ForgeRock Identity Platform
Does not apply to Identity Cloud

FAQ: AM compatibility with third-party products

Last updated Feb 1, 2022

The purpose of this FAQ is to provide answers to commonly asked questions regarding AM compatibility with third-party products.

1 reader recommends this article

Frequently asked questions

Q. Can I integrate AM with Microsoft Sharepoint?

A. Yes you can. See the following links for further information:

There is a known limitation with Agents and Kerberos™, which means you would need to log in to AM in order for this to work and you would need to use persistent cookies and password replay. An RFE exists to remove the reliance on password replay: AMAGENTS-187 (Enable Agent Kerberos support by reading ticket from Isa session).

Q. Can I integrate AM with Outlook Web Access?

A. Yes, typically integration between AM and Outlook® Web Access (OWA) is achieved using the Password Replay options available via the IIS Web Agent as detailed in Enable Support for IIS Basic Authentication and Password Replay. The documentation only provides an example using Active Directory®; if you use a different user store, you can still use the Password Replay options but should ensure the samaccountname attribute exists in your LDAP server if you require Microsoft Windows logon.


If your users log in to AM via Windows Desktop SSO (Kerberos tokens), the AM Password Replay feature cannot be used since AM does not have access to the users' passwords.

You can also use IG to integrate with OWA. See Get Login Credentials From AM for information to help get you started.

Q. Can I use Facebook, Google or LinkedIn for social authentication in AM?

A. Yes, you can integrate AM with third parties such as Facebook, Google and LinkedIn to provide social authentication using OAuth. See the following links for further information:

Q. Does AM work with other authenticator apps such as Google Authenticator?

A. Yes AM does support other authenticator apps such as Google or Microsoft as follows:

The ForgeRock Authenticator (OATH) module is not compatible with third-party authenticator apps and you should use the ForgeRock Authenticator app with this module for two-factor verification.

Q. Is AM FIPS 140-2 compliant? 

A. See Is the ForgeRock Identity Platform FIPS 140-2 compliant? for further information.

Q. Does AM integrate with the Spring Security framework?

A. The Spring Security framework supports standard OAuth2/OIDC integration, which means it will work with AM. It can also call AM's REST APIs.

Q. Can I use Cisco Unified Communications Manager with AM?

A. Yes you can. Cisco actually provides guidance on this in their own documents, and they integrate it with Microsoft Windows and Active Directory.

See Cisco - Single Sign-On for further information.

Q. Does AM support PostgreSQL?

A. No, PostgreSQL is not supported for the CTS data store, configuration data store or the user data store.

See Directory Server Requirements for further information on the currently supported data stores.

See Also

FAQ: Installing AM

FAQ: Configuring AM

FAQ: Upgrading AM

Related Training

ForgeRock Access Management Core Concepts (AM-400)

Copyright and Trademarks Copyright © 2022 ForgeRock, all rights reserved.