search
platform

How To's

November 24, 2020 Konstantin Lapine

An overview of scripting environment in AM

October 16, 2020 Jake Feasel

Understand OpenID Connect by analogy and learn how it relates to OAuth2.

October 16, 2020 Jake Feasel

Understand core OAuth2 concepts by analogy, and learn how the various ForgeRock® Identity Platform components relate to OAuth2.

October 15, 2020 Jake Feasel

In the 7.0 release of the ForgeRock® Identity Platform, there are new ways to integrate some of the products at an API level. These integration patterns follow the OAuth 2.0 set of standards. In particular, IDM REST APIs are now callable using the standard HTTP bearer token header for resource servers. Accordingly, all applications that call IDM REST endpoints must operate as an OAuth 2.0 client.

The "platform-enduser", "platform-admin", and IDM admin UIs are all example applications which are designed to operate as OAuth 2.0 clients. So are the new "platform self-service" authentication nodes within AM. All client applications are expected to obtain an access token from AM, and present it to IDM. With this high-level pattern in mind, getting all of the components working as an integrated platform requires careful configuration of each one.

This article aims to help integrators understand some key configurations and call out common problems you might encounter as you customize them. This is not meant to be step-by-step instructions for getting the platform running. To do this, refer to the excellent product documentation available for running the platform using ForgeOps or by manually setting up it following the instructions in the ForgeRock Identity Platform Setup Guide

October 10, 2020 Jason Tejada V…
Introduction

There are numerous ways to restrict and protect REST calls by implementing the correct logic in the proxy layer. ForgeRock…

October 10, 2020 Jason Tejada V…
Introduction

ForgeRock supported JDBC repositories are generally case-sensitive by default. The IDM default repo, ForgeRock…

October 02, 2020 Christian Brindley
Introduction

In the previous article on this topic, we described the central concepts of Dynamic Linking under PSD2, and what role OAuth2 and…

October 02, 2020 Christian Brindley

In 2015, the European Banking Authority issued the revised version of its Payment Services Directive, commonly known as PSD2. Alongside the directive, the EBA produced a set of Regulatory Technical Standards (RTS) on strong customer authentication and secure communication.

The RTS…

September 30, 2020 Christian Brindley
Introduction

In this article, we'll explore the world of JSON web signatures (JWS), focusing specifically on how third parties can access and identify your keys in order to verify your signatures. In a follow up article (LINK), we’ll look at a…

September 29, 2020 Patrick Diligent

This article provides instructions for a zero downtime upgrade strategy for IDM using a blue/green deployment.