Open Source Digital Identity

The sky’s the limit with the Gluu Server, based on the world’s most
authentication and authorization components.

The Gluu Server is a distribution of open source identity components, integrated together and delivered as a stable supported product. Use Gluu to build an innovative identity platform, the cornerstone of your digital transformation journey.

Why use the Gluu Server to secure your identity perimeter?

Scales to Billions

Need to handle many thousands of authentications per second? If so, it’s better to scale out (by adding more servers), not up (by adding more memory and compute).  Gluu enables you to horizontally scale both the web and persistence resources as needed to meet any level of burstiness.

Cloud Native

Using Kubernetes and other cloud native tools, you can improve the efficiency ofoperation and auto-scale to cost effectively meet demand, without pre-provisioning unnecessary capacity.  The Gluu Server Cloud Native distribution includes everything you need, including Helm charts.

Open Source

Enteprises are moving to open source infrastructure software for a reason:  community-developed software results in more innovation and less bugs. Nothing builds trust like source code. At Gluu, we’re comitted to both leading and contributing to the open source projects which comprise our distribution. 

Extreme Flexibility

The key to the Gluu Server’s success has been its ability to handle all sorts of crazy requirements–quickly. Whether you need to connect legacy data sources, create special audit logs, implement advanced authentication workflows, interact with end users to get consent, add special data into OAuth access tokens, or a myriad of other special requirements–you can get it done with the Gluu Server.  If you can describe it, you can do it with Gluu. The sky’s the limit. 

Business Outcomes

Improved Cybersecurity Posture

Authentication is the front door to your digital enterprise.  The best bang for your buck in security is to improve the lock on that door! Using advanced adaptive authentication techniques, you can stop the hackers before they get in.

Digital Transformation

Digital Identity is the foundation on which all your services are built. It is imperitive to identify not just people, but software that is acting on behalf of people and organizations. Mastering digital identity is a requirement for building the next generation of e-services. Get this right, and you’re organization will be able to roll-out new services more quickly. 

Improved User Experience

People have high expectations. We’re used to using advanced digital services from consumer giants like Google and Apple. We might still listen to music from the 90’s, but no one wants to go back to those old web experiences. With Gluu, you can authenticate like a consumer giant without having to re-invent the wheel–with your branding, and in your language.

Open Web Standards

OpenID Connect

The most modern federated identity protocol based on OAuth, use OpenID to centralize authentication for web and mobile applications. Based on published OpenID Provider conformance profiles, the Gluu Server is the most comprehensive OpenID Connect Provider implementation available.


Everyone knows passwords are not secure. FIDO offers an alternative to passwords–crytpographic authentication using hardware or software. FIDO is not limited to the ubiquitious Yubikeys. Laptops and smart phones are building FIDO into their hardware. Gluu has a full FIDO server stack. Ask us for more details! 

User Managed Access

The UMA standard provides a way to interact with a person post-authentication. A common use case is to get consent. Other use cases arise around asynchronous interactions, like when two people need to sign a check, and maybe one is not online at the moment.  Gluu has a complete UMA 2.0 stack. 

SAML 2.0

SAML is used by lots of existing web applications and SaaS services. It’s old, but reliable. You won’t want to use SAML for mobile applications or SPA’s. But if you have an off-the-shelf application that supports SAML, it’s a reasonable way to integrate it. The Gluu Server maintains SSO across OpenID and SAML websites. 

OAuth 2.0

Plain old OAuth should be your goto strategy to secure API’s. Developers know it, and there are many products and libraries that make it easier. Gluu supports both reference and value tokens (JWTs). And using the Gluu interception scripts, you can call API’s or add business logic to add extra information into access tokens.


If you need to add user information into the Gluu Server, the best way to do so is to call the /Users endpoint using the SCIM protocol.  To do so, you’ll need to present an authorized access token. Network protection is also recommend for the SCIM API. Using SCIM for integration protects you from needing to know database implementation details, like schema. 


The Gluu LDAP Server is our fork of the OpenDJ directory server. While we generally don’t recommend exposing the LDAP interface to the network, sometimes the Gluu LDAP server provides a convenient central publication point for user information. Using the Cache Refresh service, you  can also synchronize data from other LDAP sources.


Gluu ships with a very small Radius Server. It’s not meant for high performance requirements. For scale and concurrency, we recommend the open source Radius server called Radiator.  But if you just have some ad hoc unix logins, and you want to use Super Gluu for authentication, this little Radius server can get the job done for you! 


Virtual Machine

Gluu publishes linux packages for Ubuntu, Debian, Centos and Red Hat.  Customers with a VIP subscription can also use our Cluster Manager deployment tool to quickly setup a highly available cluster of Gluu Servers. 

Cloud Native

Cloud Native is the way to go if you have the skills. There are just so many advantages: auto-scaling, zero downtime updates, declaritive configuration, advanced tooling. We love cloud native. And we’re working hard to keep developing the tools you need to maintain the ease-of-use we’re famous for in the VM world.  


Snaps are a new software distribution strategy. They are similar to mobile application packages–self contained to achieve security isolation (versus traditional unix packages). Many linux distributions now have a Snap installer. It’s a great way to install and update software. We’re proud to offer the Gluu Server on the Snapcraft Store! 

Use Cases

Single Sign-on

SSO is an important use case for employee productivity, and for customer-facing user experience. With Gluu, SSO is maintained simultaneously across OpenID and SAML websites. Gluu also provides some strategies to effect the holy grail of SSO: single logout. 

Mobile Authentication

Mobile applications are different then websites because it’s harder to protect client credentials (i.e. api keys or private keys).  Enabling third party mobile applications to use your authentication securely is also a challenge. Gluu enables you to use best practices for mobile security. 

API Access Management

The Gluu Server is an OAuth Authorization Server (“AS”), one of the important components of any API access management infrastructure. The AS authenticates clients (like websites) and issues access tokens. Gluu supports both  reference tokens and value tokens (i.e. JWT’s) .

Two-factor Authentication

Gluu ships with out-of-the-box support for many 2FA mechanims, like FIDO, OTP, SMS, smart card, Duo, and many more. The Gluu Platform also offers a unique self-service portal called Casa, which enables end users to manage their 2FA credentials, much like they would do at Google. 

Customer Identity and Access

One of the key use cases for Gluu is CIAM.  That’s because Gluu gives you incredible flexibility and control over the user experience and backend integration. If you have millions of customers (or citizens), Gluu is an excellent choice to serve as the central authentication service. 

Identity Brokering

Sometimes your organization is not the source of identity–you may need to rely on a customer or partner’s identity provider. Gluu enables you to rely on a SAML, OpenID or social identity provider, and to map user claims for each to meet the needs of your business.

Why open source?

open source = freedom

Once you implement an access management infrastructure, switching costs are high, and your organization’s bargaining leverage evaporates. Modern organizations are opting for freedom over lock-in.  This is especially true if you are building a product or service around an identity platform, and you don’t want to be held hostage in the future.

open source = innovation

The open source development methodology is an effective way to build infrastructure software that is based on open standards. A community and ecosystem of interested parties collaborating on a project means that more interests can be served in parallel. The Gluu Server lets you tap into that innovation, without giving up the advantages of a supported commercial distribution. 

open source = trust

Hiding the code does not result in more secure code. Hackers don’t need the source code to hack your infrastructure. More eyes on the code leads to better code–fewer bugs per thousand lines of code. Transparency is a best practice.  But trust is also economic. Knowing you have the fundamental right to use the software enables you to trust the code in a way that is difficult for 100% commercial distributions.

Our global partners will help you succeed

Ready to modernize digital identity?

Comparison Chart

80% sw
80% sw
80% sw
Forgerock OpenAM
Tyk website link
IAMSecvision website link
Open Source Digital Identity
WSO2 Identity Server offers AI-driven customer-oriented IAM solutions. With the program, organizations can provide a frictionless, and secure experience to their customers, digitally. The software supports SSO between various logged-in apps for an enhanced digital experience. It enables organizations to federate access to their web and mobile apps across multiple domains with open identity standards, including OIDC, SAML,and WS Federation.
Keycloak is an open-source Identity and Access Management solution which provides modern applications and services to the users. The tool makes it easy to secure services and applications with little to no code. It lets users authenticate via Keycloak rather than using individual applications. This means that their applications don't have to deal with login forms, authenticate users or store users.
Gluu provides Single Sign-on (SSO), Two-factor authentication (2FA), and access management service to different types of companies. The SSO feature offers secure sign-on across OpenID Connect, SAML, and CAS web & mobile applications. Users can choose from a variety of 2FA mechanisms and business logic to enforce strong security everywhere.
API Access Management
Access Request Management
Account Management
Compliance Management
Multi-factor Authentication
Password Management
Passwordless Login
Role Management
Single Sign-On (SSO)
Social Sign On
User Activity Monitoring
Access Monitoring
24/7 (Live rep)
Business Hours
Contact Number/Address
Mountain View, California / +1 650-745-4499
Austin, Texas
Mobile - Android
Mobile - iOS
Mobile - Windows
Mobile - BlackBerry
Installed - Windows
Installed - Mac
Large Enterprises
Medium Business
Small Business
Pricing Model
Free Trial
One-time license
Quotation Based
WSO2 Identity Server


  • Increase Business Agility
  • Improve Security
  • Reduce Operating Cost
  • Increase Employee Productivity And Satisfaction
WSO2 Identity Server


  • Increase Business Agility
  • Improve Security
  • Reduce Operating Cost
  • Increase Employee Productivity And Satisfaction
WSO2 Identity Server


  • Increase Business Agility
  • Improve Security
  • Reduce Operating Cost
  • Increase Employee Productivity And Satisfaction
WSO2 Identity Server


  • Increase Business Agility
  • Improve Security
  • Reduce Operating Cost
  • Increase Employee Productivity And Satisfaction