Using ForgeRock Intelligent Access Journey
To use a ForgeRock Intelligent Access Journey, you must install ForgeRock Access Management and perform the additional configuration steps described in this document.
Before you begin
Complete the steps in the ForgeRock Access Management (ForgeRock AM) installation guide.
About this task
Perform the following configuration steps in the ForgeRock Access Management admin console:
Steps
-
If you do not have an alpha realm in your environment yet:
-
Go to Realms and click New Realm.
-
In the Name field, enter
alpha
. -
Click Use Client-Side Sessions.
-
Click Create to save your configuration.
You should have an alpha realm because it’s best practice to reserve the root realm for administrative operations. Learn more about configuring a realm in Create a new realm.
-
-
Enable goto and redirects for the validation service.
By default, ForgeRock AM denies all goto and redirects after the sign on flow is complete.
-
In the alpha realm, go to Services.
-
If the Validation Service is not in the list of services, click Add a Service and in the Choose a service type drop-down list, select Validation Service.
-
In the Valid goto URL Resources field, enter one or more valid URL patterns to allow.
Example:
-
https://<my-ping_url>:*/*
-
https://<my-ping_url>:*/?
-
-
-
Configure push authentication journeys by completing the steps in the push authentication journeys guide.
-
Optional: To adjust authentication session lifetimes:
-
In the alpha realm, go to Services, click Session, then click Create.
-
On the Dynamic Attributes tab, enter the desired values in the Maximum Session Time and Maximum Idle Time fields.
-
Click Save Changes.
-