Gluu releases OX 1.0 to GitHub

Organizations can launch their own authentication service, moving off Google, while still adhering to the same OpenID Connect API expected by internal, SaaS and mobile applications.

March 25, 2014 — Austin, TX — Gluu announced today that OX 1.0, its OAuth2-based open source identity and access management platform, has been released on GitHub. OX software enables any Internet domain to offer a responsive, transparent and reliable authentication service.

“After three years of development, we’re excited to announce this 1.0 release of the code,” said Gluu CEO Mike Schwartz. “Security has been too hard for the average domain. Open source domain authentication will enable the decentralization of identity — the key to providing a privacy-protecting infrastructure that will serve a diverse set of global requirements.”

“It is great to see liberally licensed open source implementations of OAuth 2.0 released as it lowers the barrier for organizations to adopt the OAuth 2.0 standard to integrate with partners, vendors and customers,” said digital identity expert and OAuth 2.0 specification editor, Dick Hardt.

Mark Dobrinic, federation specialist and one of the lead developers of the open source Asimba SAML platform said, “it is great to see that Gluu is ready for its 1.0 release of their open source OX platform. Over the last few years a lot of progress has been made in specifications for solving authentication and authorization issues for a next gen Internet experience, but delivering on this is going to make the actual difference. OX does deliver, by providing the tools people need to use these specifications to solve actual problems, using a manageable platform.”

“I see two main features that speak in favor of the Gluu implementation,” added Roland Hedberg, Senior Researcher at Umeå University and co-creator of the OpenID Connect Interop Test Suite: “it has passed all tests for compliance with the standard with flying colors, and it is one of the most complete implementations of OpenID Connect, making it a singularly useful tool.”

The release to GitHub includes several open source components developed by Gluu, including (1) oxAuth, which implements the OpenID Connect and User Managed Access API’s; (2) oxTrust, a web application for oxAuth administration, and for inter-domain trust management; (3) oxPush, an open source mobile two-factor authentication mechanism; (4) SCIM-Client, a library to add users, delete users, modify users, and manage group memberships in the Gluu Server (or any SCIM compliant server); (5) installation scripts that make it easier to deploy the OX platform and requirements.

More information about each can be found on the OX wiki, http://ox.gluu.org. Gluu offers a commercial management service for OX, called the “Gluu Server.” Organizations wishing to see a live demo of the Gluu Server can schedule at http://gluu.youcanbook.me

About Gluu:

Gluu (http://www.gluu.org) is an Austin, TX service provider whose open source authentication and API access management stacks helps companies secure Web and mobile applications. Gluu leverages standards such as OAuth2, OpenID Connect, UMA, SAML 2.0, and SCIM to enable federated single sign-on (SSO) and trust elevation. The Gluu Server is used by universities, government agencies, and companies to secure employee facing and consumer network services.