logo-green.png
Contact

Casa Documentation

doc-icon.png

Gluu Casa Documentation

Overview

Gluu Casa (“Casa”) is a self-service web portal for end-users to manage authentication and authorization preferences for their account in acts.
For example, as people interact with an organization’s digital services, they may need to:
  • Gluu Casa ("Casa") is a self-service web portal for end-users to manage authentication and authorization preferences for their account in acts.
  • Turn 2FA on and off
  • View and manage which external apps have been authorized to access what personal data
  • View trusted devices
Casa provides a platform for people to perform these account security functions and more.
Two-factor authentication
The core use case for Casa is self-service 2FA. If people need to call the helpdesk every time they get a new phone or security key, supporting strong authentication becomes prohibitively expensive.
Out-of-the-box, Casa can be used to enroll and manage the following authenticators:
  • FIDO2/U2F security keys like Yubikeys
  • Gluu's U2F push-notification mobile app, Super Gluu
  • OTP hardware cards like these or dongles like these
  • OTP mobile apps like Google Authenticator, FreeOTP, etc.
  • Mobile phone numbers able to receive OTPs via SMS
  • Passwords (if stored in the corresponding Gluu Server's local database, i.e. not a backend LDAP like AD)

Additional authenticators and use cases can be supported via custom plugins.

2FA enrollment APIs
To facilitate 2FA device enrollment during account registration, or elsewhere in an application ecosystem, Casa exposes APIs for enrolling the following types of authenticators:
  • Phone numbers for SMS OTP
  • OTP apps, cards or dongles
  • Super Gluu Android and iOS devices
  • FIDO2 security keys

Learn more in the developer guide.

Configuration via APIs

Besides a comprehensive graphical admin console, application settings can also be manipulated by means of the configuration API.

2FA enrollment APIs

Casa is a plugin-oriented, Java web application. Existing functionality can be extended and new functionality and APIs can be introduced through plugins.

Learn more in the developer guide.

Existing plugins
Gluu has written a number of plugins to extend Casa, including plugins for:
  • Consent management
  • Custom branding
  • 2FA settings
  • BioID authentication
  • Duo authentication
  • Account linking
  • Browser certificate authentication

For more information visit the Casa website.

Gluu Server integration

Casa is tightly bundled with the Gluu Server identity and access management (IAM) platform. A few important notes:

  • Authentication scripts: The Gluu Server relies on "interception scripts" to implement user authentication. Casa itself has an interception script which defines authentication logic and routes authentications to specific 2FA mechanisms which also have their own scripts. All scripts must be enabled in the Gluu Server.
  • oxd: Casa uses the oxd OAuth 2.0 client software to leverage the Gluu Server for authentication. oxd can be deployed during Casa installation.

More detailed information is available in the Admin Guide, linked below.

User roles

There are two types of users in Gluu Casa:

  • Admin users: Any user in the Managers Group in the Gluu Server
  • Regular users: Any user in the Gluu Server

Admin users have access to the Casa admin console. All users can manage their 2FA credentials, as outlined in the user guide.

Get started
Use the following links to get started with Casa:
Admin Guide
User Guide
Developer Guide
License

Gluu Casa is made available under Apache License 2.0.

Learn Gluu
Offering
Company
More Info
Gluu, Inc. 600 Congress Avenue 14th Floor Austin TX 78701 USA
Linkedin Github Android Apple Youtube

© Gluu Inc. All Rights Reserved.