* Login flows - optional user self-registration, recover password, verify email, require password update, etc.
* Session management - Admins and users themselves can view and manage user sessions.
* Token mappers - Map user attributes, roles, etc how you want into tokens and statements.
* Not-before revocation policies per realm, application and user.
* CORS support - Client adapters have built-in support for CORS
{% if book.community %}
* Service Provider Interfaces (SPI) - A number of SPIs to enable customizing various aspects of the server. Authentication flows, user federation providers,
protocol mappers and many more.
* Client adapters for JavaScript applications, WildFly, JBoss EAP, Fuse, Tomcat, Jetty, Spring, etc.
{% endif %}
{% if book.product %}
* Client adapters for JavaScript applications, JBoss EAP, Fuse, etc.
{% endif %}
* Supports any platform/language that has an OpenID Connect Resource Provider library or SAML 2.0 Service Provider library