Thunder v0.1.0
WSO2 Thunder ⚡
The Lightning-Fast Identity Management Suite
Project Thunder is a modern, identity management service by WSO2. It empowers you to design tailored login, registration, and recovery flows using a flexible identity flow designer.
Thunder secures users, applications, services, and AI agents by managing their identities and offering a complete suite of supporting capabilities.
Designed for extensibility, scalability, and seamless containerized deployment, Thunder integrates naturally with microservices and DevOps environments—serving as the core identity layer for your cloud platform.
🚀 Features
- ✅ Standards-Based
- OAuth 2/ OpenID Connect (OIDC): Client Credentials
- 🔗 Login Options: Basic Authentication, Login with GitHub, Login with Google
- 🌐 RESTful APIs: App Native Login, User Management, Application Management, Identity Provider Management
⚡ Quickstart
Download and Run WSO2 Thunder
Follow these steps to download the v0.1.0 release of WSO2 Thunder and run it locally.
Step 1: Download the distribution from the v0.1.0 release
Download thunder_<os>_<arch>-<version>.zip from the v0.1.0 release for your operating system and architecture.
For example, if you are using a MacOS machine with a Apple Silicon (ARM64) processor, you would download thunder_darwin_arm64-v0.1.0.zip.
Step 2: Unzip and start the product
-
Unzip the downloaded file using the following command:
unzip thunder-<os>_<arch>-<version>.zip
-
Navigate to the unzipped directory:
cd thunder-<os>_<arch>-<version>/
-
Start the product using the following command:
-
If you are using a Linux or macOS machine:
bash start.sh
-
If you are using a Windows machine:
start.bat
-
Download and Run the Sample App
To quickly get started with WSO2 Thunder, you can use the sample app provided with the product. Follow these steps to download and run the sample app.
Step 1: Download the sample app
Download thunder-sample-app-0.1.0.zip.
Step 2: Unzip the sample app and install dependencies
unzip thunder-sample-app-<version>.zip
cd thunder-sample-app-<version>/
npm install(Optional) Step 3: Configure the sample app
Open the runtime.json file in the thunder-sample-app-/dist directory and update the configurations as per your setup. The default configurations should work for most cases, but you can customize the following properties:
applicationID: The ID of the application you want to use for authentication. By default, it is set to550e8400-e29b-41d4-a716-446655440000.flowEndpoint: The endpoint for the flow execution API. By default, it is set tohttps://localhost:8090/flow/execution.
Step 4: Start the sample app
npm startOpen your browser and navigate to https://localhost:3000 to see the sample app in action.
Try Out the Product
1️⃣ Create a User
Create a user in the system to tryout the authentication flows. You can use the following cURL command to create a user with the required attributes.
curl -kL -H 'Content-Type: application/json' https://localhost:8090/users \
-d '{
"organizationUnit": "456e8400-e29b-41d4-a716-446655440001",
"type": "superhuman",
"attributes": {
"username": "thor",
"password": "thor123",
"email": "thor@thunder.sky",
"firstName": "Thor",
"lastName": "Odinson",
"age": 1534,
"abilities": [
"strength",
"speed",
"healing"
],
"address": {
"city": "Asgard",
"zip": "00100"
}
}
}'2️⃣ Try Out Client Credentials Flow
curl -k -X POST https://localhost:8090/oauth2/token \
-d 'grant_type=client_credentials' \
-u 'client123:secret123'3️⃣ Try Username and Password Login
Open the sample app in your browser and enter the username and password you created in the first step. If the login is successful, you will be redirected to the home page of the sample app with the access token.
4️⃣ Try Google Login
-
Create an OAuth application in your Google account following the instructions given in the Google documentation.
- Configure the Authorized origin and Redirect URI as per your application.
- Copy the Client ID and Client Secret.
-
Update the system created Google IDP by invoking the IDP management API with the following cURL command. Make sure to replace
<client_id>,<client_secret>, and<app_callback_url>with the values you copied from your Google OAuth application.curl -kL -X PUT -H 'Content-Type: application/json' -H 'Accept: application/json' https://localhost:8090/identity-providers/550e8400-e29b-41d4-a716-446655440002 \ -d '{ "id": "550e8400-e29b-41d4-a716-446655440001", "name": "Google", "description": "Login with Google", "client_id": "<client_id>", "client_secret": "<client_secret>", "redirect_uri": "<app_callback_url>", "scopes": [ "openid", "email", "profile" ] }'
-
Update the system default application to use the Google login template by invoking the application management API with the following cURL command.
curl -kL -X PUT -H 'Content-Type: application/json' -H 'Accept: application/json' https://localhost:8090/applications/550e8400-e29b-41d4-a716-446655440000 \ --data '{ "id": "550e8400-e29b-41d4-a716-446655440000", "name": "Test SPA", "description": "Initial testing App", "client_id": "client123", "client_secret": "***", "callback_url": [ "https://localhost:3000" ], "supported_grant_types": [ "client_credentials", "authorization_code" ], "auth_flow_graph_id": "auth_flow_config_google" }'
-
Open the sample app in your browser and click on the "Continue with Google" button. You will be redirected to the Google login page. Enter your Google credentials and authorize the application.
-
If the login is successful, you will be redirected to the home page of the sample app with the access token.
5️⃣ Try GitHub Login
-
Create an OAuth application in your Github account following the instructions given in the Github documentation.
- Configure home page and callback URLs as per your application.
- Copy the Client ID and Client Secret.
-
Update the system created github IDP by invoking the IDP management API with the following cURL command. Make sure to replace
<client_id>,<client_secret>, and<app_callback_url>with the values you copied from your GitHub OAuth application.curl -kL -X PUT -H 'Content-Type: application/json' -H 'Accept: application/json' https://localhost:8090/identity-providers/550e8400-e29b-41d4-a716-446655440001 \ -d '{ "id": "550e8400-e29b-41d4-a716-446655440001", "name": "Github", "description": "Login with Github", "client_id": "<client_id>", "client_secret": "<client_secret>", "redirect_uri": "<app_callback_url>", "scopes": [ "user:email", "read:user" ] }'
-
Update the system default application to use the Github login template by invoking the application management API with the following cURL command.
curl -kL -X PUT -H 'Content-Type: application/json' -H 'Accept: application/json' https://localhost:8090/applications/550e8400-e29b-41d4-a716-446655440000 \ --data '{ "id": "550e8400-e29b-41d4-a716-446655440000", "name": "Test SPA", "description": "Initial testing App", "client_id": "client123", "client_secret": "***", "callback_url": [ "https://localhost:3000" ], "supported_grant_types": [ "client_credentials", "authorization_code" ], "auth_flow_graph_id": "auth_flow_config_github" }'
-
Open the sample app in your browser and click on the "Continue with GitHub" button. You will be redirected to the GitHub login page. Enter your GitHub credentials and authorize the application.
-
If the login is successful, you will be redirected to the home page of the sample app with the access token.
License
Licenses this source under the Apache License, Version 2.0 (LICENSE), You may not use this file except in compliance with the License.
(c) Copyright 2025 WSO2 LLC.