Gluu Blog

Follow us:
Back to Blog

Self-service account security with Casa

William Lowe April 23, 2019

tl;dr: To improve the usability of two-factor authentication (2FA), organizations need to offer people self-service tools. That’s why we’ve introduced Casa.

As people interact with an organization’s digital services, from time to time they may need to manage and update their security preferences.

For example, if a user’s account is secured with an OTP mobile app like Google Authenticator, and they lose their smartphone, the old device needs to be removed and a new device needs to be enrolled to maintain strong security.

The Gluu Server is great for supporting the business requirements of authentication and authorization, but it doesn’t include the self-service interfaces end-users need to manage their own account security preferences, like 2FA.

With our new web application, Casa, organizations can offer a self-service portal for people to enroll and manage multiple types of strong authentication to secure their accounts in a Gluu Server, including:

  • FIDO U2F security keys like Yubikeys
  • Our mobile-push app, Super Gluu;
  • Mobile phone numbers for SMS OTP;
  • OTP apps like Google Authenticator;
  • And even OTP devices from providers like RSA.

But Casa is extensible and can be used for more than just “self-service 2FA.”

Casa Plugins give organizations the ability to offer end-users control over social login accounts, trusted devices, which apps have access to their personal data, and more.

So if you’re using the Gluu Server and want to offer customers, partners, and employees a more secure and convenient authentication experience, look no further.

Learn more and find deployment instructions at

Be sure to subscibe to
our RSS Feed

William Lowe

As the marketing and operations leader at Gluu, Will works across channels to ensure the successful release of new products, features and services to Gluu's international community of identity & access management gurus!