Omindu Rathnaweera is a seasoned identity and access management leader with 11 years of experience driving architecture and product for WSO2, now serving as Director for WSO2 Identity and Access Management. He blends hands-on Java backend engineering—demonstrated by security-focused contributions to the widely used WSO2 Identity Server repository—with strategic leadership across product, architecture, and delivery. Known for improving OAuth, consent management, and token generation flows, he combines rigorous security testing (including integration tests for open-redirects) with code quality and dependency hygiene. Based in Colombo, he rose through technical and leadership ranks at WSO2 after an early CTO role, bringing both startup pragmatism and enterprise-grade engineering discipline.
11 years of coding experience
12 years of employment as a software developer
BSC eng Hons, Electrical Engineering, BSC eng Hons, Electrical Engineering at University of Moratuwa
Contributions:48 reviews, 174 commits, 161 PRs in 4 years 11 months
Contributions summary:Omindu primarily focused on fixing and improving the WSO2 Identity Server framework. Their commits addressed specific issues like fixing exceptions in workflow processes, resolving footer location issues in authentication endpoints, and correcting the functionality of the getAllPolicyIds API. The user also made changes related to the consent management feature, including integrating consent management for SSO, handling user consents, and improving the UI for requesting consents. Furthermore, they also fixed Oracle SQL script related issues.
Welcome to the WSO2 Identity Server source code! For info on working with the WSO2 Identity Server repository and contributing code, click the link below.
Role in this project:
Security Engineer & Backend Developer
Contributions:7 releases, 36 reviews, 175 commits in 6 years 8 months
Contributions summary:Omindu focused on identifying and mitigating security vulnerabilities within the WSO2 Identity Server. They added integration tests specifically to check for open redirect vulnerabilities, demonstrating a proactive approach to security testing. The user's contributions directly involved Java code changes within the backend, specifically modifying test cases to assess security risks. They also performed code merging and conflict resolution tasks.
working-onaccess-managementwso2identitylink
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.