Pamoda Wimalasiri is a Technical Lead with 11 years of experience building and hardening identity and access management solutions at WSO2, where he progressed from intern to lead. He specializes in back-end development for OAuth2/OpenID Connect, session and token management, and secure governance features, and has a track record of improving error handling, test coverage, and database procedures in the flagship WSO2 Identity Server. Known as a pragmatic engineer and effective team leader, he combines hands-on coding—implementing authenticators, revocation handlers, and reCAPTCHA integrations—with mentoring and release-quality work. Based in Colombo, he brings a security-minded focus to usability and edge-case robustness, having fixed privilege escalation and validation issues that improved overall platform safety.
11 years of coding experience
8 years of employment as a software developer
Computer Science and Engineering, Computer Science and Engineering at University of Moratuwa
Diploma in Information Technology, Diploma in Information Technology at University of Colombo School of Computing
Contributions:172 reviews, 88 commits, 119 PRs in 3 years 5 months
Contributions summary:Pamoda's primary focus was on back-end development tasks, specifically related to the WSO2 carbon-identity-framework. They contributed to the application management by adding configuration options for custom provision connectors and resolving conflicts in the code. They also modified database scripts, specifically an Oracle stored procedure for OAuth2 token cleanup, indicating database interaction and maintenance skills. Furthermore, they added session management features, including session termination, and implemented user and session ID validations.
Welcome to the WSO2 Identity Server source code! For info on working with the WSO2 Identity Server repository and contributing code, click the link below.
Role in this project:
Back-end Developer & Test Automation Engineer
Contributions:58 reviews, 49 commits, 60 PRs in 1 year 3 months
Contributions summary:Pamoda's contributions primarily focused on enhancing the OAuth2 authentication and authorization flows within the WSO2 Identity Server. They implemented tests to verify OAuth2 error redirection scenarios and token revocation functionalities, indicating a strong understanding of identity and access management principles. The user's work involved modifying Java test cases to cover various OAuth2 scenarios, including invalid redirect URIs and revoked token revocation. Additionally, the user addressed SCIM2 Me endpoint test failures by adding authorization and modifying the test setup.
working-onaccess-managementwso2identitylink
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.