What are the basic server requirements for a Gluu deployment?

We recommend a virtual machine with at least 2 CPU units, 4 GB of RAM, and around 30GB of disk space.

Where can I deploy the Gluu Server?

Gluu can be deployed on any cloud provider, including Microsoft Azure, Amazon Web Services (AWS), Google Cloud Engine (GCE), and Digital Ocean (DO). For cloud specific notes, please view our VM prep guide.

Why don’t all organizations use Multi-Factor Authentication (MFA)?

While other authentication technologies are more secure then passwords, and more usable, they are more difficult for organizations to deploy. Organizations know how to enroll passwords and how to reset them.

How many users can Gluu handle, and what is the max speed of concurrent logins?

The Gluu Server can be scaled horizontally to handle tens of millions of users. To a large extent, performance is driven by configurations made in the underlying database. A well tested data strategy will yield the best results. And we have the capability to authenticate a billion logins per day. Read the press release

How many Gluu Servers do organizations typically deploy?

Organizations frequently deploy multiple production and development Gluu Servers depending on requirements for high availability, staging, QA and fail over.

Does Gluu perform professional services?

It depends. For most design and architecture projects, we recommend engaging one of our certified partners.

Does Gluu publish its customer list?

The Gluu Server is being used in production at educational institutions, government and non-government organizations, and enterprises around the world. References are available upon request. Feel free to download our most recent case studies here.

Does Gluu support previous releases in production and pre-production environments?

Yes, Gluu supports each release for at least 18 months.

Does Gluu provide any per incident support options?

No, Gluu only provides annual support options. For per incident support, we are happy to introduce you to one of our talented service partners.

Is the Gluu Server free to use in production?

Yes. The Gluu Server is, and always will be, 100% free open source software. Check the docs for more information about licenses in use.

Can I cancel my support subscription at any time?

Either party may terminate the support contract with 30 days written notice.

What happens if I cancel my support subscription?

All named contacts associated with the customer organization will lose enhanced access to our support services.

Gluu Videos and Partner Webinars

Featured Video

Mike Schwartz of Gluu.org joins Doc Searls and Jonathan Bennett on FLOSS Weekly. In a world where cloud native and containers are widely used, digital identity poses a critical challenge. No one person knows more about making digital ID work than Schwartz. Gluu is an open source option which offers secure authentication for both internal and external applications in the enterprise.

Gluu Webinars and Demos

OAuth vs. SAML vs. OpenID Connect - Michael Schwartz

OAuth, SAML and OpenID Connect are the most important identity federation protocols in use today. Yet the many security architects struggle to express the differences between them. Front-channel, back-channel, assertion, JWT, claims, attributes, IDP, SP, OP, RP–there is a lot of jargon, and some of it seems to overlap. This compare / contrast session will help you understand the differences.

Each protocol will be given a summary introduction, with references to the parts of the standard that are most commonly used, and which parts are esoteric. The security level of an application is impacted based on the protocol and features used. SAML, OpenID Connect and OAuth offer several profiles, enabling the implementation of both high and low assurance trust frameworks. This topic will also be addressed to help clarify which solutions are best suited for which requirements.

Managing API Security at Scale With Gluu and Tyk

API security, which typically entails the management of access to APIs internally as well as the exposure of APIs in a secure manner externally, is one of the biggest concerns for businesses today. Additionally, they need to consider other aspects of the API management lifecycle such as quotas, versioning, monitoring, analytics and cataloging to become a truly successful API-first business.

So, how do we tackle these challenges? How do we ensure that we have the right foundations for our product to scale and bring value to thousands, if not millions, of users?

Watch the panel discussion featuring Gluu and Tyk, a leading cloud-native, full-lifecycle API management platform, as we look at some of the trends, challenges, and case studies around building, managing and securing APIs at scale.

Identity and Open Banking with OpenIT, hosted by the Kernel

Open banking federations enable banks, third parties, and technical providers to securely exchange data about financial transactions and customers. To accomplish this, we need both “tools and rules”.

The tools include the software and technical standards. The rules include legal agreements and business processes. What results from a successful open banking federation is called TRUST.

This high-level overview will review the common requirements that enable an open banking ecosystem to achieve high security and operational efficiency and enable trusted participants to transact at scale.

Integrating Stytch's SMS OTP authentication with Casa

Multi-factor authentication from Stytch protects your applications by using a second source of validation, like a phone OTP to verify user identity before granting access.

This document will explain how to use Casa’s Stytch interception script along with a Plugin in Casa to enroll a user’s phone number and use the received SMS OTP as a method for 2FA.

For more info visit our Github docs

Gluu’s support for FIDO is multi-tiered

The Gluu Server includes a standalone FIDO server which validates and registers credentials. There is a Casa FIDO plugin to enable users to manage their devices (i.e. register, remove). And Gluu provides a FIDO SCIM extension, which enables applications to list and remove FIDO devices for an end-user (enabling self-service).

Watch this quick demo to see how easy it is to authenticate using TouchID with the Gluu Server.

Gluu supports Apple platform FIDO 2 / WebAuthn authenticators like TouchID

Gluu’s support for FIDO is multi-tiered. The Gluu Server includes a standalone FIDO server which validates and registers credentials. There is a Casa FIDO plugin to enable users to manage their devices (i.e. register, remove). And Gluu provides a FIDO SCIM extension, which enables applications to list and remove FIDO devices for an end-user (enabling self-service).

Watch this quick demo to see how easy it is to authenticate using TouchID with the Gluu Server.

Go Passwordless with AuthenTrend ATKey

ATKey.Pro is a compact FIDO2 key that works seamlessly with the Gluu server, simplifying the authentication process with just a touch.

With this integration, we bring FIDO-certified strong authentication to the widely used Gluu Casa platform for maximum security. It will make it easier for enterprises or organizations to seamlessly roll out strong biometric authentication to reduce costs and risks of a data breach substantially.

Flexible Multifactor Authentication with PrivacyIdEA

PrivacyIDEA is a modular authentication server that can be used to enhance the security of your existing applications like local login, VPN, remote access, SSH connections, access to web sites or web portals with two factor authentication.

Originally used for OTP (One Time Password) authentication devices – being an OTP server. But now, other “devices” like challenge response, U2F, Yubikeys, SSH keys and x509 certificates are also available. It runs on Linux and completely Open Source.

Machine Learning, Biometrics with Gluu and Plurilock

Plurilock leverages state-of-the-art behavioral-biometric, environmental, and contextual technologies to provide invisible, adaptive, and risk-based authentication solutions with the lowest possible cost and complexity

In this 30 minute webinar learn how Plurilock bring behavioral-biometric authentication driven by machine learning to your Gluu deployment

Strengthen identity verification with reliable, device independent anti-spoofing

BioID is a pioneer and the leading player in face liveness detection for assured user presence. BioID’s patented liveness detection substantially raises the assurance level of any online transaction. In this 30 minute webinar learn how Gluu and BioID interception script implements a two-step authentication workflow where username/password is step one, and BioID’s biometric authentication is step two. It’s also possible to implement a one step biometric authentication.

Which MFA is right for your financial institution?

Exclamation Labs Provision discusses the 5 key challenges facing banks and credit unions when selecting a multi-factor authentication solution.

In this webinar:
How to evaluate the best MFA using the 5 criteria of: usability, security, deployability, scalability and affordability
How implementing your MFA solution through an IAM platform reduces security risks
Why separate MFA solutions put your institution at risk

Enable logins without usernames and passwords

WWPass MFA is easy to use–scan the QR code on the computer screen with the WWPass Key mobile application. Enter a PIN or use biometrics… and you’re in.

In this webinar, Gluu and WWPass will provide an overview of the technology, and how to make it work with your Gluu Server.

How to IAM videos

How to build a world-class identity service

The video provides an overview of the Gluu platform, what’s open source, and how to get started. It’s just slides, no demo! But if you just want a quick intro, it’s not a bad place to start.

How to authenticate a billion unique logins a day

This video demonstrates 1 billion logins per day, which includes both simple logins, and more complex logins doing a true OpenID connect web authentication.

Role-Based Access Management

In this webinar, Gluu CEO Mike Schwartz shares a demo he’s been working on that demonstrates how you can configure Gluu Gateway to only allow access to an API to a person with the right role. This trick works for either web or browser based applications, and he shows examples of both.

Using OAuth to implement RBAC on GitHub

Our global partners will help you succeed

Join our Developer Support Community

« Open Source SupportJanssen Project for Linux Foundation »

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.