Identity Cloud

Tenant environments

ForgeRock provides you with three or more Identity Cloud tenant environments to let you create an IAM structure that suits your organization:

For a full comparison, refer to Comparison of environment characteristics.

Security architecture

Identity Cloud provides full tenant isolation in a multi-tenant cloud service by using individual trust zones. Each tenant environment is a dedicated trust zone that shares no code, data, or identities with other customers’ environments. This prevents any accidental or malicious commingling. All data is encrypted at rest and in transmission to prevent unauthorized access and data breaches.

Each tenant environment is built from a standard template, hosted using a common technology base, maintained according to a consistent set of processes, and continually upgraded to the latest code base. The infrastructure uses consistency, standardization, and automation to deliver a highly available service.

For further information, refer to FAQ: Identity Cloud security architecture.

Comparison of environment characteristics

General characteristics

Characteristic Sandbox[1] Development UAT[2] Staging Production

Mutable static configuration

Yes

Yes

No

No

No

Part of a promotion pipeline

No

Yes

Yes

Yes

Yes

Highly available

No

No

Yes

Yes

Yes

Max identities supported

10k

10k

Based on your subscription

Based on your subscription

Based on your subscription

Penetration and load testing allowed

No[3]

No[3]

Yes[3]

Yes[3]

No[3]

Uptime monitored with Pingdom

No

Yes

Yes

Yes

Yes

Monitored with statuspage.io

No

No

Yes

Yes

Yes

Personally identifiable information allowed

No

No

Yes

Yes

Yes

Service level agreement

No

No

No

No

Yes

Log retention (days)

1

30

30

30

30

Backup interval (hours)

1

1

1

1

1

Backup retention (days)

3

7

30

30

30

Recovery time objective (RTO) characteristics

Characteristic Sandbox[1] Development UAT[2] Staging Production

Backup and restore RTO

Best effort

Best effort

Best effort

Best effort

1h

In-region disaster recovery RTO

N/A

Best effort

Best effort

Best effort

1h

Multi-region disaster recovery RTO

N/A

Best effort

Best effort

Best effort

8h

Multi-region with Secure Connect disaster recovery RTO

N/A

Best effort

Best effort

Best effort

12h

Copyright © 2010-2024 ForgeRock, all rights reserved.