability, and seamless containerized deployment, Thunder integrates naturally with microservices and DevOps environments—serving as the core identity layer for your cloud platform.

What's Changed

⚠️ Breaking Changes

• Rename application root level token config to assertion by @ThaminduDilshan in #1266

🚀 Features

• Implement JWE service by @hwupathum in #1267
• Username-less passkey authentication by @KaveeshaPiumini in #1268

✨ Improvements

• Add unit tests for thunder-gate app by @DonOmalVindula in #1255
• refactor: migrate from UUIDv4 to UUIDv7 across all resources by @priyanshoon in #1235
• Add required_attributes support for OAuth and auth assertion executor by @thiva-k in #1258
• Unify passkey authentication and registration flow graph handles by @KaveeshaPiumini in #1287
• Role service context propagation and transection usage by @JeethJJ in #1279
• Generate separate key pair for digital signatures by @Copilot in #1131
• React Vanilla Sample App Improvements for Passkey by @KaveeshaPiumini in #1293
• Introduce claims support for OAuth flows by @thiva-k in #1288

🐛 Bug Fixes

• Fix run command issues on Windows Platforms by @brionmario in #1302
• Add an option to copy the client secret of confidential apps by @brionmario in #1323

New Contributors

• @priyanshoon made their first contribution in #1235

Full Changelog: v0.20.0...v0.21.0

⚡ Quickstart

This Quickstart guide will help you get started with WSO2 Thunder quickly. It walks you through downloading and running the product, trying out the sample app, and exploring registering a user, logging in, and using the Client Credentials flow.

Download and Run WSO2 Thunder

You can run WSO2 Thunder either by downloading the release artifact or using the official Docker image.

Option 1: Run from Release Artifact

Follow these steps to download the 0.21.0 release of WSO2 Thunder and run it locally.

1. Download the distribution from the 0.21.0 release

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	thunder-0.21.0-macos-arm64.zip
   macOS	x64 (Intel)	thunder-0.21.0-macos-x64.zip
   Linux	x64	thunder-0.21.0-linux-x64.zip
   Linux	ARM64	thunder-0.21.0-linux-arm64.zip
   Windows	x64	thunder-0.21.0-win-x64.zip

2. Unzip the product

   Unzip the downloaded file using the following command:

   unzip thunder-0.21.0-<os>-<arch>.zip

   Navigate to the unzipped directory:

   cd thunder-0.21.0-<os>-<arch>/

3. Setup the product

   You need to setup the server with the initial configurations and data before starting the server for the first time.

   If you are using a Linux or macOS machine:

   ./setup.sh

   If you are using a Windows machine:

   .\setup.ps1

   Note the id of the sample app indicated with the log line [INFO] Sample App ID: <id>. You'll need it for the sample app configuration.

4. Start the product

   If you are using a Linux or macOS machine:

   ./start.sh

   If you are using a Windows machine:

   .\start.ps1

   The product will start on https://localhost:8090.

Option 2: Run with Docker Compose

Follow these steps to run WSO2 Thunder using Docker Compose.

1. Download the Docker Compose file

   Download the docker-compose.yml file using the following command:

   curl -o docker-compose.yml https://raw.githubusercontent.com/asgardeo/thunder/v0.16.0/install/quick-start/docker-compose.yml

2. Start Thunder

   Run the following command in the directory where you downloaded the docker-compose.yml file:

   docker compose up

   This will automatically:

   • Initialize the database
   • Run the setup process
   • Start the Thunder server

   Note the id of the sample app indicated with the log line [INFO] Sample App ID: <id> in the setup logs. You'll need it for the sample app configuration.

   The product will start on https://localhost:8090.

Try Out the Product

Try out the Developer Console

Follow these steps to access the Developer Console:

1. Open your browser and navigate to https://localhost:8090/develop.

2. Log in using the admin credentials created during the initial data setup (admin / admin).

Try Out with the Sample App

Thunder provides two sample applications to help you get started quickly:

• React Vanilla Sample — Sample React application demonstrating direct API integration without external SDKs. Supports Native Flow API or Standard OAuth/OIDC.
• React SDK Sample — Sample React application demonstrating SDK-based integration using @asgardeo/react for OAuth 2.0/OIDC authentication.

React Vanilla Sample

1. Download the sample

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	sample-app-react-vanilla-0.21.0-macos-arm64.zip
   macOS	x64 (Intel)	sample-app-react-vanilla-0.21.0-macos-x64.zip
   Linux	x64	sample-app-react-vanilla-0.21.0-linux-x64.zip
   Linux	ARM64	sample-app-react-vanilla-0.21.0-linux-arm64.zip
   Windows	x64	sample-app-react-vanilla-0.21.0-win-x64.zip

2. Unzip and navigate to the sample app directory

   unzip sample-app-react-vanilla-0.21.0-<os>-<arch>.zip
   cd sample-app-react-vanilla-0.21.0-<os>-<arch>/

3. Configure the sample

   Open app/runtime.json and set the applicationID to the sample app ID generated during "Setup the product":

   {
       "applicationID": "{your-application-id}"
   }

4. Start the sample

   ./start.sh

   Open your browser and navigate to https://localhost:3000 to access the sample app.

   📖 Refer to the README.md inside the extracted sample app for detailed configuration options including OAuth redirect-based login.

React SDK Sample

1. Download the sample

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	sample-app-react-sdk-0.21.0-macos-arm64.zip
   macOS	x64 (Intel)	sample-app-react-sdk-0.21.0-macos-x64.zip
   Linux	x64	sample-app-react-sdk-0.21.0-linux-x64.zip
   Linux	ARM64	sample-app-react-sdk-0.21.0-linux-arm64.zip
   Windows	x64	sample-app-react-sdk-0.21.0-win-x64.zip

2. Unzip and navigate to the sample app directory

   unzip sample-app-react-sdk-0.21.0-<os>-<arch>.zip
   cd sample-app-react-sdk-0.21.0-<os>-<arch>/

3. Start the sample

   ./start.sh

   Open your browser and navigate to https://localhost:3000 to access the sample app.

   📖 Refer to the README.md inside the extracted sample app for detailed configuration and troubleshooting.

Self Register and Login (...

Thunder v0.20.0

WSO2 Thunder ⚡

Identity Management Suite

Thunder is a modern, open-source identity management service designed for teams building secure, customizable authentication experiences across applications, services, and AI agents. It enables developers to design and orchestrate login, registration, and recovery flows using a flexible identity flow designer.

Designed for extensibility, scalability, and seamless containerized deployment, Thunder integrates naturally with microservices and DevOps environments—serving as the core identity layer for your cloud platform.

What's Changed

⚠️ Breaking Changes

• Rename from immutable resources to declarative resources by @rajithacharith in #1182
• Improve Passkey Authentication by Enabling Attribute-Based User Identification by @KaveeshaPiumini in #1203
• Improve default attributes handling in flows and oauth by @thiva-k in #1248

🚀 Features

• Add passkey support for the React Vanilla Sample App by @KaveeshaPiumini in #1096
• Introduce Thunder Documentation by @brionmario in #1188
• Implement OU management UI by @DonOmalVindula in #1215

✨ Improvements

• Add passkey template and components to the login flow builder by @DonOmalVindula in #1173
• Onboard i18n support to flow builder UI components and improve test coverage in thunder-develop app by @DonOmalVindula in #1175
• Add step-up auth via SMS OTP to react-api-based-sample by @thiva-k in #1186
• Bump SDK version for react-sdk-sample app by @KaveeshaPiumini in #1194
• Improve UI support for passkey executor in react-vanilla-sample app by @KaveeshaPiumini in #1195
• Bump to @asgardeo/react v0.9.2 with auto-login after signup support by @thiva-k in #1190
• Add passkey registration for login flow templates and improvements to flow-builder UI by @DonOmalVindula in #1213
• Optimize user store calls in BasicAuth and SMSAuth executors by @thiva-k in #1201
• Refactor user service to use transactions by @JeethJJ in #1205
• Add shared testing utilities for Thunder applications by @DonOmalVindula in #1244
• Improve prompt nodes to auto select single actions by @ThaminduDilshan in #1247
• Support k8s secrets for db passwords by @rajithacharith in #1245

🐛 Bug Fixes

• Fix bootstrap scripts to fetch OUs by handle instead of picking first from list by @rajithacharith in #1169
• Fix auto-login after self-registration by @thiva-k in #1170
• Add leeway for time claims in token validation by @thiva-k in #1189
• Fix the ID Token Validation issues due to invalid Issuer configured in the SDK by @brionmario in #1232

Full Changelog: v0.19.0...v0.20.0

⚡ Quickstart

This Quickstart guide will help you get started with WSO2 Thunder quickly. It walks you through downloading and running the product, trying out the sample app, and exploring registering a user, logging in, and using the Client Credentials flow.

Download and Run WSO2 Thunder

You can run WSO2 Thunder either by downloading the release artifact or using the official Docker image.

Option 1: Run from Release Artifact

Follow these steps to download the 0.20.0 release of WSO2 Thunder and run it locally.

1. Download the distribution from the 0.20.0 release

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	thunder-0.20.0-macos-arm64.zip
   macOS	x64 (Intel)	thunder-0.20.0-macos-x64.zip
   Linux	x64	thunder-0.20.0-linux-x64.zip
   Linux	ARM64	thunder-0.20.0-linux-arm64.zip
   Windows	x64	thunder-0.20.0-win-x64.zip

2. Unzip the product

   Unzip the downloaded file using the following command:

   unzip thunder-0.20.0-<os>-<arch>.zip

   Navigate to the unzipped directory:

   cd thunder-0.20.0-<os>-<arch>/

3. Setup the product

   You need to setup the server with the initial configurations and data before starting the server for the first time.

   If you are using a Linux or macOS machine:

   ./setup.sh

   If you are using a Windows machine:

   .\setup.ps1

   Note the id of the sample app indicated with the log line [INFO] Sample App ID: <id>. You'll need it for the sample app configuration.

4. Start the product

   If you are using a Linux or macOS machine:

   ./start.sh

   If you are using a Windows machine:

   .\start.ps1

   The product will start on https://localhost:8090.

Option 2: Run with Docker Compose

Follow these steps to run WSO2 Thunder using Docker Compose.

1. Download the Docker Compose file

   Download the docker-compose.yml file using the following command:

   curl -o docker-compose.yml https://raw.githubusercontent.com/asgardeo/thunder/v0.16.0/install/quick-start/docker-compose.yml

2. Start Thunder

   Run the following command in the directory where you downloaded the docker-compose.yml file:

   docker compose up

   This will automatically:

   • Initialize the database
   • Run the setup process
   • Start the Thunder server

   Note the id of the sample app indicated with the log line [INFO] Sample App ID: <id> in the setup logs. You'll need it for the sample app configuration.

   The product will start on https://localhost:8090.

Try Out the Product

Try out the Developer Console

Follow these steps to access the Developer Console:

1. Open your browser and navigate to https://localhost:8090/develop.

2. Log in using the admin credentials created during the initial data setup (admin / admin).

Try Out with the Sample App

Thunder provides two sample applications to help you get started quickly:

• React Vanilla Sample — Sample React application demonstrating direct API integration without external SDKs. Supports Native Flow API or Standard OAuth/OIDC.
• React SDK Sample — Sample React application demonstrating SDK-based integration using @asgardeo/react for OAuth 2.0/OIDC authentication.

React Vanilla Sample

1. Download the sample

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	sample-app-react-vanilla-0.20.0-macos-arm64.zip
   macOS	x64 (Intel)	sample-app-react-vanilla-0.20.0-macos-x64.zip
   Linux	x64	sample-app-react-vanilla-0.20.0-linux-x64.zip
   Linux	ARM64	sample-app-react-vanilla-0.20.0-linux-arm64.zip
   Windows	x64	sample-app-react-vanilla-0.20.0-win-x64.zip

2. Unzip and navigate to the sample app directory

   unzip sample-app-react-vanilla-0.20.0-<os>-<arch>.zip
   cd sample-app-react-vanilla-0.20.0-<os>-<arch>/

3. Configure the sample

   Open app/runtime.json and set the applicationID to the sample app ID generated during "Setup the product":

   {
       "applicationID": "{your-application-id}"
   }

4. Start the sample

   ./start.sh

   Open your browser and navigate to https://localhost:3000 to access the sample app.

   📖 Refer to the README.md inside the extracted sample app for detailed configuration options including OAuth redirect-based login.

React SDK Sample

1. Download the sample

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	sample-app-react-sdk-0.20.0-macos-arm64.zip
   macOS	x64 (Intel)	[sample-app-react-sdk-0.20.0-macos-x64.zip](https://githu...

Thunder v0.19.0

WSO2 Thunder ⚡

Identity Management Suite

Thunder is a modern, open-source identity management service designed for teams building secure, customizable authentication experiences across applications, services, and AI agents. It enables developers to design and orchestrate login, registration, and recovery flows using a flexible identity flow designer.

Designed for extensibility, scalability, and seamless containerized deployment, Thunder integrates naturally with microservices and DevOps environments—serving as the core identity layer for your cloud platform.

What's Changed

🚀 Features

• Introduce initial MCP setup with application and flow tools by @thiva-k in #1122
• Add admin-initiated user registration flow support by @thiva-k in #1042
• Onboard application editing capabilities by @brionmario in #1150
• Introduce User Invite feature by @thiva-k in #1147
• Add passkey executor support for flow execution by @KaveeshaPiumini in #1104

✨ Improvements

• Add react-api-based-sample app to the release artifacts by @DonOmalVindula in #1101
• Allow defining meta for TASK_EXECUTION nodes by @ThaminduDilshan in #1105
• Bump golang.org/x/crypto from 0.44.0 to 0.45.0 in /backend by @dependabot[bot] in #1108
• Remove i18n keys from default flows by @ThaminduDilshan in #1118
• Add i18n resolution support for the flow builder UI by @DonOmalVindula in #1120
• Add React SDK integration MCP tool by @thiva-k in #1123
• Improve templated defaults in application MCP tools by @thiva-k in #1127
• Improve thunder develop test coverage by @DonOmalVindula in #1135
• Update invite link for onboarding flow by @thiva-k in #1143
• Change Internal Webauthn Wrapper Variables to Package Private and Replace Custom Mocks with Mockery by @KaveeshaPiumini in #1100
• Update default invite flow by @thiva-k in #1146
• Update JWKS service to retrieve all certificates by @hwupathum in #1137

🐛 Bug Fixes

• Fix setup.sh to run with bash by @darshanasbg in #1112
• Fix UserTypeResolver to return meta for the SDK UI rendering by @ThaminduDilshan in #1106
• Fix SMS OTP executor to prompt mobile during registration by @ThaminduDilshan in #1129
• Fix user schema export by @rajithacharith in #1102

Full Changelog: v0.18.0...v0.19.0

⚡ Quickstart

This Quickstart guide will help you get started with WSO2 Thunder quickly. It walks you through downloading and running the product, trying out the sample app, and exploring registering a user, logging in, and using the Client Credentials flow.

Download and Run WSO2 Thunder

You can run WSO2 Thunder either by downloading the release artifact or using the official Docker image.

Option 1: Run from Release Artifact

Follow these steps to download the 0.19.0 release of WSO2 Thunder and run it locally.

1. Download the distribution from the 0.19.0 release

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	thunder-0.19.0-macos-arm64.zip
   macOS	x64 (Intel)	thunder-0.19.0-macos-x64.zip
   Linux	x64	thunder-0.19.0-linux-x64.zip
   Linux	ARM64	thunder-0.19.0-linux-arm64.zip
   Windows	x64	thunder-0.19.0-win-x64.zip

2. Unzip the product

   Unzip the downloaded file using the following command:

   unzip thunder-0.19.0-<os>-<arch>.zip

   Navigate to the unzipped directory:

   cd thunder-0.19.0-<os>-<arch>/

3. Setup the product

   You need to setup the server with the initial configurations and data before starting the server for the first time.

   If you are using a Linux or macOS machine:

   ./setup.sh

   If you are using a Windows machine:

   .\setup.ps1

   Note the id of the sample app indicated with the log line [INFO] Sample App ID: <id>. You'll need it for the sample app configuration.

4. Start the product

   If you are using a Linux or macOS machine:

   ./start.sh

   If you are using a Windows machine:

   .\start.ps1

   The product will start on https://localhost:8090.

Option 2: Run with Docker Compose

Follow these steps to run WSO2 Thunder using Docker Compose.

1. Download the Docker Compose file

   Download the docker-compose.yml file using the following command:

   curl -o docker-compose.yml https://raw.githubusercontent.com/asgardeo/thunder/v0.16.0/install/quick-start/docker-compose.yml

2. Start Thunder

   Run the following command in the directory where you downloaded the docker-compose.yml file:

   docker compose up

   This will automatically:

   • Initialize the database
   • Run the setup process
   • Start the Thunder server

   Note the id of the sample app indicated with the log line [INFO] Sample App ID: <id> in the setup logs. You'll need it for the sample app configuration.

   The product will start on https://localhost:8090.

Try Out the Product

Try out the Developer Console

Follow these steps to access the Developer Console:

1. Open your browser and navigate to https://localhost:8090/develop.

2. Log in using the admin credentials created during the initial data setup (admin / admin).

Try Out with the Sample App

Thunder provides two sample applications to help you get started quickly:

• React Vanilla Sample — Sample React application demonstrating direct API integration without external SDKs. Supports Native Flow API or Standard OAuth/OIDC.
• React SDK Sample — Sample React application demonstrating SDK-based integration using @asgardeo/react for OAuth 2.0/OIDC authentication.

React Vanilla Sample

1. Download the sample

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	sample-app-react-vanilla-0.19.0-macos-arm64.zip
   macOS	x64 (Intel)	sample-app-react-vanilla-0.19.0-macos-x64.zip
   Linux	x64	sample-app-react-vanilla-0.19.0-linux-x64.zip
   Linux	ARM64	sample-app-react-vanilla-0.19.0-linux-arm64.zip
   Windows	x64	sample-app-react-vanilla-0.19.0-win-x64.zip

2. Unzip and navigate to the sample app directory

   unzip sample-app-react-vanilla-0.19.0-<os>-<arch>.zip
   cd sample-app-react-vanilla-0.19.0-<os>-<arch>/

3. Configure the sample

   Open app/runtime.json and set the applicationID to the sample app ID generated during "Setup the product":

   {
       "applicationID": "{your-application-id}"
   }

4. Start the sample

   ./start.sh

   Open your browser and navigate to https://localhost:3000 to access the sample app.

   📖 Refer to the README.md inside the extracted sample app for detailed configuration options including OAuth redirect-based login.

React SDK Sample

1. Download the sample

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	sample-app-react-sdk-0.19.0-macos-arm64.zip
   macOS	x64 (Intel)	sample-app-react-sdk-0.19.0-macos-x64.zip
   Linux	x64	sample-app-react-sdk-0.19.0-linux-x64.zip
   Linux	ARM64	[sample-app-react-sdk-0.19.0-linux-arm64.zip](https://github.com/asgardeo/thunder/releases/down...

Thunder v0.18.0

WSO2 Thunder ⚡

Identity Management Suite

Thunder is a modern, open-source identity management service designed for teams building secure, customizable authentication experiences across applications, services, and AI agents. It enables developers to design and orchestrate login, registration, and recovery flows using a flexible identity flow designer.

Designed for extensibility, scalability, and seamless containerized deployment, Thunder integrates naturally with microservices and DevOps environments—serving as the core identity layer for your cloud platform.

What's Changed

⚠️ Breaking Changes

• Introduce prompts to prompt nodes and improve input handling by @ThaminduDilshan in #1071

🚀 Features

• Add Atomic API based Passkey Registration and Authentication Support by @KaveeshaPiumini in #987
• Add transaction management infrastructure by @JeethJJ in #976

✨ Improvements

• Modify prompt nodes to use prompts and improve input handling by @ThaminduDilshan in #1074
• Improve server started log to indicate the startup time by @darshanasbg in #1064
• Refactor crypto services by @hwupathum in #1066
• Move to Thunder branding by @brionmario in #1097
• Add Atomic API react sample app to thunder by @DonOmalVindula in #1057

🐛 Bug Fixes

• Fix i18n message overriding precedence by @ThumulaPerera in #1040

Full Changelog: v0.17.0...v0.18.0

⚡ Quickstart

This Quickstart guide will help you get started with WSO2 Thunder quickly. It walks you through downloading and running the product, trying out the sample app, and exploring registering a user, logging in, and using the Client Credentials flow.

Download and Run WSO2 Thunder

You can run WSO2 Thunder either by downloading the release artifact or using the official Docker image.

Option 1: Run from Release Artifact

Follow these steps to download the 0.18.0 release of WSO2 Thunder and run it locally.

1. Download the distribution from the 0.18.0 release

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	thunder-0.18.0-macos-arm64.zip
   macOS	x64 (Intel)	thunder-0.18.0-macos-x64.zip
   Linux	x64	thunder-0.18.0-linux-x64.zip
   Linux	ARM64	thunder-0.18.0-linux-arm64.zip
   Windows	x64	thunder-0.18.0-win-x64.zip

2. Unzip the product

   Unzip the downloaded file using the following command:

   unzip thunder-0.18.0-<os>-<arch>.zip

   Navigate to the unzipped directory:

   cd thunder-0.18.0-<os>-<arch>/

3. Setup the product

   You need to setup the server with the initial configurations and data before starting the server for the first time.

   If you are using a Linux or macOS machine:

   ./setup.sh

   If you are using a Windows machine:

   .\setup.ps1

   Note the id of the sample app indicated with the log line [INFO] Sample App ID: <id>. You'll need it for the sample app configuration.

4. Start the product

   If you are using a Linux or macOS machine:

   ./start.sh

   If you are using a Windows machine:

   .\start.ps1

   The product will start on https://localhost:8090.

Option 2: Run with Docker Compose

Follow these steps to run WSO2 Thunder using Docker Compose.

1. Download the Docker Compose file

   Download the docker-compose.yml file using the following command:

   curl -o docker-compose.yml https://raw.githubusercontent.com/asgardeo/thunder/v0.16.0/install/quick-start/docker-compose.yml

2. Start Thunder

   Run the following command in the directory where you downloaded the docker-compose.yml file:

   docker compose up

   This will automatically:

   • Initialize the database
   • Run the setup process
   • Start the Thunder server

   Note the id of the sample app indicated with the log line [INFO] Sample App ID: <id> in the setup logs. You'll need it for the sample app configuration.

   The product will start on https://localhost:8090.

Try Out the Product

Try out the Developer Console

Follow these steps to access the Developer Console:

1. Open your browser and navigate to https://localhost:8090/develop.

2. Log in using the admin credentials created during the initial data setup (admin / admin).

Try Out with the Sample App

Thunder provides two sample applications to help you get started quickly:

• React Vanilla Sample — Sample React application demonstrating direct API integration without external SDKs. Supports Native Flow API or Standard OAuth/OIDC.
• React SDK Sample — Sample React application demonstrating SDK-based integration using @asgardeo/react for OAuth 2.0/OIDC authentication.

React Vanilla Sample

1. Download the sample

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	sample-app-react-vanilla-0.18.0-macos-arm64.zip
   macOS	x64 (Intel)	sample-app-react-vanilla-0.18.0-macos-x64.zip
   Linux	x64	sample-app-react-vanilla-0.18.0-linux-x64.zip
   Linux	ARM64	sample-app-react-vanilla-0.18.0-linux-arm64.zip
   Windows	x64	sample-app-react-vanilla-0.18.0-win-x64.zip

2. Unzip and navigate to the sample app directory

   unzip sample-app-react-vanilla-0.18.0-<os>-<arch>.zip
   cd sample-app-react-vanilla-0.18.0-<os>-<arch>/

3. Configure the sample

   Open app/runtime.json and set the applicationID to the sample app ID generated during "Setup the product":

   {
       "applicationID": "{your-application-id}"
   }

4. Start the sample

   ./start.sh

   Open your browser and navigate to https://localhost:3000 to access the sample app.

   📖 Refer to the README.md inside the extracted sample app for detailed configuration options including OAuth redirect-based login.

React SDK Sample

1. Download the sample

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	sample-app-react-sdk-0.18.0-macos-arm64.zip
   macOS	x64 (Intel)	sample-app-react-sdk-0.18.0-macos-x64.zip
   Linux	x64	sample-app-react-sdk-0.18.0-linux-x64.zip
   Linux	ARM64	sample-app-react-sdk-0.18.0-linux-arm64.zip
   Windows	x64	sample-app-react-sdk-0.18.0-win-x64.zip

2. Unzip and navigate to the sample app directory

   unzip sample-app-react-sdk-0.18.0-<os>-<arch>.zip
   cd sample-app-react-sdk-0.18.0-<os>-<arch>/

3. Start the sample

   ./start.sh

   Open your browser and navigate to https://localhost:3000 to access the sample app.

   📖 Refer to the README.md inside the extracted sample app for detailed configuration and troubleshooting.

Self Register and Login (React Vanilla Sample)

The React Vanilla sample supports user self-registration and login:

1. Open https://localhost:3000 and click "Sign up" to register a new user.

   

2. After registration, use the same credentials to "Sign In".

   

3. Upon successful login, you'll see the h...

Thunder v0.17.0

WSO2 Thunder ⚡

Identity Management Suite

Thunder is a modern, open-source identity management service designed for teams building secure, customizable authentication experiences across applications, services, and AI agents. It enables developers to design and orchestrate login, registration, and recovery flows using a flexible identity flow designer.

Designed for extensibility, scalability, and seamless containerized deployment, Thunder integrates naturally with microservices and DevOps environments—serving as the core identity layer for your cloud platform.

What's Changed

⚠️ Breaking Changes

• Rename flow graph id to flow id by @ThaminduDilshan in #1020
• Add config to change min TLS version by @hwupathum in #1038
• Refactor: change credential storage from array to Map by @KaveeshaPiumini in #958

🚀 Features

• Support multiple algorithms for JWT signing by @hwupathum in #1019

✨ Improvements

• Update flow docs by @ThaminduDilshan in #1025
• Integrate the thunder-logger by @brionmario in #1027
• Add immutable config support for I18n by @ThumulaPerera in #1007
• Update obtain Admin token documentation by @rajithacharith in #1037
• Improve logic in flow-builder UI and remove SCSS styling by @DonOmalVindula in #1024
• Introduce unit tests to the flow-builder by @DonOmalVindula in #1041
• Improve test coverage in develop app by @DonOmalVindula in #1048
• Bump golang.org/x/net from 0.19.0 to 0.38.0 in /backend by @dependabot[bot] in #1050
• Bump google.golang.org/protobuf from 1.32.0 to 1.33.0 in /backend by @dependabot[bot] in #1051
• Update dockerfile UID&GID to 10001 by @senthalan in #1043

🐛 Bug Fixes

• Remove outdated config from helm deployment yaml by @ThaminduDilshan in #1032
• Fix duplicate SMS OTP issue in the assurance authenticator list by @ThaminduDilshan in #1029
• Fix wildcard export for user-schemas and ou by @rajithacharith in #1011

Full Changelog: v0.16.0...v0.17.0

⚡ Quickstart

This Quickstart guide will help you get started with WSO2 Thunder quickly. It walks you through downloading and running the product, trying out the sample app, and exploring registering a user, logging in, and using the Client Credentials flow.

Download and Run WSO2 Thunder

You can run WSO2 Thunder either by downloading the release artifact or using the official Docker image.

Option 1: Run from Release Artifact

Follow these steps to download the 0.17.0 release of WSO2 Thunder and run it locally.

1. Download the distribution from the 0.17.0 release

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	thunder-0.17.0-macos-arm64.zip
   macOS	x64 (Intel)	thunder-0.17.0-macos-x64.zip
   Linux	x64	thunder-0.17.0-linux-x64.zip
   Linux	ARM64	thunder-0.17.0-linux-arm64.zip
   Windows	x64	thunder-0.17.0-win-x64.zip

2. Unzip the product

   Unzip the downloaded file using the following command:

   unzip thunder-0.17.0-<os>-<arch>.zip

   Navigate to the unzipped directory:

   cd thunder-0.17.0-<os>-<arch>/

3. Setup the product

   You need to setup the server with the initial configurations and data before starting the server for the first time.

   If you are using a Linux or macOS machine:

   ./setup.sh

   If you are using a Windows machine:

   .\setup.ps1

   Note the id of the sample app indicated with the log line [INFO] Sample App ID: <id>. You'll need it for the sample app configuration.

4. Start the product

   If you are using a Linux or macOS machine:

   ./start.sh

   If you are using a Windows machine:

   .\start.ps1

   The product will start on https://localhost:8090.

Option 2: Run with Docker Compose

Follow these steps to run WSO2 Thunder using Docker Compose.

1. Download the Docker Compose file

   Download the docker-compose.yml file using the following command:

   curl -o docker-compose.yml https://raw.githubusercontent.com/asgardeo/thunder/v0.16.0/install/quick-start/docker-compose.yml

2. Start Thunder

   Run the following command in the directory where you downloaded the docker-compose.yml file:

   docker compose up

   This will automatically:

   • Initialize the database
   • Run the setup process
   • Start the Thunder server

   Note the id of the sample app indicated with the log line [INFO] Sample App ID: <id> in the setup logs. You'll need it for the sample app configuration.

   The product will start on https://localhost:8090.

Try Out the Product

Try out the Developer Console

Follow these steps to access the Developer Console:

1. Open your browser and navigate to https://localhost:8090/develop.

2. Log in using the admin credentials created during the initial data setup (admin / admin).

Try Out with the Sample App

Thunder provides two sample applications to help you get started quickly:

• React Vanilla Sample — Sample React application demonstrating direct API integration without external SDKs. Supports Native Flow API or Standard OAuth/OIDC.
• React SDK Sample — Sample React application demonstrating SDK-based integration using @asgardeo/react for OAuth 2.0/OIDC authentication.

React Vanilla Sample

1. Download the sample

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	sample-app-react-vanilla-0.17.0-macos-arm64.zip
   macOS	x64 (Intel)	sample-app-react-vanilla-0.17.0-macos-x64.zip
   Linux	x64	sample-app-react-vanilla-0.17.0-linux-x64.zip
   Linux	ARM64	sample-app-react-vanilla-0.17.0-linux-arm64.zip
   Windows	x64	sample-app-react-vanilla-0.17.0-win-x64.zip

2. Unzip and navigate to the sample app directory

   unzip sample-app-react-vanilla-0.17.0-<os>-<arch>.zip
   cd sample-app-react-vanilla-0.17.0-<os>-<arch>/

3. Configure the sample

   Open app/runtime.json and set the applicationID to the sample app ID generated during "Setup the product":

   {
       "applicationID": "{your-application-id}"
   }

4. Start the sample

   ./start.sh

   Open your browser and navigate to https://localhost:3000 to access the sample app.

   📖 Refer to the README.md inside the extracted sample app for detailed configuration options including OAuth redirect-based login.

React SDK Sample

1. Download the sample

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	sample-app-react-sdk-0.17.0-macos-arm64.zip
   macOS	x64 (Intel)	sample-app-react-sdk-0.17.0-macos-x64.zip
   Linux	x64	sample-app-react-sdk-0.17.0-linux-x64.zip
   Linux	ARM64	sample-app-react-sdk-0.17.0-linux-arm64.zip
   Windows	x64	sample-app-react-sdk-0.17.0-win-x64.zip

2. Unzip and navigate to the sample app directory

   unzip sample-app-react-sdk-0.17.0-<os>-<arch>.zip
   cd sample-app-react-sdk-0.17.0-<os>-<arch>/

3. Start the sample

   ./start....

Thunder v0.16.0

WSO2 Thunder ⚡

Identity Management Suite

Thunder is a modern, open-source identity management service designed for teams building secure, customizable authentication experiences across applications, services, and AI agents. It enables developers to design and orchestrate login, registration, and recovery flows using a flexible identity flow designer.

Designed for extensibility, scalability, and seamless containerized deployment, Thunder integrates naturally with microservices and DevOps environments—serving as the core identity layer for your cloud platform.

What's Changed

⚠️ Breaking Changes

• Improve flow definitions and execution API request/responses by @ThaminduDilshan in #920
• Define a generic START node for all flows by @ThaminduDilshan in #922
• Add dedicated start/end nodes and remove inferred executors by @ThaminduDilshan in #929
• Integrate role permission with resource definition by @senthalan in #944
• Remove legacy flow mgt and migrate default flow definitions by @ThaminduDilshan in #961
• Change Immutable resource directory by @rajithacharith in #970
• Introduce an executor mode to allow two path execution by @ThaminduDilshan in #984

🚀 Features

• Implement login flow builder UI by @DonOmalVindula in #918
• Add the new flow management implementation by @ThaminduDilshan in #934
• Add initial i18n framework by @ThumulaPerera in #940

✨ Improvements

• Add meta to flow definitions and introduce verbose flag by @ThaminduDilshan in #926
• Refactor immutable resources code by @rajithacharith in #928
• Allow basic auth executor to be used with any attribute by @ThaminduDilshan in #943
• Add layout information to the flow definition by @ThaminduDilshan in #946
• Introduce immutable handle to the flow management service by @ThaminduDilshan in #956
• Address Windows PowerShell Compatibility issues by @warnakulasuriya-fds-e23 in #951
• Introduce token issuance observability and refactor authentication events by @sahandilshan in #947
• Add immutable config support for OU by @rajithacharith in #953
• Use component metadata from Flows API in Thunder Gate by @brionmario in #966
• Composite store support for OU by @rajithacharith in #960
• Reading deployment secrets from environment variables and file objects by @hwupathum in #937
• Add immutable resource support to flow graphs by @rajithacharith in #975
• Allow provisioning executor to perform group and role assignment by @senthalan in #979
• UX improvements to flow-builder UI by @DonOmalVindula in #978
• Update flow UI definitions by @DonOmalVindula in #988
• Add default prefix to bootstrap flow definitions by @ThaminduDilshan in #994
• Fix issues in flow export function by @rajithacharith in #991
• Improvements to Flow Builder UI by @DonOmalVindula in #995
• Integrate Branding API in Gate by @brionmario in #990
• Update validation notification styling by @DonOmalVindula in #1001
• Update notification-senders options by @thiva-k in #1000
• Add autolayout for flows without positioning data by @DonOmalVindula in #1002
• Add comprehensive guide for observability with analytics dashboard by @sahandilshan in #999
• Add support for showing React SDK integration guides by @brionmario in #1004
• Add glob-pattern-based public path matching by @ThumulaPerera in #981
• Improve layout of the flow builder by @DonOmalVindula in #1006
• Update default flow input types by @ThaminduDilshan in #1010

🐛 Bug Fixes

• Update branding resolve API CORS by @thiva-k in #993
• Fix vanilla sample application by @ThaminduDilshan in #1005
• Fix system token generation in readme to match flow execution changes by @darshanasbg in #1017
• Remove auth_flow_graph_id for the Client Credential App by @darshanasbg in #1018

Full Changelog: v0.15.0...v0.16.0

⚡ Quickstart

This Quickstart guide will help you get started with WSO2 Thunder quickly. It walks you through downloading and running the product, trying out the sample app, and exploring registering a user, logging in, and using the Client Credentials flow.

Download and Run WSO2 Thunder

You can run WSO2 Thunder either by downloading the release artifact or using the official Docker image.

Option 1: Run from Release Artifact

Follow these steps to download the 0.16.0 release of WSO2 Thunder and run it locally.

1. Download the distribution from the 0.16.0 release

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	thunder-0.16.0-macos-arm64.zip
   macOS	x64 (Intel)	thunder-0.16.0-macos-x64.zip
   Linux	x64	thunder-0.16.0-linux-x64.zip
   Linux	ARM64	thunder-0.16.0-linux-arm64.zip
   Windows	x64	thunder-0.16.0-win-x64.zip

2. Unzip the product

   Unzip the downloaded file using the following command:

   unzip thunder-0.16.0-<os>-<arch>.zip

   Navigate to the unzipped directory:

   cd thunder-0.16.0-<os>-<arch>/

3. Setup the product

   You need to setup the server with the initial configurations and data before starting the server for the first time.

   If you are using a Linux or macOS machine:

   ./setup.sh

   If you are using a Windows machine:

   .\setup.ps1

   Note the id of the sample app indicated with the log line [INFO] Sample App ID: <id>. You'll need it for the sample app configuration.

4. Start the product

   If you are using a Linux or macOS machine:

   ./start.sh

   If you are using a Windows machine:

   .\start.ps1

   The product will start on https://localhost:8090.

Option 2: Run with Docker Compose

Follow these steps to run WSO2 Thunder using Docker Compose.

1. Download the Docker Compose file

   Download the docker-compose.yml file using the following command:

   curl -o docker-compose.yml https://raw.githubusercontent.com/asgardeo/thunder/v0.16.0/install/quick-start/docker-compose.yml

2. Start Thunder

   Run the following command in the directory where you downloaded the docker-compose.yml file:

   docker compose up

   This will automatically:

   • Initialize the database
   • Run the setup process
   • Start the Thunder server

   Note the id of the sample app indicated with the log line [INFO] Sample App ID: <id> in the setup logs. You'll need it for the sample app configuration.

   The product will start on https://localhost:8090.

Try Out the Product

Try out the Developer Console

Follow these steps to access the Developer Console:

1. Open your browser and navigate to https://localhost:8090/develop.

2. Log in using the admin credentials created during the initial data setup (admin / admin).

Try Out with the Sample App

Thunder provides two sample applications to help you get started quickly:

• React Vanilla Sample — Sample React application demonstrating direct API integration without external SDKs. Supports Native Flow API or Standard OAuth/OIDC.
• React SDK Sample — Sample React application demonstrating SDK-based integration using @asgardeo/react for OAuth 2.0/OIDC authentication.

React Vanilla Sample

1. Download the sample

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	[sample-app-react-vanilla-0.16.0-macos-arm64.zip](https://github.com/asgardeo/thunder/rele...

Thunder v0.15.0

WSO2 Thunder ⚡

Identity Management Suite

Thunder is a modern, open-source identity management service designed for teams building secure, customizable authentication experiences across applications, services, and AI agents. It enables developers to design and orchestrate login, registration, and recovery flows using a flexible identity flow designer.

Designed for extensibility, scalability, and seamless containerized deployment, Thunder integrates naturally with microservices and DevOps environments—serving as the core identity layer for your cloud platform.

What's Changed

✨ Improvements

• Move AuthenticationContext from context to security by @senthalan in #912
• Buffer encode HTTP responses before sending headers by @JeethJJ in #921
• Add application_template to application api by @thiva-k in #924
• Remove OAuth jargon from Application Onboarding by @brionmario in #914
• Add dynamic token issuer resolution by @thiva-k in #917
• Derive permission for Resources and Actions by @senthalan in #909
• Add refresh token expiry time config by @thiva-k in #916
• Add fsGroup and runAsGroup support by @ayeshajay in #933

🐛 Bug Fixes

• Fix db type issue and add Query method to Tx by @ThaminduDilshan in #936

Full Changelog: v0.14.0...v0.15.0

⚡ Quickstart

This Quickstart guide will help you get started with WSO2 Thunder quickly. It walks you through downloading and running the product, trying out the sample app, and exploring registering a user, logging in, and using the Client Credentials flow.

Download and Run WSO2 Thunder

You can run WSO2 Thunder either by downloading the release artifact or using the official Docker image.

Option 1: Run from Release Artifact

Follow these steps to download the 0.15.0 release of WSO2 Thunder and run it locally.

1. Download the distribution from the 0.15.0 release

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	thunder-0.15.0-macos-arm64.zip
   macOS	x64 (Intel)	thunder-0.15.0-macos-x64.zip
   Linux	x64	thunder-0.15.0-linux-x64.zip
   Linux	ARM64	thunder-0.15.0-linux-arm64.zip
   Windows	x64	thunder-0.15.0-win-x64.zip

2. Unzip the product

   Unzip the downloaded file using the following command:

   unzip thunder-0.15.0-<os>-<arch>.zip

   Navigate to the unzipped directory:

   cd thunder-0.15.0-<os>-<arch>/

3. Setup the product

   You need to setup the server with the initial configurations and data before starting the server for the first time.

   If you are using a Linux or macOS machine:

   ./setup.sh

   If you are using a Windows machine:

   .\setup.ps1

   Note the id of the sample app indicated with the log line [INFO] Sample App ID: <id>. You'll need it for the sample app configuration.

4. Start the product

   If you are using a Linux or macOS machine:

   ./start.sh

   If you are using a Windows machine:

   .\start.ps1

   The product will start on https://localhost:8090.

Option 2: Run with Docker Compose

Follow these steps to run WSO2 Thunder using Docker Compose.

1. Download the Docker Compose file

   Download the docker-compose.yml file using the following command:

   curl -o docker-compose.yml https://raw.githubusercontent.com/asgardeo/thunder/v0.15.0/install/quick-start/docker-compose.yml

2. Start Thunder

   Run the following command in the directory where you downloaded the docker-compose.yml file:

   docker compose up

   This will automatically:

   • Initialize the database
   • Run the setup process
   • Start the Thunder server

   Note the id of the sample app indicated with the log line [INFO] Sample App ID: <id> in the setup logs. You'll need it for the sample app configuration.

   The product will start on https://localhost:8090.

Try Out the Product

Try out the Developer Console

Follow these steps to access the Developer Console:

1. Open your browser and navigate to https://localhost:8090/develop.

2. Log in using the admin credentials created during the initial data setup (admin / admin).

Try Out with the Sample App

Thunder provides two sample applications to help you get started quickly:

• React Vanilla Sample — Sample React application demonstrating direct API integration without external SDKs. Supports Native Flow API or Standard OAuth/OIDC.
• React SDK Sample — Sample React application demonstrating SDK-based integration using @asgardeo/react for OAuth 2.0/OIDC authentication.

React Vanilla Sample

1. Download the sample

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	sample-app-react-vanilla-0.15.0-macos-arm64.zip
   macOS	x64 (Intel)	sample-app-react-vanilla-0.15.0-macos-x64.zip
   Linux	x64	sample-app-react-vanilla-0.15.0-linux-x64.zip
   Linux	ARM64	sample-app-react-vanilla-0.15.0-linux-arm64.zip
   Windows	x64	sample-app-react-vanilla-0.15.0-win-x64.zip

2. Unzip and navigate to the sample app directory

   unzip sample-app-react-vanilla-0.15.0-<os>-<arch>.zip
   cd sample-app-react-vanilla-0.15.0-<os>-<arch>/

3. Configure the sample

   Open app/runtime.json and set the applicationID to the sample app ID generated during "Setup the product":

   {
       "applicationID": "{your-application-id}"
   }

4. Start the sample

   ./start.sh

   Open your browser and navigate to https://localhost:3000 to access the sample app.

   📖 Refer to the README.md inside the extracted sample app for detailed configuration options including OAuth redirect-based login.

React SDK Sample

1. Download the sample

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	sample-app-react-sdk-0.15.0-macos-arm64.zip
   macOS	x64 (Intel)	sample-app-react-sdk-0.15.0-macos-x64.zip
   Linux	x64	sample-app-react-sdk-0.15.0-linux-x64.zip
   Linux	ARM64	sample-app-react-sdk-0.15.0-linux-arm64.zip
   Windows	x64	sample-app-react-sdk-0.15.0-win-x64.zip

2. Unzip and navigate to the sample app directory

   unzip sample-app-react-sdk-0.15.0-<os>-<arch>.zip
   cd sample-app-react-sdk-0.15.0-<os>-<arch>/

3. Start the sample

   ./start.sh

   Open your browser and navigate to https://localhost:3000 to access the sample app.

   📖 Refer to the README.md inside the extracted sample app for detailed configuration and troubleshooting.

Self Register and Login (React Vanilla Sample)

The React Vanilla sample supports user self-registration and login:

1. Open https://localhost:3000 and click "Sign up" to register a new user.

   

2. After registration, use the same credentials to "Sign In".

   

3. Upon successful login, you'll see the home page with your access token.

Try Out Client Credentials Flow

To try out the Client Credentials flow, you first need to obtain a token to access the System APIs of Thunder. Follow these steps:

Replace `<applicatio...

Thunder v0.14.0

WSO2 Thunder ⚡

Identity Management Suite

Thunder is a modern, open-source identity management service designed for teams building secure, customizable authentication experiences across applications, services, and AI agents. It enables developers to design and orchestrate login, registration, and recovery flows using a flexible identity flow designer.

Designed for extensibility, scalability, and seamless containerized deployment, Thunder integrates naturally with microservices and DevOps environments—serving as the core identity layer for your cloud platform.

What's Changed

⚠️ Breaking Changes

• Add multi deployment support for data layer by @ThumulaPerera in #836
• Improvement to the observability package by @sahandilshan in #717
• Remove support for scripts in bootstrap/custom by @senthalan in #809
• Update public url and add support to override app configs using helm by @ayeshajay in #874
• Add PKCE validation for public clients by @thiva-k in #863
• Add support for indexed user attributes by @ThumulaPerera in #892
• Improve IDP property/ error handling in auth services by @ThaminduDilshan in #902
• Support password hashing with customizable params by @hwupathum in #785

🚀 Features

• Add Resource API definition and Implementation by @senthalan in #666

✨ Improvements

• Add WriteSuccessResponse/WriteErrorResponse helpers by @JeethJJ in #845
• Support reading port from deployment.yaml in build script by @rajithacharith in #835
• Add persistence layer for Sqlite databases by @ayeshajay in #880
• Add http server support for helm chart by @ayeshajay in #883
• Bump react, @wso2/oxygen-ui and @asgardeo/react versions to latest by @DonOmalVindula in #885
• Remove depricated nginx annotations by @ayeshajay in #888
• Add branding resolve implementation by @thiva-k in #881
• Update ingress and bootstrap configurations by @ayeshajay in #889
• Support immutable configuraitons for Identity Providers by @rajithacharith in #803
• Add authorization request store by @thiva-k in #873
• Uses spans and traces properly with OpenTelemetry by @sahandilshan in #877
• Bump SDKs by @thiva-k in #895
• Add config for auth code expiry time by @thiva-k in #899
• Improve IDP property validations/ handling default properties by @ThaminduDilshan in #900
• Add immutable config support for notification senders and user schemas by @rajithacharith in #884
• Comprehensive cleanup to use WriteSuccessResponse and WriteErrorResponse by @JeethJJ in #878

New Contributors

• @JeethJJ made their first contribution in #845

Full Changelog: v0.13.0...v0.14.0

⚡ Quickstart

This Quickstart guide will help you get started with WSO2 Thunder quickly. It walks you through downloading and running the product, trying out the sample app, and exploring registering a user, logging in, and using the Client Credentials flow.

Download and Run WSO2 Thunder

You can run WSO2 Thunder either by downloading the release artifact or using the official Docker image.

Option 1: Run from Release Artifact

Follow these steps to download the 0.14.0 release of WSO2 Thunder and run it locally.

1. Download the distribution from the 0.14.0 release

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	thunder-0.14.0-macos-arm64.zip
   macOS	x64 (Intel)	thunder-0.14.0-macos-x64.zip
   Linux	x64	thunder-0.14.0-linux-x64.zip
   Linux	ARM64	thunder-0.14.0-linux-arm64.zip
   Windows	x64	thunder-0.14.0-win-x64.zip

2. Unzip the product

   Unzip the downloaded file using the following command:

   unzip thunder-0.14.0-<os>-<arch>.zip

   Navigate to the unzipped directory:

   cd thunder-0.14.0-<os>-<arch>/

3. Setup the product

   You need to setup the server with the initial configurations and data before starting the server for the first time.

   If you are using a Linux or macOS machine:

   ./setup.sh

   If you are using a Windows machine:

   .\setup.ps1

   Note the id of the sample app indicated with the log line [INFO] Sample App ID: <id>. You'll need it for the sample app configuration.

4. Start the product

   If you are using a Linux or macOS machine:

   ./start.sh

   If you are using a Windows machine:

   .\start.ps1

   The product will start on https://localhost:8090.

Option 2: Run with Docker Compose

Follow these steps to run WSO2 Thunder using Docker Compose.

1. Download the Docker Compose file

   Download the docker-compose.yml file using the following command:

   curl -o docker-compose.yml https://raw.githubusercontent.com/asgardeo/thunder/v0.14.0/install/quick-start/docker-compose.yml

2. Start Thunder

   Run the following command in the directory where you downloaded the docker-compose.yml file:

   docker compose up

   This will automatically:

   • Initialize the database
   • Run the setup process
   • Start the Thunder server

   Note the id of the sample app indicated with the log line [INFO] Sample App ID: <id> in the setup logs. You'll need it for the sample app configuration.

   The product will start on https://localhost:8090.

Try Out the Product

Try out the Developer Console

Follow these steps to access the Developer Console:

1. Open your browser and navigate to https://localhost:8090/develop.

2. Log in using the admin credentials created during the initial data setup (admin / admin).

Try Out with the Sample App

Thunder provides two sample applications to help you get started quickly:

• React Vanilla Sample — Sample React application demonstrating direct API integration without external SDKs. Supports Native Flow API or Standard OAuth/OIDC.
• React SDK Sample — Sample React application demonstrating SDK-based integration using @asgardeo/react for OAuth 2.0/OIDC authentication.

React Vanilla Sample

1. Download the sample

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	sample-app-react-vanilla-0.14.0-macos-arm64.zip
   macOS	x64 (Intel)	sample-app-react-vanilla-0.14.0-macos-x64.zip
   Linux	x64	sample-app-react-vanilla-0.14.0-linux-x64.zip
   Linux	ARM64	sample-app-react-vanilla-0.14.0-linux-arm64.zip
   Windows	x64	sample-app-react-vanilla-0.14.0-win-x64.zip

2. Unzip and navigate to the sample app directory

   unzip sample-app-react-vanilla-0.14.0-<os>-<arch>.zip
   cd sample-app-react-vanilla-0.14.0-<os>-<arch>/

3. Configure the sample

   Open app/runtime.json and set the applicationID to the sample app ID generated during "Setup the product":

   {
       "applicationID": "{your-application-id}"
   }

4. Start the sample

   ./start.sh

   Open your browser and navigate to https://localhost:3000 to access the sample app.

   📖 Refer to the README.md inside the extracted sample app for detailed configuration options including OAuth redirect-based login.

React SDK Sample

1. Download the sample

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	[sample-app-react-sdk-0.14.0-macos-arm64.zip](https://github.com/asgardeo/th...

Thunder v0.13.0

WSO2 Thunder ⚡

Identity Management Suite

Thunder is a modern, open-source identity management service designed for teams building secure, customizable authentication experiences across applications, services, and AI agents. It enables developers to design and orchestrate login, registration, and recovery flows using a flexible identity flow designer.

Designed for extensibility, scalability, and seamless containerized deployment, Thunder integrates naturally with microservices and DevOps environments—serving as the core identity layer for your cloud platform.

What's Changed

⚠️ Breaking Changes

• Introduce datasource for user data by @warnakulasuriya-fds-e23 in #677
• Improvements to the authorization code flow by @ThaminduDilshan in #781

🚀 Features

• Add support to exchange auth assertions to access tokens by @thiva-k in #718
• Add support for basic conditional node execution by @ThaminduDilshan in #849
• Introduce user self service API by @darshanasbg in #826

✨ Improvements

• Move the immutable resources configs to default.json by @rajithacharith in #796
• Refactor idp/ cert packages by @ThaminduDilshan in #798
• Improve application onboarding flow in Develop app by @thiva-k in #808
• Allow provisioning email address for federated users by @ThaminduDilshan in #823
• Add React SDK based application to samples by @DonOmalVindula in #824
• [Develop] Enable username/password login by default by @ThaminduDilshan in #825
• Add OAuth settings to application onboarding by @thiva-k in #830
• Bump @asgardeo/react version to 0.6.8 by @thiva-k in #831
• Improve global styling + bump oxygen-ui version by @jeradrutnam in #829
• Add support for user provisioning in external IDP OAuth/OIDC authentication flows by @thiva-k in #837
• Remove intermediate error message during the social login redirect by @jeradrutnam in #840
• Remove array and object type property tests from CreateUserTypePage by @DonOmalVindula in #842
• Remove sign-up link from sign-in page if self-registration is disabled by @jeradrutnam in #843
• Fix divider rendering in gate app by @thiva-k in #850
• Improve existing user validations for the federated auth executors by @ThaminduDilshan in #853
• Bump @asgardeo/react to version 0.6.10 by @DonOmalVindula in #858
• Add react-sdk sample to release pipeline by @DonOmalVindula in #828
• Add common config to indicate gate app path by @darshanasbg in #839
• Bump @asgardeo/react to version 0.6.11 by @thiva-k in #860
• Improve client configs in bootstrap scripts by @thiva-k in #864
• Add proper display names to org creation page by updating to @asgardeo/react to version 0.6.12 by @thiva-k in #867
• Remove ou description from the ou executor default inputs by @ThaminduDilshan in #866

🐛 Bug Fixes

• Fix Error while decrypting IDP properties by @warnakulasuriya-fds-e23 in #723
• Change Issuer as Refresh Token audience by @Thumimku in #819
• Fix SQLite Database Locking Issues Under Concurrent Load by @rajithacharith in #846
• Template http_only server config in helm charts by @mevan-karu in #855
• Fix Develop app menu overflow by @thiva-k in #856

New Contributors

• @warnakulasuriya-fds-e23 made their first contribution in #723
• @Thumimku made their first contribution in #819
• @mevan-karu made their first contribution in #855

Full Changelog: v0.12.0...v0.13.0

⚡ Quickstart

This Quickstart guide will help you get started with WSO2 Thunder quickly. It walks you through downloading and running the product, trying out the sample app, and exploring registering a user, logging in, and using the Client Credentials flow.

Download and Run WSO2 Thunder

You can run WSO2 Thunder either by downloading the release artifact or using the official Docker image.

Option 1: Run from Release Artifact

Follow these steps to download the 0.13.0 release of WSO2 Thunder and run it locally.

1. Download the distribution from the 0.13.0 release

   OS	Architecture	Download Link
   macOS	ARM64 (Apple Silicon)	thunder-0.13.0-macos-arm64.zip
   macOS	x64 (Intel)	thunder-0.13.0-macos-x64.zip
   Linux	x64	thunder-0.13.0-linux-x64.zip
   Linux	ARM64	thunder-0.13.0-linux-arm64.zip
   Windows	x64	thunder-0.13.0-win-x64.zip

2. Unzip the product

   Unzip the downloaded file using the following command:

   unzip thunder-0.13.0-<os>-<arch>.zip

   Navigate to the unzipped directory:

   cd thunder-0.13.0-<os>-<arch>/

3. Setup the product

   You need to setup the server with the initial configurations and data before starting the server for the first time.

   If you are using a Linux or macOS machine:

   ./setup.sh

   If you are using a Windows machine:

   .\setup.ps1

   Note the id of the sample app indicated with the log line [INFO] Sample App ID: <id>. You'll need it for the sample app configuration.

4. Start the product

   If you are using a Linux or macOS machine:

   ./start.sh

   If you are using a Windows machine:

   .\start.ps1

   The product will start on https://localhost:8090.

Option 2: Run with Docker

Follow these steps to run WSO2 Thunder using Docker.

1. Pull the Docker image

   docker pull ghcr.io/asgardeo/thunder:0.13.0

2. Setup the product

   You need to setup the server with the initial configurations and data before starting the server for the first time.

       docker run -it --rm \
           ghcr.io/asgardeo/thunder:0.13.0 \
           ./setup.sh

   Note the id of the sample app indicated with the log line [INFO] Sample App ID: <id>. You'll need it for the sample app configuration.

   [!NOTE]
   This will shut down the container after the setup is complete. You need to start the container again using the command in step 3. If you are using sqlite as the database, then you need to mount a volume to persist the database file and share it between the setup and server run containers.

3. Run the container

   docker run --rm \
     -p 8090:8090 \
     ghcr.io/asgardeo/thunder:0.13.0

   Optionally if you want to modify the server configurations, you can mount a custom deployment.yaml file. Create a deployment.yaml file in your working directory similar to the deployment.yaml, and mount it as below:

   docker run --rm \
     -p 8090:8090 \
     -v $(pwd)/deployment.yaml:/opt/thunder/repository/conf/deployment.yaml \
     ghcr.io/asgardeo/thunder:0.13.0

   Optionally if you want to use custom configurations or certificates, you can mount them as follows:

   docker run --rm \
     -p 8090:8090 \
     -v $(pwd)/deployment.yaml:/opt/thunder/repository/conf/deployment.yaml \
     -v $(pwd)/certs/server.cert:/opt/thunder/repository/resources/security/server.cert \
     -v $(pwd)/certs/server.key:/opt/thunder/repository/resources/security/server.key \
     ghcr.io/asgardeo/thunder:0.13.0

Try Out the Product

Try out the Developer Console

Follow these steps to access the Developer Console:

1. Open your browser and navigate to https://localhost:8090/develop.

2. Log in using the admin credentials created during the initial data setup (admin / admin).

Try Out with the Sample App

Thunder provides two sample applications to help you get started quickly:

• React Vanilla Sample — Sample React application demonstrating direct API integration without exte...