NYC Identity Summit Tech Day: ForgeRock Identity Platform Overview

50 %
50 %
Information about NYC Identity Summit Tech Day: ForgeRock Identity Platform Overview

Published on May 31, 2016

Author: ForgeRock

Source: slideshare.net

1. © 2016 ForgeRock. All rights reserved. Platform Overview

2. © 2016 ForgeRock. All rights reserved. Portals,applications,webservices,API’s • Authentication & Session • Authorization & Policy • Adaptive Risk • Federation • User Data Store • Object Store Access Management Directory Services Consumers & Customers Devices & Things Identity Gateway • API / Mobile Gateway • App / SSO Gateway Policy Agents Standards REST Standards LDAP REST Employees, Partners APIs Enterprise Apps Partners Cloud Apps Mobile REST • Social Registration • Self-Service • Auditing & Reporting • Workflow & Business Logic Identity Management IDM Connectors REST ForgeRock Identity Platform

3. © 2016 ForgeRock. All rights reserved. ForgeRock Engineering Strategy • Simple • Scalable • Modular • Commons • Community Participation

4. © 2016 ForgeRock. All rights reserved. The Need For Commons Core Application Services REST APIs Authentication Logging Configuration Business Logic and Extensions User Interface Mobile Apps UI Framework Client SDK DeveloperServices HTTPServices Database

5. © 2016 ForgeRock. All rights reserved. ForgeRock Commons Projects Core Application Services ForgeRock REST Authentication Framework Audit Configuration Commons Scripting User Interface Mobile Apps ForgeRock UI Mobile SDK APIDescriptor HTTPFramework OpenDJ

6. © 2016 ForgeRock. All rights reserved. CREST and HTTP Framework CREST Features • Single cross product REST API • CRUDPAQ (create, read, update, delete, patch, action, query) • One way to manage users, configuration, and services • Versioning HTTP Framework Features • Lightweight uniform HTTP client and server framework • Used to implement any HTTP service across the stack (CREST, OAuth2, SCIM, … • APIs for common HTTP functionality • Request Routing

7. © 2016 ForgeRock. All rights reserved. API Descriptor Key Features • CREST API to obtain a descriptor for CREST endpoints and services • Descriptor allows dynamic generation of documentation, language bindings • Pre-defined descriptors for common APIs across product • Ability to dynamically create user interface • Core feature of API Management in OpenIG

8. © 2016 ForgeRock. All rights reserved. Audit Framework Key Features • Multiple types of audit events • Multiple targets (audit consumers), pluggable • Correlating events within a transaction • Tamper evident • REST API for read and query • Client helpers • Transformation • Client context and device print

9. © 2016 ForgeRock. All rights reserved. Commons UI Framework Key Components • jQuery • Backbone • Bootstrap Use Cases • End User Pages • Admin Console • User Registration • Password Reset

10. © 2016 ForgeRock. All rights reserved. The ForgeRock Identity Platform UMA Provider Mobile App Synchronization Auditing LDAPv3 REST/JSON Replication Access Control Schema Management Caching Auditing Monitoring Groups Password Policy Active Directory Pass-thru Reporting Authentication Authorization Provisioning User Self-Service Authentication OIDC / OAuth2 Federation / SSO User Self-Service Workflow Engine Reconciliation Password Replay SAML2 Adaptive Risk Stateless/Stateful Registration Aggregated User View Message Transformation API Security Scripting Built from Open Source Projects: UMA Resource Access Management Identity Management Identity Gateway Directory Services CommonRESTAPI CommonUserInterface CommonAudit/Logging CommonScripting

11. © 2016 ForgeRock. All rights reserved. Access Management • Authentication • OAuth/OIDC • SAML2 • Adaptive/Risk • Device Print • Authorization • Stateful/Stateless Architecture • User-Managed Access • Self-service 1 web app 15 min. download to install 6 modules 20k+ Authentications per second

12. © 2016 ForgeRock. All rights reserved. Access Management Architecture ForgeRock REST (Commons REST) Protected Resources Web Agents JavaEE Agents Java/C++ SDK User Interface End UserManagement ForgeRock UI Framework Core Services Authentication Entitlements Session AuditingOAuth Core Token ServiceOIDC Configuration Scripting Self-Service STSSAML2 Risk SPIs Authentication Plugins Policy Plugins User Mgmt Plugins Token Service Plugins Federation Plugins Persistence (OpenDJ) Application Gateway

13. © 2016 ForgeRock. All rights reserved. Identity Management • Provisioning • Synchronization • Reconciliation • Workflow • Connectors • Password Management • Self-service • Registration 1 web app 15 min. download to install 3 modules 72k+ registrations per min.

14. © 2016 ForgeRock. All rights reserved. Identity Management Architecture External Resources OSGI Persistence (OrientDB) ForgeRock UI Framework ForgeRock REST Router Business Logic (Javascript, Groovy, Java) Authentication Filter (JASPI) Jetty Web Server ConfigurationManaged Users Sync/Recon System (Connectors) Scheduler WorkflowAudit/Logs Policy Audit

15. © 2016 ForgeRock. All rights reserved. Identity Gateway • High Scale Reverse Proxy • API Security • Legacy App Security • IoT Gateway • Credential Replay • OpenAM PEP • Token Translation • OAuth2/OIDC/SAML2 • UMA resource server 1 web app 15 min. download to install 1 module 20k+ requests processed / sec

16. © 2016 ForgeRock. All rights reserved. Identity Gateway Architecture Core Processing Http Framework HTTP Framework CookiesHeaders Search Extract Crypto Routes OpenID Connect OAuth2 SAML2 Scripting Audit Filters Handlers

17. © 2016 ForgeRock. All rights reserved. Directory Services • Multiple Database Options • Rapid Deployment • Global Replication • Massive Scale/Performance • Password Management • REST & LDAP APIs • Extensive Security self-contained app 5 min. download to install 1 module 1B+ entries

18. © 2016 ForgeRock. All rights reserved. Directory Architecture ForgeRock REST Core Server Replication AuditingLDAPV3Encryption Monitoring Password Policy Groups Schema Management REST2LDAP Access Control Backend Services Persistence Connectors LDIF MemoryChange Log Java SDK/ LDAPv3 Web Application REST2LDAP ForgeRock REST

19. © 2016 ForgeRock. All rights reserved. Thanks!

Add a comment

Related presentations