Secure single sign-on (SSO) for all your web applications

Install oxd to make sending users to any standard OpenID Provider for login -- like Google Plus, Google OAuth or the Gluu Server -- fast, easy, and secure.

                    CommandClient client = null;
try {
  client = new CommandClient(host, port);

  final RegisterSiteResponse site = RegisterSiteTest.registerSite(client, opHost, redirectUrl);
  final GetTokensByCodeResponse tokens = requestTokens(client, site, userId, userSecret);

  GetUserInfoParams params = new GetUserInfoParams();
  params.setOxdId(site.getOxdId());
  params.setAccessToken(tokens.getAccessToken());

  final GetUserInfoResponse resp = client.send(new Command(CommandType.GET_USER_INFO).setParamsObject(params)).dataAsResponse(GetUserInfoResponse.class);
} finally {
  CommandClient.closeQuietly(client);
}
                
              
                session_start();
require_once '../Get_user_info.php';

echo 'Get_user_info';
$get_user_info = new Get_user_info();
$get_user_info->setRequestOxdId($_SESSION['oxd_id']);
$get_user_info->setRequestAccessToken($_SESSION['access_token']);
$get_user_info->request();

print_r($get_user_info->getResponseObject());
                
              
                user = oxc.get_user_info(tokens.access_token)

# The claims can be accessed using the dot notation.
print user.username
print user.website

print user._fields  # to print all the fields

# to check for a particular field and get the information
if 'website' in user._fields:
print user.website
                
              
                def login
  if (params[:code].present?)
    @access_token = @oxd_command.get_tokens_by_code( params[:code] )
  end
    session.delete('oxd_access_token') if(session[:oxd_access_token].present?)
    session[:oxd_access_token] = @access_token
    session[:state] = params[:state]
    session[:session_state] = params[:session_state]
  @user = @oxd_command.get_user_info(session[:oxd_access_token])
end
                
              
                public GetUserInfoResponse GetUserInfo(string host, int port, string accessToken)
                  {
    try
      {
      CommandClient client = new CommandClient(host, port);

      GetUserInfoParams param = new GetUserInfoParams();
      param.setOxdId(StoredValues._oxd_id);
      param.setAccessToken(accessToken);

      Command cmd = new Command(CommandType.get_user_info);
      cmd.setParamsObject(param);

      string response = client.send(cmd);
      GetUserInfoResponse res = new GetUserInfoResponse(JsonConvert.DeserializeObject(response).data);
      Assert.IsNotNull(res);
      return res;
    }
    catch (Exception ex)
    {
      Console.WriteLine(ex.Message);
      Logger.Debug(ex.Message);
      return null;
  }
}
          
        
          try {
  var oxd = require("oxd-node");
  oxd.Request.oxd_id = "your site id"; //REQUIRED
  oxd.Request.access_token = "access_token from OP redirect url"; //REQUIRED
  oxd.get_user_info(oxd.Request,function(response){});
} catch (err) {
  console.log("error:" + err);
}
      
    

Simple API

oxd makes it simple to implement authentication with OpenID Connect Providers in a few lines of code. If your application is programmed in a language we don't have a library for, you can use our simple REST API.

Plugins for popular open source applications and frameworks

oxd plugins for WordPress, Drupal, SugarCRM, SuiteCRM, Magento, RoundCube, Shopify and OpenCart make it easy to secure popular applications and frameworks with OpenID Connect.

Offer two-factor authentication and social login with the Gluu Server

Use the Gluu Server as your OpenID Connect Provider to control how people are authenticated. The Gluu Server ships with support for several authentication mechanisms including social login, FIDO U2F tokens (like Yubikey), and even a free mobile two-factor authentication app called Super Gluu.

oxd Simplifies Application Security

oxd is continually updated to address the latest OAuth 2.0 security knowledge so
you always stay one step ahead of hackers and security vulnerabilities.

Simple Pricing

$ 0.33 USD/day

for each active oxd installation


Signing up for oxd is free and comes with a $50 credit for
charges incurred during the first 60 days of use.

FAQ's


What is oxd?oxd is a mediator: it provides API’s that can be called by a web application that are easier than directly calling the API’s of an OpenID Connect Provider (OP) or an UMA Authorization Server (AS).

Which programming languages and frameworks does oxd have libraries for?Currently oxd has libraries for the following languages and frameworks: Php, Java, Python, Ruby, C#, Node.js, Spring, and Lua. Learn more about each library in our oxd documentation. oxd listens on a linux socket, so if your language isn't listed, you can access oxd REST API via a socket.

How do I get SSO across several websites?You’ll need two things: (1) a central OpenID Connect Provider that holds the passwords and user information; (2) websites that use the OpenID Connect protocol to authenticate users. An easy way to accomplish the first–utilize Google as your OP, or install and configure the free open source Gluu Server using the Linux packages for CentOS, Ubuntu, Debian or Red Hat. The second is accomplished by installing the oxd service on each web server that needs SSO. This provides easy to use local API’s that can be called by your web applications, and enables you to use a number of plugins for popular open source software packages.

Can I use Google or Microsoft Azure Active Directory as my OpenID Connect Provider?oxd works very well with Google. Due to Microsoft's non-standard implementation od OpenID Connect, you will need to tweak oxd to get it working with Microsoft Azure Active Directory.

How is oxd licensed?oxd is commercially licensed. Each time you install oxd you will need to use your license. Active installations are billed $0.33 per day (roughly $10 USD per month per active installation). Get your oxd license today.

Where do I deploy oxd?oxd is deployed on the same server as the web applications you want to protect.

Can I use oxd plugins for social login?Currently the Gluu Server supports Google authentication. In the next release (3.0), Gluu will support a new social login module called Passportjs. This will enable you to use over 300 social login sites, including Facebook or Twitter. Stay tuned!

Can I use oxd plugins for two-factor authentication (2FA)?You can specify a value for “acr,” which provides the OpenID Connect provider with a hint about what kind of authentication to use. The Gluu Server ships with several built in two-factor authentication mechanisms. Two that are very easy to use are FIDO U2F tokens (like Yubikey) and Duo Security. Gluu also has published a free mobile two factor authentication app for iOS and Android called Super Gluu. If you’re a geek, you can write your own custom authentication script in the Gluu Server, and implement support for any kind of strong authentication technology.

Can I purchase support for the Gluu Server or oxd?Yes, for information on paid support, visit our website.