Product Q&As
ForgeRock Identity Cloud
ForgeRock Identity Platform

Does the ForgeRock solution support contextual access?

Last updated Jan 23, 2023

The ForgeRock solution can leverage contextual authentication and authorization factors to assess risk at any point during a session, invoking stronger authentication mechanisms only when necessary by evaluating who the user is and their context.


Overview

ForgeRock applies contextual identity, fine-grained authentication, adaptive risk and multi-factor authentication (MFA) at the time of authentication as well as at any point during a digital session. Our continuous security approach ensures the authenticity of people, things and services at all times and can mitigate risk whenever an anomaly is detected.

Contextual authorization is implemented through Intelligent Access journeys and, in certain cases, associated client-side scripting or SDKs, and authorization policies. With Intelligent Access, signals such as context (for example, IP address, operating system, browser, device, time of day), behavior (for example, 'does the user log in at a particular hour', or 'is the location familiar'), and risk-based factors (such as 'is the user accessing sensitive data') can be considered. If an environmental or context attribute changes (for example, the user’s IP address), reauthentication or a stronger credential can be requested.

Authorization policies define the rules upon which authorization decisions are made. Since policy decisions are made at the time of access rather than user authentication, contextual authorization enables continuous real-time authorization decisions based on live data. Predefined objects and methods are available to access the user's profile and session data, together with helper functions allowing access to external resources such as web services and REST services. Additionally, authorization policy scripts can be used to define more complex policy decisions locally or call out to external services for additional information upon which to make a decision.

See Also

Does the ForgeRock solution offer multi-factor authentication (MFA)?

What types of authorization methods and access controls are offered by the ForgeRock solution?

Does the ForgeRock CIAM solution provide Zero Trust Security and a CARTA model of risk?

Does the ForgeRock solution support fraud mitigation?

Identity Cloud documentation:

Identity Platform documentation:


Copyright and Trademarks Copyright © 2023 ForgeRock, all rights reserved.