JWT is NOT an authentication protocol
Many developers who are lukewarm about OAuth 2.0 feel that JWTs (JSON Web Tokens) offer a compact, stateless alternative for authentication. Defined in RFC 7519, JWTs provide a mechanism for sending a JSON object that is optionally signed, and optionally encrypted, as one very compact, url-safe string. The JWT includes up to three components: a […]
OAuth vs. SAML vs. OpenID Connect
Identity is a complicated subject, and the open web protocols for addressing identity online are no less complex. In an effort to help you better understand the landscape, here is an overview of the leading open web standards used for online identity as well as some pro’s and con’s of supporting each infrastructure at your […]
5 reasons you need OpenID Connect and UMA
Over the last 15 years there have been many standards for digital authentication and authorization. Some have seen more adoption than others, but none have provided a “silver bullet” solution to enable secure, universal resource federation at Internet scale. There is still no “one protocol fits all” solution, however don’t tell that to our newest […]
How does SAML work? IDP’s & SP’s
If you’re doing research on protocols that enable single sign-on and attribute exchange, a typical question is, how does SAML work?
Shibboleth IDP: What is it? And why you should consider a bundled platform like Gluu
Many people are interested in deploying a Shibboleth Identity Provider (IDP) to enable SAML single sign-on (SSO). Shibboleth is a free, open-source web single sign-on system that supports rich attribute-exchange based on open standards, most notably SAML. Shibboleth has widespread adoption in higher education and government due to its free open source license, as well as built-in […]
Gluu Server Architecture Overview
Learn more about the components included in the Gluu Server access management platform.
The IAM Building Blocks
Learn more about the components of a comprehensive identity and access management solution.
Gluu Product Datasheet
Learn more about Gluu’s product and offerings.
Gluu Support Matrix
An overview of Gluu support plans, features and SLA’s.
Gluu vs. Competition
Learn more about how the Gluu Server stacks up against other identity and access management products.
Universal 2nd Factor (U2F) is an open authentication standard that strengthens and simplifies two-factor authentication using specialized USB or NFC devices. U2F enables Internet users to securely access any number of online services, with one single device, instantly and with no drivers or client software needed. The technical specifications were launched in late 2014, including […]
OpenID Connect is a simple JSON/REST-based interoperable identity protocol built on top of the OAuth 2.0 family of specifications.
Enterprise UMA (user managed access)
As a profile of OAuth 2.0 that is complementary to OpenID Connect, the user managed access, or “UMA”, specification defines RESTful, JSON-based, standardized flows and constructs for coordinating the protection of APIs and web resources in a way that will be familiar to any developer already acquainted with OAuth. Read the UMA specification document Read the Gluu Server UMA […]
Security Assertion Markup Language 2.0 (SAML 2.0) is a version of the SAML OASIS standard for exchanging authentication and authorization data between security domains.
OAuth 2.0 is the next evolution of the OAuth protocol which provides a method for clients to access server resources on behalf of a resource owner.
The System for Cross-domain Identity Management (SCIM) specification is designed to make managing user identities in cloud-based applications and services easier.
The Lightweight Directory Access Protocol (LDAP) is an application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network.