In this article, we decouple applications from an OAuth authorization server.
Microsoft Azure (Azure) is one of the most popular cloud platforms available. We often integrate with it in different ways. In this article, we'll show you one of those ways, using Azure to provide authentication services and act like a social identity provider. Think of it as a…
API designers need to have a solid understanding of the different forms of authorization introduced by OAuth 2.0. This article attempts to clarify the OAuth 2.0 authorization model and apply it to ForgeRock® Identity Management (IDM) 7.0.
An overview of scripting environment in AM
Updated on 01/11/2021: added OAuth2 Access Token Modification script type
Understand OpenID Connect by analogy and learn how it relates to OAuth2.
Understand core OAuth2 concepts by analogy, and learn how the various ForgeRock® Identity Platform components relate to OAuth2.
In the 7.0 release of the ForgeRock® Identity Platform, there are new ways to integrate some of the products at an API level. These integration patterns follow the OAuth 2.0 set of standards. In particular, IDM REST APIs are now callable using the standard HTTP bearer token header for resource servers. Accordingly, all applications that call IDM REST endpoints must operate as an OAuth 2.0 client.
The "platform-enduser", "platform-admin", and IDM admin UIs are all example applications which are designed to operate as OAuth 2.0 clients. So are the new "platform self-service" authentication nodes within AM. All client applications are expected to obtain an access token from AM, and present it to IDM. With this high-level pattern in mind, getting all of the components working as an integrated platform requires careful configuration of each one.
This article aims to help integrators understand some key configurations and call out common problems you might encounter as you customize them. This is not meant to be step-by-step instructions for getting the platform running. To do this, refer to the excellent product documentation available for running the platform using ForgeOps or by manually setting up it following the instructions in the ForgeRock Identity Platform Setup Guide.
There are numerous ways to restrict and protect REST calls by implementing the correct logic in the proxy layer. ForgeRock…
ForgeRock supported JDBC repositories are generally case-sensitive by default. The IDM default repo, ForgeRock…
In the previous article on this topic, we described the central concepts of Dynamic Linking under PSD2, and what role OAuth2 and…