Gluu Flex: Software for your Enterprise identity plant
The cloud is great, but what if your business needs to self-host authentication and authorization services? Perhaps data sovereignty or security considerations prevent the use of Solo, Gluu’s hosted platform? Or perhaps your organization is so large, you have economies of scale to operate access management infrastructure, and the limitations of a SaaS solution would just get in your way. If this sounds familar, Gluu Flex is a software distribution to build the infrastructure you need to operate a multi-datacenter, highly available, performant identity and access management platform.
Gluu Flex Components
Flex is Gluu’s flagship product–a commercial Identity Provider with an open source core. It includes all the components found in the Linux Foundation Janssen Project, plus the Flex Admin UI, a web control plane with enterprise features like reporting and audit.
Common use cases include:
- OpenID Federation
- SAML Federation
- Single sign-on (SSO)
- Mobile authentication
- Web Identity Orchestration
- API client management and dynamic registration
- Multi-factor authentication (MFA) / passwordless
- Active Directory or Keycloak synchronization
- Self-Service credential management
- Open Banking
- Optional deployment profile that is conformant with DISA STIG requirements for Red Hat linux.
- OAuth Federation through the publication of Software Statement key material
- Internal identity connection via SCIM
- Stepped-up authentication
- Passwordless authentication
- Smart Card Authentication
- FIDO authentication
- OTP authentication
- Email authentication including message signing
- Device Flow authentication
- Consumer digital identity
Gluu Flex
Gluu Flex is good for business.
No Lock-In
One of the unique features of Gluu Flex is the ability to move to the Janssen Project open source distribution. If your Gluu subscription expires, the commercial Admin-UI will lock. But your authentication service will not go down because the core components are open source. You won’t be able to use the enterprise control plane, but you will be able to configure using the open source tools.
Cost effective
The cost of a Gluu Subscription is based on peak Monthly Active Users. That means you don’t have to pay for users who never log in!
Gluu enables your business to use existing database infrastructure–no requirement to deploy a fragile, single-purpose LDAP topology. This can significantly improve your total cost of ownership (and uptime!).
Improved time to market with the low code development enables your business to better serve customers and deliver value through improved user experience and security.
Harness the innovation of open source for your enterprise!
Multi-Factor Authentication
With Gluu Flex, end-users can self-service manage their MFA credentials. Flex has out-of-the-box support for SMS, one-time password, Super Gluu mobile push authentication, and of course FIDO authentication and passkeys.
Social Login
Built-in support for Google, Facebook, Apple, Microsoft Azure AD, or any consumer identity provider that supports OpenID Connect. This is accomplished using Agama-based identity orchestration. After authentication, end-users can link and unlink social login identity providers by logging into the Flex Casa component.
Use JWT access tokens to secure APIs
JWT tokens are critical input to security policies. In a way, JWTs are the new policy information point (“PIP”)–they contain the data shared from the central authn/authz infrastructure. Gluu Flex mints many kinds of JWTs, and also provides a real time solution to expire them.