Skip to content

Strong Authentication Settings Plugin#


This plugin allows administrators to configure how and when 2FA is applied. Admins can:

  • Specify the minimum number of credentials users must enroll before they are able to turn on 2FA

  • Choose from a set of predefined policies for when 2FA should be prompted:

    • Always (at every login attempt)
    • When user's location is unrecognized
    • When user's device is unrecognized
    • Users can define their own policy (based on the above)
  • Set how long a location or device can be deemed as recognized

Additionally, when administrators allow users to set their own strong authentication policy, users can:

  • View the list of physical devices they have used to login (e.g. PC, tablet, phone)
  • View the time and location (city) associated to the last login event
  • Remove a device from the list (eg. when it should not be considered trustworthy anymore)

A device/location is considered trustworthy when the user has presented a strong credential in order to login to Casa in such device/location. Subsequent login attempts from trustworthy (recognized) device/locations will not require them to present a second factor.


  • The plugin jar file must match the version of your Casa (and Gluu Server) installation.


  1. Download the plugin

  2. Log in to Casa using an administrator account

  3. Navigate to Administration console > Casa plugins

    plugins page

  4. Click on Add a plugin... and select the plugin jar file

  5. Click on Add

How to use#

For administrators, a new link labeled "2FA settings" appears in the dashboard menu to access the function.


For regular users, proper details appear in the widget where 2FA is turned on.