This entry was posted in Gluu and tagged 2fa, api, api access management, api gateway, fido, FOSS, free open source, IAM, OAuth, open source, openid, openid connect, otp, saml, sso, uma on .
From time to time we are asked how Gluu compares to other open source projects. Keycloak is coming up more and more these days, so it’s expedient to just publish our thoughts. 2FA flexibility Currently, Keycloak is limited to using Google Authenticator or FreeOTP as two-factor authentication mechanisms. Gluu ships with out-of-the-box support for many … Read more >>
This entry was posted in Gluu and tagged IAM, oauth2, open source, openid connect, saml, sso on .
The Gluu Server is a free open source platform that has both SAML and OAuth2 components. I have been trying to help educate the community for some time on the pro’s and con’s of both infrastructures. Here is a quick overview to help get you oriented! OAuth 2.0 is an authorization framework, not an authentication … Read more >>
This entry was posted in Gluu and tagged api, application security, OAuth, oauth2, openid, saml, xacml on .
So you want to use OAuth2 bearer tokens to protect your API’s to avoid putting credentials in each request. Great idea! But if you have lots of API’s, you may want to build a central service that takes care of registering clients, and issuing tokens. A good way to do this is to use the … Read more >>
Roadmap for Higher Education Institutions: Will New Identity Standards Achieve the Promise of Federated Identity?This entry was posted in Gluu and tagged Authentrication, Authz, oauth2, openid, saml, sso on .
“Market Strength” as defined by the number of applications that will support the protocol. Will New Identity Standards Achieve the Promise of Federated Identity in Higher Education? OAuth2 based identity standards bridge web and mobile security requirements and have critical developer and industry support. See Also: Gluu Protocol Predictions It is harder than you think … Read more >>
This entry was posted in Gluu and tagged 2fa, Authn, Authz, oauth2, OpenAM, openid connect, saml, siteminder, sso, ubuntu on .
We don’t need SSO, we need trust elevation There is no point in designing a solution that provides just SSO. Today, people are using an array of devices (think IOT). Applications need to understand how (and how long ago) a person has been authenticated, and based on the context of the situation, whether they need … Read more >>
This entry was posted in Gluu and tagged ldap, OAM, oauth2, open source, openid, OSCON, saml, siteminder, sso, two-factor authentication, uma on .
Title: Meet OX : OAuth2 Authentication and API Security Description (400 char): Provide a historical overview of domain authentication services like RADIUS, LDAP, Kerberos and PKI. Review SAML federation tools and rules. Technical deep dive into two profiles of OAuth2: OpenID Connect and UMA. The tutorial will demonstrate how to use OX to launch centralized … Read more >>
This entry was posted in Gluu and tagged 2fa, authentication, saml on .
Ironically, to reset one credential, you need another. And your organization is only as secure as your weakest account recovery credential. Today, websites use a wide array of techniques to enable account recovery. Many rely on control of an email address or a cognitive secret. Manufacturers can associate a serial number with a given customer, … Read more >>