Identity Cloud

Configure AM for authentication

AM provides the following features to authenticate users:

  • Authentication nodes and trees. AM provides a number of authentication nodes to handle different modes of authenticating users. The nodes must be connected together in a tree to provide multiple authentication paths to users.

AM leaves the authentication process flexible so that you can adapt how it works to your situation. Although the number of choices can seem daunting, once you understand the basic process you will see how AM lets you protect access to a wide range of applications used in your organization.

Authentication happens at realm level in AM. Each realm has its own authentication configuration that is copied from the parent realm at creation time, which may save you some time if you are configuring subrealms.

The following table summarizes the high-level tasks required to configure authentication in a realm:

Task Resources

Configure the required authentication mechanisms

You need to decide how your users are going to log in. For example, you may require your users to provide multiple credentials, or to log in using third-party identity providers, such as Facebook or Google.

Configure the success and failure URLs for the realm

By default, AM redirects users to the UI after successful authentication. No failure URL is defined by default.

Copyright © 2010-2022 ForgeRock, all rights reserved.