Process feedback from Gluu team

We got the following email from Gluu on 23 Oct 2020

We were just looking at this analysis: https://openappstack.net/2019/01/31/comparison-of-free-and-open-source-single-sign-on-solutions.html

It's not accurate, and we were wondering if you could update. Or take it down...

Here are the comments with regard to Gluu:

1. Second factor auth: HOTP/TOTP, FIDO2, SMS, Cert, Duo, Super Gluu are all out of the box, plus many more in our Github repo.

2. Automated client registration: Yes! Gluu has always supported OpenID Dynamic Client Registration. There is also an admin config API which provides another mechanism.

3. Existing helmchart / Easy k8s deployment: Yes, this is open source: https://gluu.org/docs/gluu-server/4.2/installation-guide/install-kubernetes/

4. Architecture / Complexity: Actually, this section is inaccurate for both Gluu and Keycloak. We both support SAML and OpenID Connect, so any compatible client can use either of our services. Gluu does have our own OpenID Connect client api (oxd), which works with any standard OpenID Provider (Keycloak, Gluu or even Google). Net-net, I think this row in the table is just confusing, as the first row (Auth methods), really tells you what you need to know.

5. Backend: LDAP or Couchbase Enteprise (RDBMS coming soon)

6. Github stars is not really a fair metric for Gluu. Gluu is turnkey--we include a database and other components. We distribute the software via Linux packages and containers, not on Github. Most of our community wants binaries they can easily install--they don't want to build the code. So publishing this via Github would not make sense. Also, with regard to development activity, we have several subprojects, whereas Keycloak is a big monolith.

7. Why didn't you look at the certifications: https://openid.net/certification I think if you search for Gluu and Keycloak, you'll see quite a difference in terms of what version is certified, when it was certified, and which tests we're passing.