Secure single sign-on (SSO) for
all your web applications

Install oxd on each of your application web servers to enable secure authentication and single sign-on (SSO) to any standard OpenID Connect Provider (OP), like Google or the Gluu Server.

Plugins for popular open source
applications and frameworks

oxd plugins make it easy to secure popular open source applications with OpenID Connect.

# echo "deb trusty main" >
# curl | apt-key add - # apt-get update # apt-get install gluu-oxd-server # service gluu-oxd-server start

Easy installation and configuration

Installing oxd is as simple as running a few commands.

Libraries for all your favorite
programming languages

Gluu publishes oxd libraries for php, Python, Java, Node, Ruby and C#, making it easy to secure applications written in any programming language. If your application is programmed in a language we don't have a library for, you can use our simple REST API.

Two-factor authentication
and social login

Using the OpenID Connect “acr” value, your application can request a specific type of authentication like social or two-factor. The Gluu Server ships with support for several two-factor authentication mechanisms including FIDO U2F tokens (like Yubikey), Duo Security, and even our own free mobile two-factor authentication app called Super Gluu.

oxd Simplifies Application Security

By externalizing the OAuth 2.0 code from your application, oxd
makes it easier to stay up-to-date with the latest security fixes.

Get a License

oxd Pricing

The oxd license is free to acquire and even includes a free
$50 credit for charges incurred during the first 60 days of use.

Each time you install the oxd server
you will need to add valid license
details to your oxd config file.

Your account is billed $0.33 USD each
day the installation is active. For
example, one active oxd installation over
a 30 day month will cost $9.90.

A billing summary with usage records
is sent on the first of each month, and
charges run seven days later.

All licenses include a free $50 credit for charges
incurred during the first 60 days of use!


What is oxd?oxd is a mediator: it provides API’s that can be called by a web application that are easier than directly calling the API’s of an OpenID Connect Provider (OP) or an UMA Authorization Server (AS).

Which programming languages and frameworks does oxd have libraries for?Currently oxd has libraries for the following languages and frameworks: Php, Java, Python, Ruby, C#, Node.js, Spring, and Lua. Learn more about each library in our oxD documentation.

How do I get SSO across several websites?You’ll need two things: (1) a central OpenID Connect Provider that holds the passwords and user information; (2) websites that use the OpenID Connect protocol to authenticate users. An easy way to accomplish the first–utilize Google as your OP, or install and configure the free open source Gluu Server using the Linux packages for CentOS, Ubuntu, Debian or Red Hat. The second is accomplished by installing the oxd service on each web server that needs SSO. This provides easy to use local API’s that can be called by your web applications, and enables you to use a number of plugins for popular open source software packages.

Can I use Google or Microsoft Azure Active Directory as my OpenID Connect Provider?Probably, but Google and Microsoft do not support dynamic client registration. If you are successful with this, please let us know! It should work.

How is oxd licensed?oxd is commercially licensed. Each time you install oxd you will need to use your license. Active installations are billed $0.33 per day (roughly $10 USD per month per active installation). Get your oxd license today.

Where do I deploy oxd?oxd is deployed on the same server as the web applications you want to protect.

Can I use oxd plugins for social login?Currently the Gluu Server supports Google authentication. In the next release (3.0), Gluu will support a new social login module called Passportjs. This will enable you to use over 300 social login sites, including Facebook or Twitter. Stay tuned!

Can I use oxd plugins for two-factor authentication (2FA)?You can specify a value for “acr,” which provides the OpenID Connect provider with a hint about what kind of authentication to use. The Gluu Server ships with several built in two-factor authentication mechanisms. Two that are very easy to use are FIDO U2F tokens (like Yubikey) and Duo Security. Gluu also has published a free mobile two factor authentication app for iOS and Android called Super Gluu. If you’re a geek, you can write your own custom authentication script in the Gluu Server, and implement support for any kind of strong authentication technology.

Can I purchase support for the Gluu Server or oxd?Yes, for information on paid support, visit our website.