User interfaces

To use any IDM UI in a production environment, it must only be accessed in an HTTPS context. You can accomplish this using a separate server (such as an SSL-terminating reverse proxy) or directly configuring the web server hosting the UI files to support HTTPS. The specific implementation choice for using HTTPS is outside the scope of this documentation.

You can use the browser-based admin UIs for configuring and managing users and roles, setting up synchronization between resources, configuring connectors, and more.

The Platform admin UI and the legacy admin UI are independent artifacts. You can install one or both on different Nginx servers or different ports. New deployments should use the Platform admin UI.

Platform admin UI

The Platform admin UI replaces the legacy admin UI for administering standalone IDM. Starting with IDM 8.1, you download it as a separate artifact from the Backstage download site and serve it from either:

A standalone Nginx server.
A Docker container built from the included Dockerfile.

For installation steps, refer to Install the Platform admin UI for standalone IDM.

After installation, you can access the Platform admin UI at the Nginx host and port (for example, http://localhost:8082/platform).

Legacy admin UI

Starting with IDM 8.1, the legacy admin UI is deprecated and is no longer bundled with IDM. New deployments should use the Platform admin UI, which is the replacement for the legacy admin UI.

Both UIs are available as separate downloads from the Backstage download site:

To install the Platform admin UI, follow the steps in Install the Platform admin UI for standalone IDM.
To continue using the legacy admin UI, follow the steps in Install the legacy admin UI.

The legacy admin UI is the administration UI that shipped in earlier releases and is available as a separate download for customers who still depend on it. New deployments should use the Platform admin UI.

For installation steps, refer to Install the legacy admin UI.

After installation, you can access the legacy admin UI at the Nginx host and port (for example, http://localhost:8082/admin).

End User UI

Starting with PingIDM 8.0, the end-user UI is not bundled with PingIDM. You can download and install the end-user UI separately by going to the ForgeRock/end-user-ui GitHub repository and following the guidance in the End-User UI README Quick start. Learn more in Changed functionality.

The end-user UI provides role-based access to tasks based on BPMN2 workflows and allows users to manage certain aspects of their own accounts. End users access the UI at a URL you specify. As an administrator, if IDM is installed on the local system, you can access the end-user UI at https://localhost:8443/. All users, including openidm-admin, can change their password through the end-user UI.

Browser ad blocker extensions can inadvertently block some UI functionality, particularly if your configuration includes strings such as ad. For example, a connection to an Active Directory server might be configured at the endpoint system/ad. To avoid problems related to blocked UI functionality, remove the extension, or configure a safelist to ensure access to the targeted endpoints.