Gluu’s OpenID Connect platform to support multi-party federations
Leveraging the success of SAML multi-party federations in Higher Education, Gluu has proposed a similar design for OpenID Connect, an important new standard for organizational single sign-on and trust...
View ArticleShibboleth Identity Provider (IdP): What it is, and why you should consider a...
Many people are interested in deploying a Shibboleth Identity Provider (IdP) to enable secure organizational single sign-on (SSO). Shibboleth is a free, open-source web single sign-on system with rich...
View ArticleHow does SAML work? IdP’s & SP’s
If you’re doing research on protocols that enable single sign-on, a typical question is, “How does SAML work?” SAML, or Security Assertion Markup Language, is the leading SSO protocol today and is a...
View ArticleIndependent research firm cites Gluu as OpenID Connect Vendor
An October 24, 2012 independent research report on Identity Standards cites Austin, TX startup, Gluu, as one vendor that provides productized support for OpenID Connect. For Immediate Release December...
View ArticleGluu integrates Wikid Systems for affordable, token-less strong two-factor...
The Gluu cloud identity platform now supports Wikid Systems for affordable and secure soft token two-factor authentication to cloud, mobile, and network applications. For Immediate Release Austin, TX,...
View ArticleTop 10 Applications for Multi-Factor Authentication in Higher Education
Strong, multi-factor authentication is one of the most cost efficient ways to reduce security threats within an organization. Although many organizations are hesitant to introduce strong authentication...
View ArticleCloud IAM Q & A w/ Mike Schwartz
What Exactly is Identity Federation? These days, most websites and mobile apps don’t know how to authenticate you. Instead, they call the APIs of services offered by popular “Identity Providers” or...
View ArticleHow & Why Gluu’s open source authorization and authentication platform was...
Today, services like authorization and authentication are delivered via APIs: JSON / REST HTTP “endpoints.” Some of the most popular authentication API’s on the Internet are using different profiles of...
View ArticleOAuth vs. OpenID – What’s the difference?
First of all, saying either OAuth or OpenID is not specific enough. There are at least three versions of both. The IETF OAuth standard is OAuth 2.0, and is an authorization standard. However, you could...
View ArticleSlides: Internet Requirements for Personal Cloud
Mike’s slides from the Personal Cloud Group Meetup at TechRanch Austin 8/6/2013 Requirements for Personal Clouds : Tech Ranch Talk 8/7/13 from Michael Schwartz If you’re interested in learning more...
View ArticleSubmission to Sprint Innovate: Why Sprint should support OpenID Connect
Sprint should support the OpenID Connect protocol for authentication. Sprint has a lot of customers. Telco’s are in a superlative position to authenticate people using mobile devices. However, how can...
View ArticleClik here to view.
Gluu SXSW Interactive Picks
Voting for SXSW interactive sessions has NOW ENDED. Check back in November to see which of our picks made the cut for SXSWi 2014! Who Are You? Gluu CEO Mike Schwartz will talk about the sexiest new...
View ArticleClik here to view.
Gluu Federation Registry Service
Using the Gluu Server, your organization can host a local federation. Watch the video Gluu Multi-Party SAML Federation Demo: OX Open Source if you’d like to see more. But this approach to managing a...
View ArticleClik here to view.
How to Move Away From CA SiteMinder to Open Source Authn / Authz
So you have seen the light: open standards and open source IAM. But what if your organization already has websites that use SiteMinder|OAM|TAM|ClearTrust? To liberate your organization, here is Gluu’s...
View ArticleClik here to view.
Gluu Web Authentication / SSO Protocol Adoption Predictions
Its hard to make accurate predictions about adoption for SSO protocols. Its impossible to make a detailed model when the known inputs are so vast. With that inherent disclaimer about the difficulty of...
View ArticleClik here to view.
Go West Young Federation!
Several countries are helping businesses to start federations. For example, there is the British Business Federation Authority. At the IdentityNext conference last month in the Hague, I was lucky to...
View ArticleClik here to view.
Gluu OSCON Submission
Title: Meet OX : OAuth2 Authentication and API Security Description (400 char): Provide a historical overview of domain authentication services like RADIUS, LDAP, Kerberos and PKI. Review SAML...
View ArticleClik here to view.
Juju OAuth2 Application Security Design Proposal
We don’t need SSO, we need trust elevation There is no point in designing a solution that provides just SSO. Today, people are using an array of devices (think IOT). Applications need to understand how...
View ArticleClik here to view.
OpenID Connect… Call me crazy!
10 Reasons Why OpenID Connect will be ubiquitous for domain authentication “The difficult… I’ll do right now. The impossible may take a little while…” Bob Russell lyrics for Jazz standard “Crazy She...
View ArticleClik here to view.
17 Recommended Requirements for an Identity and Access Management POC
We get requests for POC’s quite often. In an attempt to provide tactical guidance to organizations developing an identity and access management POC, the following are our top recommended criteria for...
View Article
