Access Management 7.3.2

Security

These topics are written for administrators that are comfortable securing web applications. Although the topics lay out a comprehensive list of actions to take, security is a very broad subject, and every environment is different; readers are expected to do their own research and complement the information found in these topics.

These topics do not provide guidance on securing specific AM features, such as OAuth 2.0 or SAML v2.0. You will find this information in the topics dedicated to those features.

When you deploy AM, you must ensure that your environment is built and configured with security in mind. This includes:

  • The network infrastructure.

  • The operating system.

  • The container where AM runs.

  • The Java installation and the cryptography settings.

  • The clients and applications that will connect to AM.

  • The CTS store, identity stores, and any other application stores.

  • AM’s own configuration.

ForgeRock® Identity Platform serves as the basis for our simple and comprehensive Identity and Access Management solution. We help our customers deepen their relationships with their customers, and improve the productivity and connectivity of their employees and partners. For more information about ForgeRock and about the platform, see https://www.forgerock.com.