FAQ
ForgeRock Identity Platform
Does not apply to Identity Cloud

FAQ: IDM compatibility with third-party products

Last updated May 19, 2021

The purpose of this FAQ is to provide answers to commonly asked questions regarding IDM compatibility with third-party products.


1 reader recommends this article

Frequently asked questions

Q. What repositories are supported in production?

A. For IDM 7.1, the following repositories are supported for use in production:

  • DS 7.1

By default, IDM uses an embedded DS instance for testing purposes. The embedded instance is not supported in production. If you want to use DS as a repository in production, you must set up an external instance.

  • Oracle MySQL™ version 5.7 and 8.0 with MySQL JDBC Driver Connector/J (at least version 5.1.18).
  • MariaDB version 10.2 and 10.3 with MySQL JDBC Driver Connector/J (at least version 5.1.18).
  • Microsoft® SQL Server™ 2014, 2016, and 2017.
  • Oracle Database 12c, 12c Release 2 (12.2), and 19c.
  • PostgreSQL® 9.6, 10.13, 11.6, and 12.5.
  • IBM® DB2 11 and 11.1.

See Installation Guide › Select a Repository for further information on configuring repositories.

For other versions of IDM, you should check the Release Notes › Before You Install section in the applicable release notes.

Q. Is Amazon Web Services (AWS) RDS supported for production use in IDM?

A. The repositories supported for IDM are also supported in the cloud, which includes AWS RDS. Within AWS RDS, there are several databases available, including AWS Aurora. See Amazon Relational Database Service (RDS) for further information.

However, any configuration issues specific to these cloud-based repositories are outside the scope of ForgeRock support; if you want more tailored advice, consider engaging Deployment Support Services.

Note

There is a known performance issue using AWS Aurora PostgreSQL 1.1 (compatible PostgreSQL v9.6.6) If you are using this version as a repository, you should upgrade to AWS Aurora PostgreSQL 1.3 (compatible PostgreSQL v9.6.9) to avoid introducing performance impacts.

See Amazon Aurora PostgreSQL updates Version 1.3: Fixed a known performance limitation on heavy write workloads that caused waits on the LWLock:buffer_content and IO:ControlFileSyncUpdate events.

Q. Does IDM support MySQL clusters for high availability?

A. IDM has not been tested with MySQL clusters. You should not use a clustered instance for the repository as this can cause major issues for clustering and synchronization, for example, where there is a delay in replication and a query occurs immediately after an update. See Best practice for clustering in IDM for further information.

Q. What version of Activiti is used with IDM?

A. Activiti 5.15 is used in pre-IDM 7. The Activiti workflow engine has been replaced with Flowable in IDM 7.

Q. Does IDM support a remote Activiti installation?

A. No, remote Activiti installations have not been tested with the cREST (Commons REST) API.

Q. Does IDM support the NDB Cluster engine?

A. No, the NDB Cluster engine is not supported; IDM currently only supports the InnoDB engine for MySQL.

Q. Is IDM FIPS 140-2 compliant?

A. ForgeRock supports customers using FIPS 140-2 certified cryptographic modules, which can be used for securing communications (SSL), messages and assertions (for example, SAML assertions, OIDC ID tokens), and credential storage. Most ciphers and other cryptographic algorithms are configurable, and support FIPS-compliant options. ForgeRock can make use of a FIPS 140-2 certified cryptographic module through a standard PKCS#11 interface.

See Also

FAQ: Installing and configuring IDM

FAQ: Upgrading IDM

Release Notes

Installation Guide

Setup Guide

Related Training

N/A


Copyright and Trademarks Copyright © 2021 ForgeRock, all rights reserved.