Access Management 7.3.2

Server overview

AM is a centralized access management server, securing protected resources across the network and providing authentication, authorization, Web security, and federation services in a single, integrated solution. AM manages access to the protected resources by controlling who has access, when, how long, and under what conditions. It centralizes disparate hardware and software services for cloud, enterprise, mobile, and business-to-business (B2B) systems.

AM has a highly modular and flexible architecture.
Figure 1. Architecture

AM features a highly modular and flexible architecture with multiple plugin points to meet any customer deployment. It leverages industry standard protocols, such as HTTP, XML, SOAP, REST, SAML v2.0, OAuth 2.0, OpenID Connect 1.0, and so forth to deliver a high performance, highly scalable, and highly available access management solution over the network. AM services are 100% Java-based, proven across multiple platforms and containers in many production deployments.

AM core server can be deployed and integrated within existing network infrastructures. AM provides the following distribution files:

Distribution Files
File Description

AM-7.3.2.war

The distribution .war file includes the core server code with an embedded DS server. The distribution includes an administrative graphical user interface (GUI) Web console.

During installation, the .war file accesses properties to obtain the fully qualified domain name, port, context path, and the location of the configuration folder. These properties can be obtained from the boot.json file in the AM installation directory, from environment variables, or from a combination of the two. This file is also available to download individually.

AM-crypto-tool-7.3.2.war

AM provides a utility with some cryptographic functionality used for creating Docker images.

This utility is strictly for future use, and is not currently supported.

AM-Soap-STS-Server-7.3.2.war

AM provides a SOAP-based security token service (STS) server that issues tokens based on the WS-Security protocol.(1)

AM-SSOAdminTools-5.1.3.28.zip

AM provides an ssoadm command-line tool that allows administrators to configure and maintain AM as well as create their own configuration scripts.

The zip distribution file contains binaries, properties file, script templates, and setup scripts for UNIX and Windows servers.

AM-SSOConfiguratorTools-5.1.3.28.zip

AM provides configuration and upgrade tools for installing and maintaining your server.

The zip distribution file contains libraries, legal notices, and supported binaries for these configuration tools. Also, you can view example configuration and upgrade properties files that can be used as a template for your deployments.

Config-Upgrader-7.3.2.zip

AM provides a configuration file upgrade tool.

For more information on converting configuration files for import into AM, see the README.md file in the Config-Upgrader-7.3.2.zip file.

Fedlet-7.3.2.zip

AM provides an AM Fedlet, a light-weight SAML v2.0 service provider.

The Fedlet lets you set up a federated deployment without the need of a fully-featured service provider.

IDPDiscovery-7.3.2.war

AM provides an IDP Discovery Profile (SAMLv2 binding profile) for its IDP Discovery service. The profile keeps track of the identity providers for each user.

sample-trees-7.3.2.zip

Clean installs of AM with an embedded data store provide ready-made sample authentication trees to demonstrate how they can be put together.

These sample trees are not installed by default on installs of AM with an external configuration store, or if you are upgrading an existing instance of AM. The sample-trees-7.3.2.zip file contains the sample trees in JSON files,\ ready for import by Amster command-line interface. For information on importing files by using Amster, see Importing Configuration Data in the Amster 7.3.0 User Guide.

Truststore-Utility-7.3.2.zip

AM provides a utility to help with creating a trust store for use with web authentication.

See the readme.md in the ZIP file for instructions, and MFA: Web authentication (WebAuthn) for more information.

(1) AM also provides REST-based STS service endpoints, which you can directly utilize on the AM server.

The ForgeRock BackStage download site hosts downloadable versions of AM, including a .zip file with all of the AM components, the .war file, AM tools, the configurator, web and Java agents, and documentation. Verify that you review the Software License and Subscription Agreement presented before you download AM files.

ForgeRock offers the services you need to deploy AM commercial builds into production, including training, consulting, and support.