Identity Cloud


Guide to scripting for ForgeRock® Identity Management.

Scripting lets you extend IDM functionality. For example, you can provide custom logic between source and target mappings, define correlation rules, filters, triggers, and so on. This guide shows you how to use scripts in IDM and provides reference information on the script engine.

IDM supports scripts written in JavaScript, and uses the following libraries:

  • Rhino version 1.7.14 to run JavaScript.

    Rhino has limited support for ES6 / ES2015 (JavaScript version 1.7). For more information, refer to Rhino ES2015 Support.
  • Lodash 3.10.1 and Handlebars 4.7.6 for Rhino scripting.

    Using Handlebars JS in server-side JS scripts requires synchronization; for example:

    var Handlebars = require("lib/handlebars");
    var result = new {
      var template = Handlebars.compile("Handlebars {{doesWhat}}");
      return template({ doesWhat: "rocks!" });
    }, Handlebars)();
  • BouncyCastle 1.67 for signing JWTs.

    The BouncyCastle .JAR file that is bundled with IDM includes the org.bouncycastle.asn1.util.Dump command-line utility. Although this utility is not used directly by IDM, it is possible to reference the utility in your scripts. Due to a security vulnerability in this utility, you should not reference it in your scripts. For more information, refer to the corresponding BouncyCastle issue.

Copyright © 2010-2023 ForgeRock, all rights reserved.