Super Gluu is a push-notification two-factor authentication (2FA) mobile app built to work with the Gluu Server.

Super Gluu uses public-key encryption as specified in the FIDO U2F authentication standard. Upon device enrollment, Super Gluu registers its public key against the Gluu Server’s FIDO U2F endpoint. When authentication happens, there is a challenge response to ensure that the device has the corresponding private key.

User and Developer Guides

User and Developer Guides can be found on the Super Gluu docs site.

  • An Internet accessible (non-internal or localhost) Gluu Server with DNS pointing at the public Internet address of the server (installation instructions)

  • Super Gluu interception script (included in the default Gluu Server distribution)

  • An Android or iOS device with Super Gluu installed

  • If the Gluu Server is using a self-signed certificate, Trust All must be enabled in Super Gluu (open the app, navigate to Menu > Trust all (SSL) and enable)

The authentication workflow for Super Gluu is defined in the Super Gluu interception script linked above in the prerequisites. By default, users are put through a two-step, two-factor authentication process with username and password first, and then push notification via Super Gluu second. Alternative authentication worklows, for instance passwordless authentication, can be configured by adjusting the script as needed.

See the SCIM documentation for a discussion on how to manage FIDO devices, including Super Gluu, using the SCIM protocol.

An open source, enterprise IAM platform you can depend upon long-term.

« »