What are the basic server requirements for a Gluu deployment?

We recommend a virtual machine with at least 2 CPU units, 4 GB of RAM, and around 30GB of disk space.

Where can I deploy the Gluu Server?

Gluu can be deployed on any cloud provider, including Microsoft Azure, Amazon Web Services (AWS), Google Cloud Engine (GCE), and Digital Ocean (DO). For cloud specific notes, please view our VM prep guide.

Why don’t all organizations use Multi-Factor Authentication (MFA)?

While other authentication technologies are more secure then passwords, and more usable, they are more difficult for organizations to deploy. Organizations know how to enroll passwords and how to reset them.

How many users can Gluu handle, and what is the max speed of concurrent logins?

The Gluu Server can be scaled horizontally to handle tens of millions of users. To a large extent, performance is driven by configurations made in the underlying database. A well tested data strategy will yield the best results. And we have the capability to authenticate a billion logins per day. Read the press release

How many Gluu Servers do organizations typically deploy?

Organizations frequently deploy multiple production and development Gluu Servers depending on requirements for high availability, staging, QA and fail over.

Does Gluu perform professional services?

It depends. For most design and architecture projects, we recommend engaging one of our certified partners.

Does Gluu publish its customer list?

The Gluu Server is being used in production at educational institutions, government and non-government organizations, and enterprises around the world. References are available upon request. Feel free to download our most recent case studies here.

Does Gluu support previous releases in production and pre-production environments?

Yes, Gluu supports each release for at least 18 months.

Does Gluu provide any per incident support options?

No, Gluu only provides annual support options. For per incident support, we are happy to introduce you to one of our talented service partners.

Is the Gluu Server free to use in production?

Yes. The Gluu Server is, and always will be, 100% free open source software. Check the docs for more information about licenses in use.

Can I cancel my support subscription at any time?

Either party may terminate the support contract with 30 days written notice.

What happens if I cancel my support subscription?

All named contacts associated with the customer organization will lose enhanced access to our support services.

Open Web Standards

Secure everyone, wherever they are.

The Gluu Server is a commercially backed distribution of open-source identity and access management components, integrated, and working together.

Building your identity service takes work. But with a Gluu support subscription, we can make sure your deployment and operations are successful.

Improve your security and empower your users

Scale

Very large deployments where control of scalability is critical. With Gluu’s cloud-native distribution, you can scale out by adding more servers–automatically on the fly. No matter what your performance requirements are, the Gluu Server can handle it. Gluu is the only identity platform that can take advantage of Couchbase’s next-generation persistence capabilities.

Privacy

Multi-tenant cloud-hosted identity services mix your personal data in a shared database with lots of other customers. It also means that secrets, like user passwords and client credentials, are stored in the cloud. By self-hosting a Gluu Server, you know where your personal data resides. Also, use the UMA protocol to interact with end-users after authentication to gather consent before sharing PII with third parties. This can help your organization comply with GDPR.

Control

The Gluu Server is very flexible. You can add custom code to integrate backend systems at many points in the authentication and authorization workflow. We don’t waste your time with a fancy workflow GUI. We define many interfaces, and let you write a little bit of Python or Java code to implement the exact logic you need to get the job done. Plus, Gluu is based on open-source code. You’ll never again be stuck waiting for a vendor to ship some critical new feature.

Take a closer look at the Gluu Server

Auth Server

The core identity provider software that renders login pages, authenticates clients and issues tokens.

Based on the Linux Foundation Janssen Project, the Gluu Server is one of the most comprehensive OAuth and OpenID Connect Providers.

Casa

An extensible self-service web portal for end-users to view, add and enroll 2FA credentials

What happens when you lose your 2FA credential? With Casa, end-users have a website to remove lost credentials, and to enroll a replacement! FIDO, OTP, Super Gluu, SMS, smart card, and Duo are built in. You can add others via plugins.

Database

Choose LDAP for small deployments and Couchbase for mega-scale.

Choosing the right persistence mechanism is critical for the performance and availability of any identity platform. LDAP has fast performance and good replication. Couchbase offers sharded, multi-datacenter deployments. SQL is coming soon!

Passport

Federation broker for SAML IDPs and social login

If your partners or customers have their own SAML IDP, or you want to use a social identity provider, passport enables you to normalize authentication and to map user claims on a per IDP basis.

Shibboleth SAML IDP

SAML identity provider

Using the Shibboleth IDP, you can achieve SSO with SAML websites (SP's). With the Gluu Server, no need to hand edit confusing XML files--use the admin UI (or config API) to create trust relationships and release attributes to websites.

Admin UI

Easy to use web interface for configuration.

The Admin web UI is nice for ad hoc configuration. You can also use the config API to achieve more automation.

GET STARTED WITH GLUU Or

SPEAK WITH AN EXPERT

Directory Integration

Active Directory

Leverage an existing Microsoft Active Directory (AD) infrastructure as the authoritative source for identities and passwords for SSO using SAML and OpenID.

More than Active Directory

Sync user information and authenticate against any existing LDAP V3 directory server, including OpenLDAP, Oracle Directory Server (ODSEE), Novell Directory, and more.

Multiple Directories

Gluu uses a virtual directory approach to consolidate identities from multiple backend Active Directory and/or LDAP servers. You can also transform user attribute names or values, or even connect to other resources to enrich the data during the synchronization process.

Use Existing Passwords

You can use a different LDAP server for identities and passwords. You can also choose to synchronize passwords (if they were hashed using a supported algorithm) or leave them where they are.

Connecting Identities

Access Management

Central Policy Management

OAuth and federated identity protocols (i.e. SAML and OpenID) can play an important part in a central policy management infrastructure. Gluu can also conditionally render OAuth scopes and user claims based on contextual data to help implement RBAC or ABAC.

Stepped-Up
Authentication

There are several ways in the Gluu Server to implement stepped-up authentication and trust elevation. OpenID Connect clients can force re-authentication if the user’s authentication level is insufficient. You can also use OAuth or UMA to mitigate risk by increasing the strength of the authentication before allowing a high-value transaction.

User Consent
Management

Sometimes you need to get a person’s consent for something after they have been authenticated. One of the best ways to do this is with the UMA protocol. Using interception scripts, you have the flexibility to store user consent records in any application or security backend.

Self-Service MFA

Gluu Casa is revolutionary. It provides a single point of management for end users to view, enroll, and remove MFA authentication credentials,

Single Sign-On

Configure web SSO to any application that supports OpenID Connect or SAML. This critical to improve user experience and productivity.

Mobile SSO

Using the OpenID AppAuth libraries, you can enable SSO to mobile applications without accidentally leaking passwords to third party partners (or hackers!).

Inbound SAML

Leverage the SAML IDPs of your partners to offload credential management and enable end-users to seamlessly access protected resources by bringing their own identity.

Social Login

Support registration and sign-in at Google, Facebook, GitHub or any other popular consumer IDP.

Features and Entitlements

Support and license entitlements for Gluu open source products and services.

Ready to modernize your digital identity?

« Service Partner | Cogito Group | Cyber SecuritySolo Subscription Agreement »

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.