webinar: identity wars: the unified platform awakens

Copyright © 2015 ForgeRock, all rights reserved. 1

ForgeRock Identity PlatformJohn Barco, VP Product Management

Tim Sedlack, Sr. Product Manager OpenIDM


Founded: 2010 Headquartered in San Francisco with

offices in 6 countries Employees: 350+ Customers: 450+ in 30+ countries Global Reach: 50% international revenue Funding to Date (thru Series C): $52M Investors: Accel Partners, Foundation

Capital and Meritech Capital Partners

Key Facts Mission Statement

THE FORGEROCK IDENTITY PLATFORM CURRENTLY POWERS

MORE THAN 500 MILLION IDENTITIES. IT IS OUR GOAL TO

BECOME THE MARKET LEADER IN DIGITAL TRANSFORMATION AND

SECURITY FOR ENTERPRISE IDENTITY WORLDWIDE.

ForgeRock: At a Glance


Financial Services & Insurance Media Mobile/Service Provider Public Sector Consumer/Retail/Industrial Healthcare

Many Enterprise Customers, Across All Industries, Worldwide

EMEAAmericas

APAC


Legacy World:

• Employee Scale

• Users Only

• “Doorway” Security

• Identity Fragments

• Static Relationships

• Months/Years

• Massive integration

• High TCO

ForgeRock World:

• IoT Scale

• Users, Things, Services

• Continuous Security

• Single View of Customer

• Contextual Relationships

• Weeks/ Months

• Pre-integrated

• Low TCO

The ForgeRock Difference


Por

tals

, app

licat

ions

, web

ser

vice

s, A

PI’s

• AuthN / AuthZ• Adaptive Risk• Federation• Social / Mobile SSO

• Secure Object Store

Access Management

IdentityStore

Consumers / Customers

Devices / Things

IdentityGateway • API / Mobile Gateway

• App / SSO Gateway

Policy Agents

Standards

REST

Standards

LDAP

REST

Employees / Partners

APIs

Enterprise Apps

Cloud Apps

Mobile Apps

REST

• Provisioning / Self-Service• Workflow / Recon / Sync• Business Logic / Rules

Identity Administration

IDM Connectors

REST

ForgeRock Platform


Access Manager

VirtualDirectory

Identity Manager

Mobile Security Suite

Directory Server

Entitlements Server

Enterprise SSO

Identity Governance

Adaptive Access

Web Services Security

Legacy Competition Example: Oracle

Enterprise AppsMobile Apps Things

Acquisition Architecture + Complexity = Massive Integration Effort


Underpinned By Our Powerful Platform

Web Services Security

Session Management Synchronization Auditing

LDAPv3 REST/JSON

Replication Access Control

Schema Management

Caching

Auditing

Monitoring

Groups

Password Policy

Active Directory Synch

Reporting

Authentication Authorization Provisioning Password Management Authentication OpenID Connect

Federation Entitlements Workflow Engine Reconciliation Password Replay OAuth2

Adaptive Risk Single Sign-on Registration Role Provisioning Message

Transformation SAML2

Throttling Scripting

Com

mon

RES

T A

PI

Com

mon

Use

r Int

erfa

ce

Single Integrated, Open Platform

Com

mon

Aud

it/Lo

ggin

g

Com

mon

Scr

iptin

g


Need For Common ServicesBuilding an App is Complex

Core Application Services

REST APIs

Authentication

Logging Configuration

Business Logic and Extensions

User Interface Mobile Apps

UI Framework Client SDK

Dev

elop

er S

ervi

ces

HTT

P Se

rvic

es

Database


ForgeRock CommonsSimplify, Standardize App Development


Common REST (CREST)

Common AuthN Framework

Commons Audit Configuration

Common Scripting


ForgeRock UI Mobile SDK

API

Des

crip

tor

OpenDJ

Com

mon

HTT

P F

ram

ewor

k


Commons Projects ForgeRock REST (CREST) HTTP Framework REST End-Point Protection (Auth Filters) Scripting API Descriptor Audit UI Framework Self-Service


Common REST (CREST)

Common AuthN Framework

Commons Audit Configuration

Common Scripting


ForgeRock UI Mobile SDK

API

Des

crip

tor

OpenDJ

Com

mon

HTT

P F

ram

ewor

k


CREST and HTTP FrameworkCREST Features

Single cross product REST API CRUDPAQ (create, read, update, delete, patch, action, query) One way to manage users, configuration, and services API versioning

HTTP Framework Features Lightweight uniform HTTP client and server framework Used to implement any HTTP service across the stack

(CREST, OAuth2, SCIM, … APIs for common HTTP functionality Request Routing


Scripting Key Features

JavaScript and Groovy JSR 223 Common HTTP Client Binding Sandboxing Script Registry Debugging

Use Cases OpenAM Authentication and Authorization OpenIDM Connectors and Business Logic OpenIG Filters and Handlers


API Descriptor Key Features

Simple way for developers to consume ForgeRock Common REST API.

Descriptor allows dynamic generation of documentation, language bindings

Pre-defined descriptors for common APIs across product

Ability to dynamically create user interface Modeling capabilities that test how API

responds to different options and parameters.


Audit FrameworkKey Features

Multiple types of audit events Multiple targets (audit consumers), pluggable Correlating events within a transaction Correlating events across products Tamper evident REST API for read and query Client helpers Transformation Client context and device print

# Transaction ID

Client AuthN

Session Token

Token Store

# #

# ## #

#

access.csv activity.csv access.csv

#


Common Audit Framework

Activity


Configuration, Token, User Store OpenDJ

Embeddable HA replication High scale REST/JSON and LDAP Embedded or remote Geographic distribution


Self-ServiceKey Components

Set of shared back end services with a pluggable architecture to enable IDM, AM, and DJ to ship with the same self service user interface and core back end services

User self-service for registration, password reset, KBA

Ability to plugin external identity proofing services during registration

Add a custom stage to an existing flow


UI Framework Key Components

jQuery (General utility) + jQuery UI (Widgets) Backbone.js + Require.js (Modular MVC Architecture) Handlebars.js (Templating)

Use Cases End User Pages Admin Console User Registration Password Reset


Platform DemoKey Components

Common UI Common REST Common Audit

Demo Time


Where in the World is ForgeRock?

GovInnovate Summit24 November, 2015 Canberra, Australia

Gartner IAM Summit 7 December, 2015 Las Vegas, Nevada Visit forgerock.com

webinar: identity wars: the unified platform awakens

Technology