How To's

An overview of scripting environment in AM

Understand OpenID Connect by analogy and learn how it relates to OAuth2.

Understand core OAuth2 concepts by analogy, and learn how the various ForgeRock® Identity Platform components relate to OAuth2.

In the 7.0 release of the ForgeRock® Identity Platform, there are new ways to integrate some of the products at an API level. These integration patterns follow the OAuth 2.0 set of standards. In particular, IDM REST APIs are now callable using the standard HTTP bearer token header for resource servers. Accordingly, all applications that call IDM REST endpoints must operate as an OAuth 2.0 client.

The "platform-enduser", "platform-admin", and IDM admin UIs are all example applications which are designed to operate as OAuth 2.0 clients. So are the new "platform self-service" authentication nodes within AM. All client applications are expected to obtain an access token from AM, and present it to IDM. With this high-level pattern in mind, getting all of the components working as an integrated platform requires careful configuration of each one.

This article aims to help integrators understand some key configurations and call out common problems you might encounter as you customize them. This is not meant to be step-by-step instructions for getting the platform running. To do this, refer to the excellent product documentation available for running the platform using ForgeOps or by manually setting up it following the instructions in the ForgeRock Identity Platform Setup Guide. 

There are numerous ways to restrict and protect REST calls by implementing the correct logic in the proxy layer. ForgeRock…

ForgeRock supported JDBC repositories are generally case-sensitive by default. The IDM default repo, ForgeRock…

In the previous article on this topic, we described the central concepts of Dynamic Linking under PSD2, and what role OAuth2 and…

In 2015, the European Banking Authority issued the revised version of its Payment Services Directive, commonly known as PSD2. Alongside the directive, the EBA produced a set of Regulatory Technical Standards (RTS) on strong customer authentication and secure communication.

The RTS…

In this article, we'll explore the world of JSON web signatures (JWS), focusing specifically on how third parties can access and identify your keys in order to verify your signatures. In a follow up article (LINK), we’ll look at a…

This article provides instructions for a zero downtime upgrade strategy for IDM using a blue/green deployment.