Notes covering ForgeRock® Identity Edge Controller features, fixes, and known issues.

About the IEC

The ForgeRock Identity Edge Controller (IEC) runs on smart edge devices, providing edge privacy and integrity, including secure device attestation. The IEC includes multiple components that work together to enable devices to register securely as identities in ForgeRock Access Management (AM).

The IEC Service and SDK are free to download, evaluate, and use for developing your applications and solutions. ForgeRock offers training and support subscriptions to help you get the most out of your deployment.

These release notes cover the following topics:

  • Known issues open at the time of release

  • Getting support

See the Getting Started guide after you read these Release Notes for an understanding of how the IEC components work together.

Chapter 1. Before You Install

This chapter covers requirements to consider before you run IEC software.

If you have a special request to support a component or combination not listed here, contact ForgeRock at

1.1. Product Dependencies

An IEC installation depends on ForgeRock Access Management (AM) with DS as the identity store. As such, the requirements listed in Before You Install in the AM Release Notes apply.

Chapter 2. What's New

This chapter covers new capabilities in IEC 6.5.0.

2.1. New Features

This is the first release of the IEC software.

2.2. Security Advisories

ForgeRock issues security advisories in collaboration with our customers and the open source community to address any security vulnerabilities transparently and rapidly. ForgeRock's security advisory policy governs the process on how security issues are submitted, received, and evaluated as well as the timeline for the issuance of security advisories and patches.

For details of all the security advisories across ForgeRock products, see Security Advisories in the Knowledge Base library.

Chapter 3. Fixes, Limitations, and Known Issues

This chapter covers the status of key issues and limitations for IEC 6.5.

3.1. Key Fixes

Not applicable to this first release of IEC.

3.2. Limitations

This release has the following limitations:

  • Currently, the IEC and SDK configuration are requested only when their respective processes are restarted.

  • The IEC currently has no offline capability. The functions exposed through the SDK will stop working when the IEC loses its connection to AM.

  • The Edge Identity Manager does not have its own authentication mechanism. You must therefore log in to the AM console and run the Edge Identity Manager alongside the AM console to share the session.

3.3. Known Issues

The following important issues remained open at the time of this release:

  • OPENIEC-13: Flexibility in db location is required

  • OPENIEC-12: Client id names are not validated by the SDK

  • OPENIEC-11: Training environment: No groups displayed for identities

  • OPENIEC-3: Device configuration not returned when added to device or client profile

Chapter 4. Documentation Updates

"Documentation Change Log" tracks important changes to the documentation:

Documentation Change Log

First release of IEC 6.5.0 documentation.

Appendix A. Release Levels and Stability Labels

This appendix includes ForgeRock definitions for product release levels and stability labels.

A.1. ForgeRock Product Release Levels

ForgeRock defines Major, Minor, Maintenance, and Patch product release levels. The release level is reflected in the version number. The release level tells you what sort of compatibility changes to expect.

Release Level Definitions
Release LabelVersion NumbersCharacteristics


Version: x[.0.0] (trailing 0s are optional)

  • Bring major new features, minor features, and bug fixes

  • Can include changes even to Stable interfaces

  • Can remove previously Deprecated functionality, and in rare cases remove Evolving functionality that has not been explicitly Deprecated

  • Include changes present in previous Minor and Maintenance releases


Version: x.y[.0] (trailing 0s are optional)

  • Bring minor features, and bug fixes

  • Can include backwards-compatible changes to Stable interfaces in the same Major release, and incompatible changes to Evolving interfaces

  • Can remove previously Deprecated functionality

  • Include changes present in previous Minor and Maintenance releases

Maintenance, Patch

Version: x.y.z[.p]

The optional .p reflects a Patch version.

  • Bring bug fixes

  • Are intended to be fully compatible with previous versions from the same Minor release

A.2. ForgeRock Product Stability Labels

ForgeRock products support many features, protocols, APIs, GUIs, and command-line interfaces. Some of these are standard and very stable. Others offer new functionality that is continuing to evolve.

ForgeRock acknowledges that you invest in these features and interfaces, and therefore must know when and how ForgeRock expects them to change. For that reason, ForgeRock defines stability labels and uses these definitions in ForgeRock products.

ForgeRock Stability Label Definitions
Stability LabelDefinition


This documented feature or interface is expected to undergo backwards-compatible changes only for major releases. Changes may be announced at least one minor release before they take effect.


This documented feature or interface is continuing to evolve and so is expected to change, potentially in backwards-incompatible ways even in a minor release. Changes are documented at the time of product release.

While new protocols and APIs are still in the process of standardization, they are Evolving. This applies for example to recent Internet-Draft implementations, and also to newly developed functionality.


This feature or interface has been replaced with an improved version, and is no longer receiving development effort from ForgeRock.

You should migrate to the newer version, however the existing functionality will remain.

Legacy features or interfaces will be marked as Deprecated if they are scheduled to be removed from the product.


This feature or interface is deprecated and likely to be removed in a future release. For previously stable features or interfaces, the change was likely announced in a previous release. Deprecated features or interfaces will be removed from ForgeRock products.


This feature or interface was deprecated in a previous release and has now been removed from the product.

Technology Preview

Technology previews provide access to new features that are considered as new technology that is not yet supported. Technology preview features may be functionally incomplete and the function as implemented is subject to change without notice. DO NOT DEPLOY A TECHNOLOGY PREVIEW INTO A PRODUCTION ENVIRONMENT.

Customers are encouraged to test drive the technology preview features in a non-production environment and are welcome to make comments and suggestions about the features in the associated forums.

ForgeRock does not guarantee that a technology preview feature will be present in future releases, the final complete version of the feature is liable to change between preview and the final version. Once a technology preview moves into the completed version, said feature will become part of the ForgeRock platform. Technology previews are provided on an “AS-IS” basis for evaluation purposes only and ForgeRock accepts no liability or obligations for the use thereof.


Internal and undocumented features or interfaces can change without notice. If you depend on one of these features or interfaces, contact ForgeRock support or email to discuss your needs.

Appendix B. Getting Support

ForgeRock provides support services, professional services, training through ForgeRock University, and partner services to assist you in setting up and maintaining your deployments. For a general overview of these services, see

ForgeRock has staff members around the globe who support our international customers and partners. For details on ForgeRock's support offering, including support plans and service level agreements (SLAs), visit

ForgeRock publishes comprehensive documentation online:

  • The ForgeRock Knowledge Base offers a large and increasing number of up-to-date, practical articles that help you deploy and manage ForgeRock software.

    While many articles are visible to community members, ForgeRock customers have access to much more, including advanced information for customers using ForgeRock software in a mission-critical capacity.

  • ForgeRock product documentation, such as this document, aims to be technically accurate and complete with respect to the software documented. It is visible to everyone and covers all product features and examples of how to use them.

Read a different version of :