Access Management 7.3.2

More than just single sign-on

AM is an all-in-one, centralized access management solution, securing protected resources across the network and providing authentication, authorization, web security, and federation services in a single, integrated solution.

AM is deployed as a simple .war file and provides production-proven platform independence, flexible and extensible components, as well as a high availability and a highly scalable infrastructure. Using open standards, AM is fully extensible, and can expand its capabilities through its SDKs and numerous REST endpoints.

AM is part of the ForgeRock Identity Platform, and provides identity and access management of mobile-ready, cloud, enterprise, social, and partner services. The ForgeRock Identity Platform provides global consumer services across any platform for any connected device or any Internet-connected entity.

The ForgeRock Identity Platform features the following products:

  • ForgeRock Access Management. Context-based access management system. Access Management is an all-in-one industry-leading access management solution, providing authentication, authorization, federation, Web services security, adaptive risk, and entitlements services among many other features. AM is deployed as a simple .war file, featuring an architecture that is platform independent, flexible, and extensible, and highly available and scalable.

  • ForgeRock Identity Management. Cloud-focused identity administration. Identity Management is a lightweight provisioning system, built on resource-oriented principles. IDM is a self-contained system, providing workflow, compliance, synchronization, password management, and connectors. IDM features a next-generation modular architecture that is self-contained and highly extensible.

  • ForgeRock Directory Services. Internet scale directory server. Directory Services provides full LDAP protocol support, multi-protocol access, cross-domain replication, ForgeRock® Common REST framework, SCIM support, and many other features.

  • ForgeRock Identity Gateway. No touch single sign-on (SSO) to enterprise, legacy, and custom applications. Identity Gateway is a reverse proxy server with specialized session management and credential replay functionality. IG works together with AM to integrate Web applications without needing to modify the target application, or the container that it runs in.

  • OpenICF. Enterprise and cloud identity infrastructure connectors. OpenICF provides identity provisioning connections offering a consistent layer between target resources and applications and exposing a set of programming functions for the full lifecycle of an identity. OpenICF connectors are compatible with OpenIDM, Sun Identity Manager, Oracle™ Waveset, Brinqa™ GRC Platform, and so forth.

The following figure illustrates these components:

The ForgeRock Identity Platform features a modular and flexible architecture.
Figure 1. ForgeRock Identity Platform