Mission Critical Authentication
and Authorization

The Gluu Server Overview

The Gluu Server for SSO, 2FA & WAM

Although it’s free to use open source security software, it still costs money for organizations to design, deploy and support a mission critical authentication and authorization service. The Gluu Server can help you lower these costs.

With a Gluu Server, your organization can support open web standards for single sign-on like SAML 2.0 and OpenID Connect, one or more adaptive authentication mechanisms, and UMA, a new profile of OAuth2 for web and API access management.

Organizations typically deploy one, two, or four or more Gluu Servers depending on business requirements for high availability, staging, and development. Our most popular deployment model, Build / Operate, includes building, configuring and monitoring of your servers, and open SSH access for our trained staff to provide hands-on operational support. We also offer a Build / Transfer model for organizations that can not allow outside SSH access to the servers, and a purely open source priority support subscription.

100% Open Source: No License Fees Ever

At Gluu, we strongly believe that open source software is simply the best software available. This is especially true with regard to security software: the more eyes on the code, the more quickly problems are identified and remediated.

Since we started building the Gluu Server, our philosophy has been to use the best available open source software when it’s available, and to write our own open source software to fill in the cracks. For example, Shibboleth was already the world’s leading SAML implementation, and Asimba, formerly known as OpenASelect, had been around for more than a decade.

We started the OX project to address two gaps: (1) “oxTrust” provides a web based app that makes it easier for organizations to centrally manage security; (2) “oxAuth” serves as an OAuth2 provider that implements OpenID Connect and UMA, two new open standards that provide modern, device and API friendly solutions to digital identity and access management.

The Secret Sauce


Gluu uses a proprietary Puppet recipe to deliver Gluu Servers at scale. Puppet allows us to remotely build, manage and support the various open source components in a consistent way.

We wrote the Gluu Server recipe to enable security conscious organizations around the world to deliver an in-house, enterprise class identity and access management service using all open source software.

You’d be hard pressed to build and operate a more robust authentication and authorization service for your organization, with as many features as the Gluu Server, in less time, for less money. Its a utility approach to IAM, on the network of your choice.