Hi Steve, We don't have any live example apps that you can test, but yes, the Gluu Server is being used to get SSO to java apps. You should check out our client software, [oxD](https://oxd.gluu.org/docs). We have [Java libraries for oxD](https://oxd.gluu.org/docs/libraries/java/) that make protecting java applications with OpenID Connect pretty straightforward. Let us know if you have additional questions. Thanks, Will

Wait. The docs talk about a server. I'm already halfway through Gluu integration with my first website - logging in is no problem, but when I try to log out I pass the id_token, the Gluu server can't find the user associated with it - but I really don't want to have to set up a whole new piece of software after I've already spent many hours setting up the Gluu server and have it tweaked just the way I want it. Can I use the oxD client library with my existing Gluu 2.4.3 server? Excited to see that oxD apparently supports TFA. Hoping it supports Google's TFA app.

Incidentally, I know that Gluu is a free product and you charge for support, but the documentation is minimal and as you have pointed out, sample code is nonexistent. This is not good, especially since I'd need to pay thousands of dollars I don't have to get support. (I'm not averse to paying for support, I just don't have the budget for a one-year Gluu support contract at the moment.)

That's why we provide free community support, Steve. We're doing our best to fill in the gaps but it's a big project. The point of oxD is to make it easier to protect your applications with OpenID Connect. It can be used with your existing Gluu Server 2.4.3. Just use the corresponding [oxd 2.4.3 docs](https://oxd.gluu.org/docs/2.4.3/). Perhaps you can open a new ticket with the specific issues you're facing, and one of our engineers can help you find a solution.

Hi, Steve, hi, William. Though this ticket is closed, the discussion seems to continue, so I thought I could contribute a bit to original issue. Steve, Gluu tries to stick to OpenID Connect specs as close as possible (that's one of its selling points), so if you think you don't clearly understand how some flows function, and you can't find an answer at our doc portals, your option is to check [official OIDC documentation portal](http://openid.net/connect/) As you are attempting to send `id_token` for logout, I assume you are trying to employ one of the session management flows (if you need just to logout user from Gluu with least possible effort, you can simply send him to https://<your.gluu.hostname>/idp/logout.jsp url, for example). Are you sure you are following all steps it expects? As William already mentioned, we try to fill the gaps, but until there are some publicly available papers somewhere, it can't be perceived as a gap, though. If you'll happen to find some bug which prevents a correct flow from completion, we'll be ready to jump in and provide you any assistance we can.

Thanks for all of your replies. Yes, I am trying to use implicit flow. The oxD project seems like a great idea to me. I'm going to look into it. I've already cloned and built the client from Github and I plan on building the server today. I will also look into using logout.jsp. I will also review some of the OIDC documentation, which I've been trying to read but it's rather overwhelming because there's a lot of info :) Please understand that I appreciate what you have done with the project so far. Part of my problem was being new to Gluu AND OIDC. Now that I'm familiar with the Gluu server and (at least part of) the OIDC protocol/specs, it's much easier. And I have to say I am impressed with what you have accomplished so far. If I still need help, I will open another ticket.

Also, I prefer to offer solutions rather than just complain :) So once I have everything running, I am going to blog about how I did it, in the hopes that documenting my experiences will make it easier for people implementing OIDC on Gluu in the future.

Thanks, Steve. We want to see more orgs use better security software, and we thought that was only possible through truly open source solutions. It's not a model investors want to get behind though, so we've had to scrape and claw to get this far. We know that there are gaps in the Gluu Server product. We appreciate you and others in the community bringing them to our attention. So, keep up the good work and let us know how we can improve / help! Will

Have you considered offering corporate sponsorships?

Not exactly.. We see paid support contracts as a form of corporate sponsorship. Do you have any examples that I might be able to look at for ideas? Our main goal has been to fund the business through sales. We have about 50 medium to large organizations paying for support. In addition, we're slowly introducing client and mobile software, like [oxD](http://oxd.gluu.org) and [Super Gluu](http://super.gluu.org), that will generate additional revenue. Anyways, would be happy to hear any recommendations you might have! Feel free to email me directly at will[at]gluu.org if you'd prefer to chat outside of support. Thanks, Will