The Talent Awakens: 16 Onboarding and Management Lessons from Star Wars
Webinar: Identity Wars: The Unified Platform Awakens
-
Upload
forgerock -
Category
Technology
-
view
855 -
download
6
Transcript of Webinar: Identity Wars: The Unified Platform Awakens
Copyright © 2015 ForgeRock, all rights reserved. 1
ForgeRock Identity PlatformJohn Barco, VP Product Management
Tim Sedlack, Sr. Product Manager OpenIDM
Copyright © 2015 ForgeRock, all rights reserved. 2
Founded: 2010 Headquartered in San Francisco with
offices in 6 countries Employees: 350+ Customers: 450+ in 30+ countries Global Reach: 50% international revenue Funding to Date (thru Series C): $52M Investors: Accel Partners, Foundation
Capital and Meritech Capital Partners
Key Facts Mission Statement
THE FORGEROCK IDENTITY PLATFORM CURRENTLY POWERS
MORE THAN 500 MILLION IDENTITIES. IT IS OUR GOAL TO
BECOME THE MARKET LEADER IN DIGITAL TRANSFORMATION AND
SECURITY FOR ENTERPRISE IDENTITY WORLDWIDE.
ForgeRock: At a Glance
Copyright © 2015 ForgeRock, all rights reserved. 3
Financial Services & Insurance Media Mobile/Service Provider Public Sector Consumer/Retail/Industrial Healthcare
Many Enterprise Customers, Across All Industries, Worldwide
EMEAAmericas
APAC
Copyright © 2015 ForgeRock, all rights reserved. 4
Legacy World:
• Employee Scale
• Users Only
• “Doorway” Security
• Identity Fragments
• Static Relationships
• Months/Years
• Massive integration
• High TCO
ForgeRock World:
• IoT Scale
• Users, Things, Services
• Continuous Security
• Single View of Customer
• Contextual Relationships
• Weeks/ Months
• Pre-integrated
• Low TCO
The ForgeRock Difference
Copyright © 2015 ForgeRock, all rights reserved. 5
Por
tals
, app
licat
ions
, web
ser
vice
s, A
PI’s
• AuthN / AuthZ• Adaptive Risk• Federation• Social / Mobile SSO
• Secure Object Store
Access Management
IdentityStore
Consumers / Customers
Devices / Things
IdentityGateway • API / Mobile Gateway
• App / SSO Gateway
Policy Agents
Standards
REST
Standards
LDAP
REST
Employees / Partners
APIs
Enterprise Apps
Cloud Apps
Mobile Apps
REST
• Provisioning / Self-Service• Workflow / Recon / Sync• Business Logic / Rules
Identity Administration
IDM Connectors
REST
ForgeRock Platform
Copyright © 2015 ForgeRock, all rights reserved. 6
Access Manager
VirtualDirectory
Identity Manager
Mobile Security Suite
Directory Server
Entitlements Server
Enterprise SSO
Identity Governance
Adaptive Access
Web Services Security
Legacy Competition Example: Oracle
Enterprise AppsMobile Apps Things
Acquisition Architecture + Complexity = Massive Integration Effort
Copyright © 2015 ForgeRock, all rights reserved. 7
Underpinned By Our Powerful Platform
Web Services Security
Session Management Synchronization Auditing
LDAPv3 REST/JSON
Replication Access Control
Schema Management
Caching
Auditing
Monitoring
Groups
Password Policy
Active Directory Synch
Reporting
Authentication Authorization Provisioning Password Management Authentication OpenID Connect
Federation Entitlements Workflow Engine Reconciliation Password Replay OAuth2
Adaptive Risk Single Sign-on Registration Role Provisioning Message
Transformation SAML2
Throttling Scripting
Com
mon
RES
T A
PI
Com
mon
Use
r Int
erfa
ce
Single Integrated, Open Platform
Com
mon
Aud
it/Lo
ggin
g
Com
mon
Scr
iptin
g
Copyright © 2015 ForgeRock, all rights reserved. 8
Need For Common ServicesBuilding an App is Complex
Core Application Services
REST APIs
Authentication
Logging Configuration
Business Logic and Extensions
User Interface Mobile Apps
UI Framework Client SDK
Dev
elop
er S
ervi
ces
HTT
P Se
rvic
es
Database
Copyright © 2015 ForgeRock, all rights reserved. 9
ForgeRock CommonsSimplify, Standardize App Development
Core Application Services
Common REST (CREST)
Common AuthN Framework
Commons Audit Configuration
Common Scripting
User Interface Mobile Apps
ForgeRock UI Mobile SDK
API
Des
crip
tor
OpenDJ
Com
mon
HTT
P F
ram
ewor
k
Copyright © 2015 ForgeRock, all rights reserved. 10
Commons Projects ForgeRock REST (CREST) HTTP Framework REST End-Point Protection (Auth Filters) Scripting API Descriptor Audit UI Framework Self-Service
Core Application Services
Common REST (CREST)
Common AuthN Framework
Commons Audit Configuration
Common Scripting
User Interface Mobile Apps
ForgeRock UI Mobile SDK
API
Des
crip
tor
OpenDJ
Com
mon
HTT
P F
ram
ewor
k
Copyright © 2015 ForgeRock, all rights reserved. 11
CREST and HTTP FrameworkCREST Features
Single cross product REST API CRUDPAQ (create, read, update, delete, patch, action, query) One way to manage users, configuration, and services API versioning
HTTP Framework Features Lightweight uniform HTTP client and server framework Used to implement any HTTP service across the stack
(CREST, OAuth2, SCIM, … APIs for common HTTP functionality Request Routing
Copyright © 2015 ForgeRock, all rights reserved. 12
Scripting Key Features
JavaScript and Groovy JSR 223 Common HTTP Client Binding Sandboxing Script Registry Debugging
Use Cases OpenAM Authentication and Authorization OpenIDM Connectors and Business Logic OpenIG Filters and Handlers
Copyright © 2015 ForgeRock, all rights reserved. 13
API Descriptor Key Features
Simple way for developers to consume ForgeRock Common REST API.
Descriptor allows dynamic generation of documentation, language bindings
Pre-defined descriptors for common APIs across product
Ability to dynamically create user interface Modeling capabilities that test how API
responds to different options and parameters.
Copyright © 2015 ForgeRock, all rights reserved. 14
Audit FrameworkKey Features
Multiple types of audit events Multiple targets (audit consumers), pluggable Correlating events within a transaction Correlating events across products Tamper evident REST API for read and query Client helpers Transformation Client context and device print
# Transaction ID
Client AuthN
Session Token
Token Store
# #
# ## #
#
access.csv activity.csv access.csv
#
Copyright © 2015 ForgeRock, all rights reserved. 16
Configuration, Token, User Store OpenDJ
Embeddable HA replication High scale REST/JSON and LDAP Embedded or remote Geographic distribution
Copyright © 2015 ForgeRock, all rights reserved. 17
Self-ServiceKey Components
Set of shared back end services with a pluggable architecture to enable IDM, AM, and DJ to ship with the same self service user interface and core back end services
User self-service for registration, password reset, KBA
Ability to plugin external identity proofing services during registration
Add a custom stage to an existing flow
Copyright © 2015 ForgeRock, all rights reserved. 18
UI Framework Key Components
jQuery (General utility) + jQuery UI (Widgets) Backbone.js + Require.js (Modular MVC Architecture) Handlebars.js (Templating)
Use Cases End User Pages Admin Console User Registration Password Reset
Copyright © 2015 ForgeRock, all rights reserved. 19
Platform DemoKey Components
Common UI Common REST Common Audit
Demo Time
Copyright © 2015 ForgeRock, all rights reserved. 20
Where in the World is ForgeRock?
GovInnovate Summit24 November, 2015 Canberra, Australia
Gartner IAM Summit 7 December, 2015 Las Vegas, Nevada Visit forgerock.com