What are the basic server requirements for a Gluu deployment?

We recommend a virtual machine with at least 2 CPU units, 4 GB of RAM, and around 30GB of disk space.

Where can I deploy the Gluu Server?

Gluu can be deployed on any cloud provider, including Microsoft Azure, Amazon Web Services (AWS), Google Cloud Engine (GCE), and Digital Ocean (DO). For cloud specific notes, please view our VM prep guide.

Why don’t all organizations use Multi-Factor Authentication (MFA)?

While other authentication technologies are more secure then passwords, and more usable, they are more difficult for organizations to deploy. Organizations know how to enroll passwords and how to reset them.

How many users can Gluu handle, and what is the max speed of concurrent logins?

The Gluu Server can be scaled horizontally to handle tens of millions of users. To a large extent, performance is driven by configurations made in the underlying database. A well tested data strategy will yield the best results. And we have the capability to authenticate a billion logins per day. Read the press release

How many Gluu Servers do organizations typically deploy?

Organizations frequently deploy multiple production and development Gluu Servers depending on requirements for high availability, staging, QA and fail over.

Does Gluu perform professional services?

It depends. For most design and architecture projects, we recommend engaging one of our certified partners.

Does Gluu publish its customer list?

The Gluu Server is being used in production at educational institutions, government and non-government organizations, and enterprises around the world. References are available upon request. Feel free to download our most recent case studies here.

Does Gluu support previous releases in production and pre-production environments?

Yes, Gluu supports each release for at least 18 months.

Does Gluu provide any per incident support options?

No, Gluu only provides annual support options. For per incident support, we are happy to introduce you to one of our talented service partners.

Is the Gluu Server free to use in production?

Yes. The Gluu Server is, and always will be, 100% free open source software. Check the docs for more information about licenses in use.

Can I cancel my support subscription at any time?

Either party may terminate the support contract with 30 days written notice.

What happens if I cancel my support subscription?

All named contacts associated with the customer organization will lose enhanced access to our support services.

Infinite scale. Complete Privacy.

Gluu Identity and Access Management

Play Video

Extreme Flexibility

The key to the Gluu Server’s success has been its ability to quickly handle the most challenging requirements. Whether you need to connect legacy data sources, create particular audit logs, implement advanced authentication workflows, interact with end-users to get consent, add unique data into OAuth access tokens, or a myriad of other special requirements–you can get it done with the Gluu Server. If you can describe it, you can do it with Gluu. The sky’s the limit.

Scales to Billions

Need to handle many thousands of authentications per second? If so, it’s better to scale out (by adding more servers), not up (by adding more memory and compute). Gluu enables you to horizontally scale both the web and persistence resources as needed to meet any level of burstiness.

Cloud Native

Using Kubernetes and other cloud-native tools, you can improve the efficiency of operation and auto-scale to cost-effectively meet demand, without pre-provisioning unnecessary capacity. The Gluu Server Cloud Native distribution includes everything you need, including Helm charts.

Open Source

Enterprises are moving to open-source infrastructure software for a reason: community-developed software results in more innovation and fewer bugs. Nothing builds trust like source code. At Gluu, we’re committed to both leading and contributing to the open-source projects which comprise our distribution.

Strengthen Your Cybersecurity Posture

Authentication is the front door to your digital enterprise. The best bang for your buck in security is to improve the lock on that door!

Using advanced adaptive authentication techniques, you can stop the hackers before they get in.

Master Your Digital Identity

Digital Identity is the foundation on which all your services are built. It is imperative to identify not just people, but software that is acting on behalf of people and organizations.

Mastering digital identity is a requirement for building the next generation of e-services.

Get this right and your organization will be able to roll out new services more quickly.

Improve User Experience

People have high expectations. We’re used to using advanced digital services from consumer giants like Google and Apple.

We might still listen to music from the 90s, but no one wants to go back to those old web experiences.

With Gluu, you can authenticate like a consumer giant without having to reinvent the wheel with your branding, and in your language.

Gluu Implements Open Web Standards

OpenID Connect

The most modern federated identity protocol is based on OAuth, using OpenID to centralize authentication for web and mobile applications. Based on published OpenID Provider conformance profiles, the Gluu Server is the most comprehensive OpenID Connect Provider implementation available.

FIDO

Everyone knows passwords are not secure. FIDO offers an alternative to passwords–cryptographic authentication using hardware or software. FIDO is not limited to just Yubikeys. Laptops and smartphones are building FIDO into their hardware. Gluu has a full FIDO server stack.

User Managed Access

The UMA standard provides a way to interact with a person post-authentication. A common use case is to get consent. Other use cases arise around asynchronous interactions, like when two people need to sign a check, and maybe one is not online at the moment. Gluu has a complete UMA 2.0 stack.

SAML 2.0

SAML is used by lots of existing web applications and SaaS services. It’s old but reliable. You won’t want to use SAML for mobile applications or SPAs. But if you have an off-the-shelf application that supports SAML, it’s a reasonable way to integrate it. The Gluu Server maintains SSO across OpenID and SAML websites.

OAuth 2.0

Plain old OAuth should be your go-to strategy to secure APIs. Developers know it, and there are many products and libraries that make it easier. Gluu supports both reference and value tokens (JWTs). And using the Gluu interception scripts, you can call APIs or add business logic to add extra information into access tokens.

SCIM

If you need to add user information to the Gluu Server, the best way to do so is to call the /Users endpoint using the SCIM protocol. To do so, you’ll need to present an authorized access token. Network protection is also recommended for the SCIM API. Using SCIM for integration protects you from needing to know database implementation details, like schema.

LDAP

The Gluu LDAP Server is our fork of the OpenDJ directory server. While we generally don’t recommend exposing the LDAP interface to the network, sometimes the Gluu LDAP server provides a convenient central publication point for user information. Using the Cache Refresh service, you can also synchronize data from other LDAP sources.

Radius

Gluu ships with a very small Radius Server. It’s not meant for high-performance requirements. For scale and concurrency, we recommend the open-source Radius server called Radiator. But if you just have some ad hoc Unix logins, and you want to use Super Gluu for authentication, this little Radius server can get the job done for you!

Gluu Distributions

Virtual Machine

Gluu publishes Linux packages for Ubuntu, Debian, Centos, and RedHat. Customers with a VIP subscription can also use our Cluster Manager deployment tool to quickly set up a highly available cluster of Gluu Servers.

Cloud Native

Cloud-native is the way to go if you have the skills. There are just so many advantages: auto-scaling, zero downtime updates, declarative configuration, and advanced tooling.

We love cloud native.

And we’re working hard to keep developing the tools you need to maintain the ease of use we’re famous for in the VM world.

Gluu Use Cases

Single Sign-on

SSO is an important use case for employee productivity, and for customer-facing user experience. With Gluu, SSO is maintained simultaneously across OpenID and SAML websites. Gluu also provides some great strategies to manage the equally as important SLO: single logout.

Mobile Authentication

Mobile applications are different than websites because it’s harder to protect client credentials (i.e., API keys or private keys). Enabling third-party mobile applications to use your authentication securely is also a challenge. Gluu enables you to use best practices for mobile security.

API Access Management

The Gluu Server is an OAuth Authorization Server (“AS”), one of the important components of any API access management infrastructure. The AS authenticates clients (like websites) and issues access tokens. Gluu supports both reference tokens and value tokens (i.e. JWTs).

Two-factor Authentication

Gluu ships with out-of-the-box support for many 2FA mechanisms, like FIDO, OTP, SMS, smart card, Duo, and many more. The Gluu Platform also offers a unique self-service portal called Casa, which enables end-users to manage their 2FA credentials, much like they would do at Google.

Customer Identity and Access

One of the key use cases for Gluu is CIAM. That’s because Gluu gives you incredible flexibility and control over the user experience and backend integration. If you have millions of customers (or citizens), Gluu is an excellent choice to serve as the central authentication service.

Identity Brokering

Sometimes your organization is not the source of identity–you may need to rely on a customer or partner’s identity provider. Gluu enables you to rely on a SAML, OpenID, or social identity provider, and to map user claims for each to meet the needs of your business.

Why Gluu open-source works for Identity and Access Management

Freedom

Once you implement an access
management infrastructure, switching costs are high, and your organization’s bargaining leverage evaporates. Modern organizations are opting for freedom over lock-in.

Innovation

A collaborative approach is more effective to address long-term innovation-it’s more immune to the inherent ups and downs of the business corporate ownership
lifecycle.

Trust

Hiding the code does not result in more secure code. Hackers don’t need the source code to hack your infrastructure. More eyes on the code lead to better code-fewer bugs per thousand lines of code. Transparency is a best practice.

Ready to eliminate enterprise level security vulnerabilities?

« Technology Partner | Radiator Server SoftwareGluu Open Banking »

Infinite scale. Complete Privacy.

Gluu Identity and Access Management

Extreme Flexibility

Scales to Billions

Cloud Native

Open Source

Strengthen Your Cybersecurity Posture

Master Your Digital Identity

Improve User Experience

Gluu Implements Open Web Standards

OpenID Connect

FIDO

User Managed Access

SAML 2.0

OAuth 2.0

SCIM

LDAP

Radius

Gluu Distributions

Virtual Machine

Cloud Native

Gluu Use Cases

Single Sign-on

Mobile Authentication

API Access Management

Two-factor Authentication

Customer Identity and Access

Identity Brokering

Why Gluu open-source works for Identity and Access Management

Freedom

Innovation

Trust

Ready to eliminate enterprise level security vulnerabilities?

Learn Gluu

Offering

Company

More Info

© Gluu Inc. All Rights Reserved. Various trademarks held by their respective owners. 2022

Privacy Policy

Terms and Conditions