Tag Archives: sso
-
Gluu versus Keycloak
This entry was posted in Gluu and tagged 2fa, api, api access management, api gateway, fido, FOSS, free open source, IAM, OAuth, open source, openid, openid connect, otp, saml, sso, uma on .
From time to time we are asked how Gluu compares to other open source projects. Keycloak is coming up more and more these days, so it’s expedient to just publish our thoughts. 2FA flexibility Currently, Keycloak is limited to using Google Authenticator or FreeOTP as two-factor authentication mechanisms. Gluu ships with out-of-the-box support for many … Read more >>
-
OpenID Connect Implicit Client
This entry was posted in Gluu and tagged authentication, Client Side, JavaScript, Node, openid, openid connect, sso on .
by Rafael Ferreira Toledo Back in 2014, Nat Sakimura wrote a blog post showcasing the ease of OpenID Connect authentication. He used a JavaScript library written by Edmund Jay. It’s a really nice little library, but it needed some updating. So we decided to move it to Github. This post summarizes how to configure an … Read more >>
-
OAuth vs. SAML vs. OpenID Connect
This entry was posted in Gluu and tagged IAM, oauth2, open source, openid connect, saml, sso on .
The Gluu Server is a free open source platform that has both SAML and OAuth2 components. I have been trying to help educate the community for some time on the pro’s and con’s of both infrastructures. Here is a quick overview to help get you oriented! OAuth 2.0 is an authorization framework, not an authentication … Read more >>
-
WebViews are bad — Use AppAuth for Mobile Single Sign-On (SSO)
This entry was posted in Gluu and tagged AppAuth, authentication, Google, Mobile, mobile SSO, OAuth, oauth2, Okta, openid connect, Ping, PKCE, security, sso on .
In a WebView, any malicious code in the page has the same rights as the application. This means you need to make sure to only load trusted content. But there is another risk–a malicious app may also have access to browser content (like cookies) and may snoop passwords or intercept OAuth codes. So if you … Read more >>
-
Roadmap for Higher Education Institutions: Will New Identity Standards Achieve the Promise of Federated Identity?
This entry was posted in Gluu and tagged Authentrication, Authz, oauth2, openid, saml, sso on .
“Market Strength” as defined by the number of applications that will support the protocol. Will New Identity Standards Achieve the Promise of Federated Identity in Higher Education? OAuth2 based identity standards bridge web and mobile security requirements and have critical developer and industry support. See Also: Gluu Protocol Predictions It is harder than you think … Read more >>
-
17 Recommended Requirements for an Identity and Access Management POC
This entry was posted in Gluu and tagged 2fa, IAM, identity and access management, POC, sso, strong authentication, two-factor authentication, WAM on .
We get requests for POC’s quite often. In an attempt to provide tactical guidance to organizations developing an identity and access management POC, the following are our top recommended criteria for evaluation. By adding some or all of these requirements to your POC, your organization can limit vendor lock-in and ensure that the solutions considered … Read more >>
-
OpenID Connect… Call me crazy!
This entry was posted in Gluu and tagged authentication, oauth2, openid connect, Single Sign-On, sso, uma on .
10 Reasons Why OpenID Connect will be ubiquitous for domain authentication “The difficult… I’ll do right now. The impossible may take a little while…” Bob Russell lyrics for Jazz standard “Crazy She Calls Me” OpenID Connect has reached the quorum of votes needed for approval! Check out the launch press release. This under-appreciated event will … Read more >>
