Super Gluu is a push-notification two-factor authentication (2FA) mobile app built to work with the Gluu Server.
Super Gluu uses public-key encryption as specified in the FIDO U2F authentication standard. Upon device enrollment, Super Gluu registers its public key against the Gluu Server’s FIDO U2F endpoint. When authentication happens, there is a challenge response to ensure that the device has the corresponding private key.
User and Developer Guides
User and Developer Guides can be found on the Super Gluu docs site.
An Internet accessible (non-internal or localhost) Gluu Server with DNS pointing at the public Internet address of the server (installation instructions)
Super Gluu interception script (included in the default Gluu Server distribution)
An Android or iOS device with Super Gluu installed
If the Gluu Server is using a self-signed certificate,
Trust Allmust be enabled in Super Gluu (open the app, navigate toMenu>Trust all (SSL)and enable)
The authentication workflow for Super Gluu is defined in the Super Gluu interception script linked above in the prerequisites. By default, users are put through a two-step, two-factor authentication process with username and password first, and then push notification via Super Gluu second. Alternative authentication worklows, for instance passwordless authentication, can be configured by adjusting the script as needed.
See the SCIM documentation for a discussion on how to manage FIDO devices, including Super Gluu, using the SCIM protocol.
API for user, group and FIDO device management
Another core component, this server provides the enrollment and authentication endpoints which enable people to use USB, bluetooth or platform FIDO credentials.
The heart of the Janssen Project, this is the server that provides the OpenID Connect and OAuth endpoints.
The configuration API is required to configure Jans Auth Server
Self-service web portal for end-users to manage devices and other multi-factor authentication.
Interface to simplify the management and configuration of Jans Auth Server
The Command Line Interface provides an interactive menu-driven mode for admins who don’t want to struggle with lengthy curl commands.
API for user, group and FIDO device management
Open Provider / OAuth Authorization Server
oxTrust is a single-point of administration for all components of Gluu 4.x servers.
Another core component, this server provides the enrollment and authentication endpoints which enable people to use USB, bluetooth or platform FIDO credentials.
Enables social login.
SAML IDP
Self-service web portal for end-users to manage devices and other multi-factor authentication.
OAuth / OpenID client middleware service