As people interact with an organization’s digital services, from time to time they may need to manage and update their security preferences.
For example, if a user’s account is secured with an OTP mobile app like Google Authenticator, and they lose their smartphone, the old device needs to be removed and a new device needs to be enrolled to maintain strong security.
The Gluu Server is great for supporting the business requirements of authentication and authorization, but it doesn’t include the self-service interfaces end-users need to manage their own account security preferences, like 2FA.
With our new web application, Casa, organizations can offer a self-service portal for people to enroll and manage multiple types of strong authentication to secure their accounts in a Gluu Server, including:
Casa Plugins give organizations the ability to offer end-users control over social login accounts, trusted devices, which apps have access to their personal data, and more.
So if you’re using the Gluu Server and want to offer customers, partners, and employees a more secure and convenient authentication experience, look no further.
Learn more at https://gluu.org/casa-self-service-2fa/
Create a profile for each user, which includes information such as the user’s geographical location, registered devices, role, and more. Each time someone tries to authenticate, the request is evaluated and assigned a risk score. Depending on the risk score, the user may be required to provide additional credentials.
Configure geo-location to trigger a requirement to use multi-factor authentication (MFA) or take other steps before access is granted to ensure the person is who they say they are since they’re attempting to log in from a location they wouldn’t normally be.
Configure web browsers to require verification. When you log in, you’ll be asked to verify your browser by entering your email, password, and a security code. Once you’ve entered these credentials, your browser will be considered verified.