Self-Service Account Security with Gluu Casa

To improve the usability of two-factor authentication (2FA), organizations need to offer people self-service tools.  That’s why we’ve introduced Casa.

2 factor authentication

As people interact with an organization’s digital services, from time to time they may need to manage and update their security preferences.

For example, if a user’s account is secured with an OTP mobile app like Google Authenticator, and they lose their smartphone, the old device needs to be removed and a new device needs to be enrolled to maintain strong security.

The Gluu Server is great for supporting the business requirements of authentication and authorization, but it doesn’t include the self-service interfaces end-users need to manage their own account security preferences, like 2FA.

With our new web application, Casa, organizations can offer a self-service portal for people to enroll and manage multiple types of strong authentication to secure their accounts in a Gluu Server, including:

  • FIDO U2F security keys like Yubikeys
  • Our mobile-push app, Super Gluu;
  • Mobile phone numbers for SMS OTP;
  • OTP apps like Google Authenticator;
  • And even OTP devices from providers like RSA.

But Casa is extensible and can be used for more than just “self-service 2FA.”

Casa Plugins give organizations the ability to offer end-users control over social login accounts, trusted devices, which apps have access to their personal data, and more.

So if you’re using the Gluu Server and want to offer customers, partners, and employees a more secure and convenient authentication experience, look no further.

Learn more and find deployment instructions at