Frequently Asked Questions (FAQ)#

General FAQs and troubleshooting#

Where should Gluu Gateway be used?#

Gluu Gateway should be used in every API gateway where you need advanced security measures using OAuth 2.0 and User-Managed Access (UMA) 2.0 Grant.

How can I investigate Gluu Gateway problems?#

Gluu Gateway uses Gluu Server and oxd. That means any potential issue on these servers can influence the work of Gluu Gateway.

If you see an error message such as the one in the screenshot, check the logs for possible issues:


You can also check the oxd FAQ section.

How can I find my Gluu Gateway version?#

Your Gluu Gateway version is always visible in the bottom left corner of the Gluu Gateway Admin Panel.

Technical FAQs#

How can I generate an OAuth token?#

Generate an OAuth token during OAuth-PEP authentication by calling the oxd-server endpoint /get-client-token with customer credentials. Read more OAuth generation here.

How can I generate UMA tokens?#

In order to generate an UMA token, follow these steps:

  1. Send a request to the Kong proxy API without a token and get a ticket.

  2. Send a get-client-token request with Consumer oxd_id, client_id and client_secret

  3. Send an uma-rp-get-rpt request with Consumer oxd_id, the ticket from Step 1 and the access token from Step 2.

How can I change the listening address and port?#

By default, Gluu Gateway listens to localhost only, but you can change it manually by configuring the local.js config file using the Configuration section. You just need to update the explicitHost to your global IP or remove this attribute. Read more about the configuration here.

If you require any further support, please open a ticket on the Gluu support portal.