Identity Cloud


The approach to data object modeling consists of three main phases: discovery, rationalization, and implementation.


This stage involves the discovery of the current state of the identity and future requirements, including:

  • Sources of identity information, such as customer databases, directories, and third-party identity providers

  • Business application requirements, including the authorization model and identity data required for operation

  • Authentication requirements

  • Actors and entities within the identity space, including users, roles, and organizations


This stage involves analyzing the results from the discovery phase and defining privileges to deliver a workable object model. This step involves the following:

  • Includes all entities and attributes required for authentication, authorization, and identity management

  • Excludes identity data that is not relevant to business requirements

  • Defines all privileges for access to identity data at the field level

  • Maps all identity data from Identity Cloud to external repositories and vice-versa


This stage involves configuring the managed data object model within the ForgeRock Identity Cloud tenant, following the detailed plan developed during the rationalization phase. This step includes the following configuration:

  • ForgeRock object attributes, roles, and internal privileges

  • Connector definitions for external repositories, including the attributes returned by each connector

  • Synchronization mappings for Identity Cloud to external repositories and vice-versa

Copyright © 2010-2024 ForgeRock, all rights reserved.