About the platform
The ForgeRock® Identity Platform is the only offering for access management, identity management, user-managed access, directory services, and an identity gateway, designed and built as a single, unified platform.
This documentation includes general statements of functionality for the following software:
ForgeRock Access Management 7.4, with Web Agent 2023.9 and Java Agent 2023.9
ForgeRock Identity Management 7.4
ForgeRock Directory Services 7.4
ForgeRock Edge Security module
This documentation describes in general terms the ForgeRock modules that compose the ForgeRock Identity Platform, and indicates where to find the documentation corresponding to each module. This documentation is not meant to serve as a statement of functional specifications. Software functionality may evolve in incompatible ways in major and minor releases, and occasionally in maintenance (patch) releases. Release notes cover many incompatible changes. If you see an incompatible change for a stable interface that is not mentioned in the release notes, please report an issue with the product documentation for that release.
In addition to the modules listed in the preceding section, you can use the following ForgeRock software to enhance platform deployments.
The ForgeRock Identity Platform (AM, IDM, DS, IG, and the platform UI) is supported when running in containers on Kubernetes platforms, including Google Kubernetes Engine (GKE), Amazon Elastic Kubernetes Service (Amazon EKS), Microsoft Azure Kubernetes Service (AKS), and IBM RedHat OpenShift. It is recommended that you have a support contract in place with your Kubernetes platform vendor or partner to resolve any infrastructure or Kubernetes platform-related issues, as ForgeRock supports the identity platform while the Kubernetes vendor or partner provides support for their platform.
Customers are responsible for building images and running containers of the ForgeRock software components using a supported operating system and all required software dependencies.
ForgeRock provides a reference toolset in the forgeops and forgeops-extras Git repositories for automating the deployment of the ForgeRock Identity Platform in Kubernetes. These reference tools are provided for use with Google Kubernetes Engine, Amazon Elastic Kubernetes Service, and Microsoft Azure Kubernetes Service. (ForgeRock supports running the identity platform on IBM RedHat OpenShift but does not provide the reference tools for IBM RedHat OpenShift.)
ForgeRock also publishes reference Docker images for testing and development, but these images should not be used in production. For production deployments, it is recommended that customers build and run containers using a supported operating system and all required software dependencies. Additionally, to help ensure interoperability across container images and the ForgeOps tools, Docker images must be built using the Dockerfile templates as described in the ForgeOps documentation.
ForgeRock’s partner, Midships Limited, offers a Kubernetes deployment accelerator (supported by Midships) for Google Kubernetes Engine (GKE), Amazon Elastic Kubernetes Service (Amazon EKS), Microsoft Azure Kubernetes Service (AKS), and IBM RedHat OpenShift.
Things are physical objects that can connect with each other, and with other systems through the Internet, without human intervention. Examples include smart home devices, such as window sensors and door locks, smart TVs, health and fitness monitors, vehicles, and manufacturing equipment.
To participate in a connected system, a Thing needs an identity that it uses to authenticate, authorize, create relationships, and more. ForgeRock IoT enables dynamic registration, authentication, and authorization of Things with identities, without the need for human intervention.
As soon as Things connect to a network, they become a security concern. You need to be able to trust and monitor the Things that are connected to your network, and accessing your services or APIs. The ForgeRock Identity Platform, including ForgeRock IoT, provides standards-based authorization using the OAuth 2.0 authorization framework. It gives you a single view of all the identities in your system—customers, employees, Things, and the relationships between them. ForgeRock IoT also lets you manage offline and constrained devices, and delivers identities to Things at the edge of your network, where the data is being generated.
See the ForgeRock IoT documentation.
This app allows end users to perform multi-factor authentication and transactional authorization from a registered Android or iOS device. It is designed for use in both multi-factor and passwordless authentication scenarios. It is associated with a Push Authentication Simple Notification Service module that depends on the module described in Intelligent Access modules.