Forgerock openam tutorial updated 2019
ForgeRock is an open-source identity and access management (IAM) software that automates user management lifecycle for businesses in government, healthcare, retail, financial services, and communication & media. It is an innovative solution that securely connects devices, people, and things, so everything and everyone can easily interact in the modern Internet of Things (IoT) environment. The platform implements the User-managed Access protocol and functions as a federated identity program to help users manage all facets of shared data with all data providers.
ForgeRock combines it customer identity & access and employee SSO management capabilities to bring a comprehensive solution that performs more than a legacy IAM application. Some of its main modules include access management, identity management, identity gateway, directory services, edge security, analysts report, and profile & privacy management.
The ForgeRock Identity Platform offers access management, identity management, user-managed access, directory services and an identity gateway as a unified platform. Single sign-on is a key feature within access management. Capabilities include the following:
- Intelligent authentication
- Mobile authentication
- Push authentication
- Adaptive risk authentication
- Authorization policies and enforcement
- Transactional authorization
- Federation
- Single sign-on
- User self-service and social sign-on
- High-availability and scalability
- Developer friendly and rich standards support
- Adaptable monitoring and auditing services
The ForgeRock Identity Platform was purposefully designed to be a unified platform that includes SSO. Customers can choose what they want and incrementally extend the platform over time.
Overview of ForgeRock
ForgeRock is all-inclusive software that brings enterprise-wide benefits to business of different sizes. Some of its core benefits include:
Scalability and performance
Identity, features, Platform administration console an XUI framework that is built for ease of use. The console supports easier configuration and provides realm-centric administration while presenting a time-saving, common task wizard. The solution offers both stateful and stateless session architecture that support mission-critical and large-scale deployments. The stateless architecture is ideal for massive scale and elastic cloud-based deployments and can easily scale into millions and even billions of identities.
Improved customer experience
The platform provides flexible and modular authentication management that enable companies to limit interruption of the omni channel user experience. It allows you to activate a granular approach to IAM management to deliver enhanced end-user experience while boosting security through increased authentication signals. The platform has a central digital work-space that combines with the privacy & profile dashboard and push notifications for authorized transactions making it easy to comply with the European Union’s GDPR regulations.
Increased security
ForgeRock brings the implementation of User-Managed Access standards to the market. It allows you to visualize data access in real-time and modifies access to your shared data thereby providing an unprecedented control against data access. By providing customers and employees with self-managed data access, the threat of security breaches by inappropriate utilization of authorized data is cut by a great deal.
Markets and Use Cases
Financial services, automotive/manufacturing,media and retail are specific targets for ForgeRock due to their complex access management requirements. This includes Marriott for hospitality, Phillips and McKesson for healthcare, Pearson for education, Geico for insurance and the Government of Norway.
Security Qualifications
Since ForgeRock is not software as a service (SaaS) solution but enables customers to deploy the products on IaaS or PaaS platforms, all security controls and accreditation are provided by the customer and their cloud providers for customer deployments. ForgeRock’s internal information security management system is structured in alignment with ISO 27001, with improvements underway to support future accreditation.
Intelligence
With Intelligent Businesses, Authentication can integrate user signals from authentication, fraud prevention, malware and other security services in one interface. Multiple paths, each evaluating a digital signal can be connected to intelligently adjust login journeys for both legitimate and suspicious users. This provides a fast, secure login experience and minimizes the risk of data breaches and DDoS attacks.
Delivery
The ForgeRock can be deployed on premises or in the cloud. ForgeRock has customers running the ForgeRock platform on-premises, in infrastructure as a service (IaaS) environments such as Amazon and Azure, and in concert with platform as a service (PaaS) offerings such as Cloud Foundry. In addition, ForgeRock has partners like Accenture delivering its platform as an Identity as a service (IDaaS) offering.
Agents
The need for agents depePolicy agents are not essential and provide an integration option for customers who do not wish to alter their existing code base. If all apps use standards, then agents are not needed. Agents are also unnecessary if organizations change their apps to use ForgeRock REST endpoints.
Metrics
ForgeRock Access Management scales to many millions of users and can scale horizontally and vertically with relatively little hardware. Some of the largest deployments include: HSBC (100 million identities), Marriott Hotels (125 million identities), BMW (120 million identities), Tom-tom (44 million identities), Scholastic (50 million identities), State Farm (35 million identities), BBC (25 million identities) and Capital One (30 million identities).
Related Courses