Five+ years of
Gluu 4 represents 14 years of innovation and teamwork. It's a stable distribution you can rely on for years to come.
Take a closer look at Gluu 4
The core OpenID Connect identity provider and OAuth authorization server that renders login pages, authenticates clients and issues tokens. The oxAuth component of Gluu 4 is one of the most comprehensive OAuth and OpenID Connect Providers available that has submitted numerous certifications.
Casa is both an OOTB authentication flow, and an extensible self-service web portal for end-users to view, add and enroll MFA credentials. What happens when you lose your MFA credential? With Casa, end-users have a website to remove lost credentials, and to enroll a replacement! Plugins are available for FIDO, OTP, Super Gluu, SMS, smart card, and Duo, and more. You can also write your own plugin. MORE INFO
Gluu 4 supports LDAP, Couchbase and RDBMS databases. Choosing the right persistence mechanism is critical for the performance and availability of any identity platform. LDAP is a good choice when your data fits in one server. SQL is great for many situations, but especially when an RDBMS database service is already available. Couchbase is great when you need a sharded, multi-datacenter, self-hosted deployment.
Gluu 4 uses Passport-js as a federation broker for SAML IDPs and social login. Passport enables you to normalize authentication and to map user claims on a per IDP basis. Passport is invoked with via a person interception script, which gives you some more flexibility if you have business specific requirements.
Shibboleth SAML IDP
Using the Shibboleth IDP, you can achieve SSO with SAML websites (SP’s). With the Gluu Server, no need to hand edit confusing XML files–use the admin UI (or config API) to create trust relationships and release attributes to websites. The Gluu oxTrust component renders the configuration you need.
Easy to use web interface for configuration.
The Admin web UI is nice for ad hoc configuration. You can also use the oxTrust config API to achieve more automation.
Features and Entitlements
The Gluu Support Portal is the primary mechanism to triage support if you have a Gluu Subscription that includes support. Refer to your support contract for the severity-based response time guidelines. The Gluu support team is notified 24x7x365 and issues are automatically escalated.
The FIDO registration and authentication pattern adds a cryptographic challenge and response to verify the device was previously registered.
Your Gluu Subscription may include an allocation of hours to schedule ad hoc Zoom calls with the Gluu engineering team. You can use these consultative sessions to review application design, obtain training, or dive deeper into a topic of your choice. Advance notice is required so Gluu can schedule the appropriate resources. Consultative support hours are “use-it-or-lose-it”, i.e. they don’t accumulate.
Functional and Devops Support
Application developers and deployers have different sets of challenges. The former frequently need to know how to use the Gluu Server and the latter how to operate it. Functional support issues are more common at the start of access management projects. DevOps support is critical for the production rollout and subsequent operation.
Prioritization Feature Requests
Feature requests for customers with a Gluu Subscription always get priority attention. Gluu cannot guarantee to add new features based on these requests. This decision is ultimately made by the product team, and in some cases, in collaboration with the open-source community that leads development. But if possible, customer requests are accommodated.