Identity Cloud

Key functions

The data object model should support the key functions of an identity platform including one or more of the following:

  • Identification: Occurs when a user or entity makes a claim about their identity when attempting to gain access to a system or resource. For example, a user enters their username or ID to access a system. For more information on how to achieve this via a journey, refer to the login journey.

  • Authentication: Occurs when the user or entity proves their identity to the satisfaction of the access system. For example, a user enters their password or their identity is confirmed through some other process, which is verified by the system. For an overview of authentication, refer to Introduction to Authentication.

  • Authorization: Occurs when the system checks that the user or entity is allowed to access the resource or system after proper identification and authentication. For an overview of authorization, refer to Authorizations and policy decisions.

  • Identity provisioning: Ensures user accounts are created, updated, deleted, and assigned the proper access privileges to resources across applications and systems.

    You can achieve this in various ways in Identity Cloud:

    Item Description

    Application management (current)

    Use a library of templates for OIDC applications that makes the process of registration, provisioning, and configuration quick and easy.

    Bulk import identities

    Use a CSV file to import a set of identities. This is useful when you want to add a large number of identities to Roles and assignments in a single operation.

    Roles and assignments

    Create an entitlements structure that fits the needs of each realm by using roles and assignments.

    Sync identities

    Synchronize identities from an external data store.

    Pass-through authentication

    Use pass-through authentication to validate user passwords via a remote service.

Object modeling key functions
Figure 1. Key functions of the data object model
Copyright © 2010-2024 ForgeRock, all rights reserved.