Blogs

2 people recommend this.
Remember the infosec sea shanty craze ? Then IDPro folks jumped in and we started doing identity sea shanties, because of course. (Darned if I can find them...anyone got a link?) Well, thanks to an internal exercise, I found myself attempting a Shakespearean sonnet about identity and ForgeRock, because I'm nuts. Imagine you're trying to explain what ForgeRock does to Queen Elizabeth I. Among disgraces of security For English subjects all across the land, We find a risky inability To let the right one pass by their own hand — Into a private space they can control, Enabling work and play in ways carefree, Assembling truths ...
1 comment
Be the first person to recommend this.
Decentralized future, crypto-wallets, web3, and more: https://future.a16z.com/decentralized-identity-on-chain-reputation/ #DigitalWallet #DecentralizedIdentity #CyberSecurity
0 comments
2 people recommend this.
Check out this great talk with ForgeRock CTO Eve Maler and PWC's Matt Gorham: #CyberSecurity
0 comments
1 person recommends this.
https://www.brighttalk.com/search/?q=ForgeRock #Webinar
0 comments
1 person recommends this.
More info and register here: https://www.brighttalk.com/webcast/16337/514412 #Webinar
0 comments

ForgeRock in the news

1 person recommends this.
Nice shout-out from a customer: https://www.itnews.com.au/news/anz-banking-group-prepares-for-anzx-launch-571899
0 comments

New to ForgeRock?

Be the first person to recommend this.
The ForgeRock Difference One Platform. All Identities. Any Cloud! Collaborate and learn from the pros and your peers, share knowledge, solutions, tips, and tricks, and accelerate your use of the ForgeRock Identity Platform and ForgeRock Identity Cloud. The ForgeRock Community gives you direct access to a broad and deep network of ForgeRock experts, peers, and partners from around the globe who share real-world best practices and hands-on solutions. We invite you to look around and participate, s earch for answers, join a discussion, or ask our community members a question. Welcome! New to ForgeRock Products? ...
0 comments
1 person recommends this.
9 bundle and 4 bundles, too! https://www.humblebundle.com/books/devops-packt-books
0 comments
3 people recommend this.
This glossary gives a (very) quick overview of the significant actors, roles, and components of a fully-realized Self-Sovereign Identity (SSI) solution. For more formal definitions, please see https://www.w3.org/TR/vc-data-model/#terminology Components Verifiable Credential (VC) A credential which has been generated about a given individual entity (Subject) by an Issuer. A credential is formed as a collection of attributes (or ‘claims’) that describe qualities of the subject. A Verifiable Credential is signed by its Issuer, allowing the receiver of a presentation of that VC (Verifier) to cryptographically prove that the credential was indeed ...
1 comment
1 person recommends this.
In the Identity Cloud Admin UI, click Applications. In the Applications list, find the app name, then click More ( ), and choose Edit. Edit Consumer application details: Application Details Client Credentials Discovery URI AM URL base for OpenID Provider Configuration. Default: http://openam.example.com:8088/openam/oauth2 Client ID Identifier used to register your client with AM’s authorization server, and then used when your client must authenticate to AM. General Settings Name Specify a client name to display to the resource owner when the resource owner ...
0 comments
1 person recommends this.
This is useful when you want to adjust the core authentication properties that apply to a realm. For example, you might want to extend the time limit for responding to an authentication verification email. Use the AM Admin UI to make this kind of change. In the Identity Cloud Admin UI, click Native Consoles > Access Management. In the AM Admin UI, go to> Authentication > Settings. #How-To #IdentityCloud #Authentication #Attributes #Realms ​
0 comments
1 person recommends this.
Welcome to the ForgeRock community! Announcing the next step in the ForgeRock community. If you are wondering what the community actually is, let me give you a bit of background. The membership in the Community is anyone who has a technical interest in the ForgeRock products, and could be Customers, Partners, and indeed our own engineers. The Community is where people can find technical information, and have access to other technical people who have problems similar to theirs, where they can have discussions, and ask for help. We have a long history of working with the community, and of course the Un-Summit is near and dear to my heart. We are ...
0 comments
1 person recommends this.
You can use your own logo and preferred colors in the UI that your app users will see. In the Admin UI, click the realm name to expand the settings menu. Go to Realm Setting > Theme. Realm Logo URL: Logo to use for all end-user UIs including consent pages and application pages. This URL can be overridden in the client application profile. To customize the color of any of the following, enter a hexadecimal color code: Sign-in Background Color Button Color Button Active Color Button Text Button Radius: To customize the size of the button radius, slide the slider to the right to make the button ...
0 comments

Switch Realms

1 person recommends this.
Switch realms when you want to access identities or applications registered to a realm other than the current realm. You must have administrator permissions with the other realm before you can switch to it. In the Admin UI (upper left), open the Realm menu. Click Switch realm. In the Switch Realm dialog box, click Switch. Once you have switched to another realm, you can view its status. If you have appropriate administrator permissions, you can edit realm settings. #Realms #IdentityCloud #How-To
0 comments

Configuring a Realm

1 person recommends this.
Go to the Realms Settings page to view the status (active or inactive) of realms in your tenant, to customize the end-user UI theme, or to delete a realm. Manage realm settings In the Admin UI (upper left), open the Realm menu. Go to Realm Settings > Details . The Status bar indicates whether the realm is Active or Inactive. To take the realm out of service, click Deactivate .When a realm is deactivated, users and devices contained in the realm will not be able to access its applications. Identity and app information is still registered to your identity platform: Name : The realm name is non-configurable. (Optional) DNS Aliases ...
0 comments
1 person recommends this.
Invite other administrators Send invitations to people when you want to authorize them to manage settings for your tenant. In the Admin UI (upper right), open the Tenant menu. Click Invite admins. In the Invite Admins dialog box, enter a comma-separated list of email addresses for the people you want to authorize. Click Send Invitations. Identity Cloud sends an email to each addressee. The invitation will contain instructions for the addressee to set up their administrator account. After the invitee completes the instructions in the invitation email, the invitee becomes an Admin team member. Important: ...
0 comments

Viewing Audit Logs

1 person recommends this.
Identity Cloud stores audit logs for 30 days. Use the /monitoring/logs endpoint to view the stored data. Viewing logs To view the stored logs for a source, use the /monitoring/logs endpoint, specifying the source as a parameter. Example request: curl --get \ --header 'x-api-key: <API-KEY>' \ --header 'x-api-secret: <API-SECRET>' \ --data 'source=am-activity' \ 'https://<tenant-name>.forgeblocks.com/monitoring/logs' Example response: { "result": [ { "payload": "<object>", "timestamp": "<dateTime>", "type": "<string>" ...
0 comments
1 person recommends this.
View tenant details In the Admin UI (upper right), open the Tenant menu. Click Tenant Settings > Details. The Tenant Name is the identifier assigned to the tenant during onboarding and registration. This identifier is not configurable. #IdentityCloud #Tenant #Configuration #How-To
0 comments
2 people recommend this.
Summary: Single-page application OAuth2 clients without a backend have to use CORS, and can no longer rely on cookies. In my previous article, " Building an SSO Client for Your REST APIs with OIDC ", I described how single-page applications (or SPAs) can be built into "the ideal relying party" for a REST API ecosystem. While most of the advice from that article remains accurate and consistent with the best current practices , there are some additional challenges specific to SPA clients that have to be overcome when they operate as a third party. A third-party client is one that is hosted in a different domain than the APIs it calls. This is a very common ...
0 comments