Things are physical objects that can connect with each other, and with other systems through the Internet, without human intervention. Examples include smart home devices, such as window sensors and door locks, smart TVs, health and fitness monitors, and road and speed sensors.
To participate in a connected system, a Thing needs an identity that it uses to authenticate. ForgeRock IoT enables dynamic registration of Things with identities, without human intervention.
As soon as Things connect to a network, they become a security concern. You need to be able to trust and monitor the Things that are connected to your network, and accessing your services or APIs. The ForgeRock Identity Platform®, including ForgeRock IoT, provides standards-based authorization using the OAuth 2.0 authorization framework. It gives you a single view of all the identities in your system—customers, employees, Things, and the relationships between them. ForgeRock IoT also lets you manage offline and constrained devices, and delivers identities to Things at the edge of your network, where the data is being generated.
ForgeRock IoT includes two components:
- IoT SDK
The IoT SDK lets a Thing (either a physical device or a software service) register and authenticate without human interaction. When the thing is registered, it is represented by a digital identity in the ForgeRock Identity Platform, It can then authenticate itself to interact with the platform tier.
The IoT SDK can communicate directly with the platform, using HTTP(S), or through the IoT Gateway, using the Constrained Application Protocol (CoAP(S)).
- IoT Gateway
The IoT Gateway is an application that lets constrained devices interact with the ForgeRock Identity Platform, by acting as a proxy between a thing and the Platform. A constrained device is usually a small device with limited CPU, memory, and power resources (such as sensors, smart objects, and smart devices).
This diagram shows the ForgeRock IoT architecture and components: