Edge Security

Use the ForgeRock Edge Security software to integrate web applications, APIs, microservices, Internet of Things devices, and cloud-based services with the ForgeRock Identity Platform.

Edge Security module:

Edge Security Identity Gateway

Dependencies

The Edge Security Identity Gateway module is not dependent upon any other modules.

Edge Security Identity Gateway module

ForgeRock Identity Gateway helps you integrate web applications, APIs, and microservices with the ForgeRock Identity Platform, without modifying the application or the container where it runs. Based on reverse proxy architecture, it enforces security and access control in conjunction with the Access Management modules.

ForgeRock Identity Gateway software provides the following capabilities:

Protection for IoT services, microservices, and APIs
Policy enforcement
Adaptable throttling, monitoring, and auditing
Secure token transformation
Support for identity standards such as OAuth 2.0, OpenID Connect, SAML 2.0, and UMA 2.0
Password capture and replay
Rapid prototyping

Required modules: none.

Feature	Description	Documentation
Studio	User interface for rapid development and prototyping.	Studio guide
Single sign-on	Single sign-on in a single domain and across domains.	Single sign-on and Cross-domain single sign-on
Password replay	Secure replay of credentials to legacy applications or APIs.	Password replay from AM, Password replay from a database, and Password replay from a file
Policy enforcement	Enforcement of centralized authorization policies for applications requiring Access Management.	Enforce policy decisions from AM and Harden authorization with advice from AM
Federation	OpenID Connect 1.0.	OpenID Connect
OAuth 2.0.	IG as an OAuth 2.0 client and IG as an OAuth 2.0 resource server
SAML 2.0.	SAML 2.0 single sign-on and federation
SAML resources for mobile applications.	Transform OpenID Connect ID tokens into SAML assertions
Finance APIs	Support for OAuth 2.0 Mutual TLS and Financial-Grade APIs.	Validate certificate-bound access tokens and FapiInteractionIdFilter
WebSocket protocol	Detection of requests to upgrade from HTTPS to the WebSocket protocol, and creation of a secure, dedicated tunnel to send and receive WebSocket traffic.	WebSocket traffic
Throttling	Throttling to limit access to protected applications.	Throttling
UMA resource server	Protection for resources and services according to the UMA 2.0 standard.	UMA support
DevOps tooling	Deployment of basic and customized configurations through Docker.	Deployment guide
Integration with ForgeRock Identity Cloud	Protection and integration of APIs and applications with ForgeRock Identity Cloud for authentication and authorization.	Identity Cloud guide
Microgateway	Identity Gateway standalone deployed as a microgateway, securing microservices with OAuth 2.0.	IG as a microgateway
Token Validation Microservice	Platform satellite for introspection of stateful and stateless OAuth 2.0 access tokens.	About the ForgeRock Token Validation Microservice

Feature

Description

Documentation

Studio

User interface for rapid development and prototyping.

Studio guide

Single sign-on

Single sign-on in a single domain and across domains.

Single sign-on and Cross-domain single sign-on

Password replay

Secure replay of credentials to legacy applications or APIs.

Password replay from AM, Password replay from a database, and Password replay from a file

Policy enforcement

Enforcement of centralized authorization policies for applications requiring Access Management.

Enforce policy decisions from AM and Harden authorization with advice from AM

Federation

OpenID Connect 1.0.

OpenID Connect

OAuth 2.0.

IG as an OAuth 2.0 client and IG as an OAuth 2.0 resource server

SAML 2.0.

SAML 2.0 single sign-on and federation

SAML resources for mobile applications.

Transform OpenID Connect ID tokens into SAML assertions

Finance APIs

Support for OAuth 2.0 Mutual TLS and Financial-Grade APIs.

Validate certificate-bound access tokens and FapiInteractionIdFilter

WebSocket protocol

Detection of requests to upgrade from HTTPS to the WebSocket protocol, and creation of a secure, dedicated tunnel to send and receive WebSocket traffic.

WebSocket traffic

Throttling

Throttling to limit access to protected applications.

Throttling

UMA resource server

Protection for resources and services according to the UMA 2.0 standard.

UMA support

DevOps tooling

Deployment of basic and customized configurations through Docker.

Deployment guide

Integration with ForgeRock Identity Cloud

Protection and integration of APIs and applications with ForgeRock Identity Cloud for authentication and authorization.