How It Works

  • Step 1:
    Deploy the Gluu Server

    The Gluu Server is your central authentication server--it's where your applications send users to login, where you store information about people, and where you enable your Super Gluu two-factor authentication service.

  • Step 2:
    Enable Super Gluu

    Now that you have a Gluu Server to handle login for all your web and mobile apps, you can update your default authentication mechanism to Super Gluu. Once enabled, users will be presented with two-factor authentication during login.

  • Step 3:
    Download the App

    Now that Super Gluu is enabled, you need to download the app from the Android or iOS marketplace. Open your app store and search for Super Gluu, or follow the appropriate button below.

  • Step 4:
    Login

    Initiate the login sequence to any application that leverages your Gluu Server for login. When you see a QR code, scan it with your Super Gluu app. Approve the authentication. Now your device is enrolled, and you are securely logged in.

Fast Deployment

Super Gluu authentication is supported out-of-the-box by the Gluu Server. Simply navigate to the Authentication Management tab in your Gluu Server and change the default authentication mechanisms to Super Gluu.

Fun to Use

On your first login attempt you will be presented with a QR code that you can scan with your Super Gluu app. This is how you bind your device and account. On all subsequent login attempts you will receive a push notification alerting you when there is a login attempt against your account.

Secure Crypto

Super Gluu uses the FIDO U2F endpoints on the Gluu Server to implement public/private key cryptography. When authentication happens, there is a challenge response to ensure that the device has the respective private key.

Protected by pin code or thumbprint

In the Super Gluu app you can toggle the use of a Pin code or fingerprint to protect access to your Super Gluu app. With pin or fingerprint security enabled, each time you open the app you will be prompted for authentication.

Optional hardware token

By default the private keys are stored on the mobile device where Super Gluu is installed. To add an additional layer of security, you can bind a U2F BLE-enabled device, like the Vasco SecureClick, to store the private keys. Once enabled, a successful authentication will require approval on Super Gluu and a tap of your U2F device.

Simple Plans for Organization's of All Sizes!

Push Notification
Crypographic Verification
Biometric or Pin Protected
Ad free
Support for Hardware Tokens
Custom Branding
VIP Support
Maintenance Fee
$10,000 per year

* Upgrade to Ad-Free in app. If you need Ad-Free for many users, schedule a call with us to discuss volume pricing.

Frequently Asked Question

Is Super Gluu free to use?
Yes! Super Gluu is a 100% completely free two factor authentication mobile application. We encourage you to tell your friends too!

Can I customize the look and feel of Super Gluu?
No, however, you can use the free open source oxPush3 source code to publish your own custom branded two-factor authentication app. Or you can signup for one of our customization packages.

How do I enable Super Gluu in my Gluu Server?
Simply navigate to the Authentication Management tab within your Gluu Server and change the default authentication mode from Basic to Super Gluu.

Does Gluu provide any professional services around Super Gluu?
It depends on what types of customizations are needed. Best thing to do is just ask!

Can I use Super Gluu with an IDP other than the Gluu Server?
Super Gluu uses the FIDO U2F endpoints built into the Gluu Server to register a public key with the IDP. This is what enables the challenge / response at authentication time and what makes Super Gluu secure. In order to use Super Gluu with an IDP other than the Gluu Server, the IDP would need to support the U2F standard.

Is Super Gluu secure?
Yes! Super Gluu uses the FIDO U2F endpoints built into the Gluu Server to enroll a public key during enrolmment. When an authentication happens, there is a challenge response to ensure that the device has the respective private key.

Where can I use Super Gluu?
Super Gluu can be used for any authentication transaction that happens at your Gluu Server. So, you can use Super Gluu to login to any application that relies on your Gluu Server for authentication.

Leverage the power and security of Super Gluu today!