To improve the usability of multi-factor authentication (MFA), organizations need to offer people self-service tools to help them fly solo and take charge of their identity and access management. That’s why we’ve included Casa with Gluu Solo.
As people interact with an organization’s digital services, from time to time they may need to manage and update their security preferences.
For example, if a user’s account is secured with an OTP mobile app like Google Authenticator, and they lose their smartphone, the old device needs to be removed and a new device needs to be enrolled to maintain strong security.
Cloud-hosted Gluu Server is great for supporting the business requirements of authentication and authorization, but it doesn’t include the self-service interfaces end-users need to manage their own account security preferences, like MFA.
With our web application Casa, organizations can offer a self-service portal for people to enroll and manage multiple types of strong authentication to secure their accounts in their cloud-hosted, single-tenant Gluu Server, including:
Casa Plugins give organizations the ability to offer end-users control over social login accounts, trusted devices, which apps have access to their personal data, and more.
So if you’re using the Gluu Server and want to offer customers, partners, and employees a more secure and convenient authentication experience without the hassle of managing, monitoring, backups, and access control, sign up for Gluu Solo with Casa.
Create a profile for each user, which includes information such as the user’s geographical location, registered devices, role, and more. Each time someone tries to authenticate, the request is evaluated and assigned a risk score. Depending on the risk score, the user may be required to provide additional credentials.
Configure geo-location to trigger a requirement to use multi-factor authentication (MFA) or take other steps before access is granted to ensure the person is who they say they are since they’re attempting to log in from a location they wouldn’t normally be.
Configure web browsers to require verification. When you log in, you’ll be asked to verify your browser by entering your email, password, and a security code. Once you’ve entered these credentials, your browser will be considered verified.