Forgerock Identity Management Core Concepts

Duration: 5 days

Industry: Information Technology

About this course

Forgerock Identity Management Core Concepts Course

The ForgeRock Identity Management Core Concepts course is for students who want to learn how to implement ForgeRock® Identity Management (IDM) to manage the lifecycle and relationship of digital identities within the context of a Customer Identity and Access Management solution (CIAM), and the integration with the ForgeRock Identity Platform™.

For more information please check this page from Forgerock.

Who can benefit?

The following are the target audiences for this course:

  • System Integrators
  • System Consultants
  • System Architects
  • System Administrators

This is what you'll learn

  • Introduce IDM and explore the fictitious ForgeRock Entertainment Company (FEC) CIAM solution
  • Install IDM and examine the default interfaces
  • Deploy and manage IDM as a development project
  • Perform basic IDM troubleshooting
  • Configure the default user registration process
  • Configure the User Self-Service functions, including password reset, forgotten username, and KBA options
  • Add a custom field to the End User UI registration page
  • Delegate the administration privileges of account properties to a group of users
  • Configure social identity providers
  • Integrate IDM with the ForgeRock Identity Platform
  • Use the REST interface to access IDM
  • Connect to external resources using OpenICF
  • Perform basic synchronization
  • Run selective synchronization and LiveSync
  • Configure role-based provisioning
  • Manage user preferences
  • Configure privacy and consent
  • Enable progressive profiling and add terms and conditions
  • Enable the profile and privacy management dashboard
  • Manage a basic relationship within the managed user object
  • Model relationships based on a given use case
  • Manage a relationship between a user and device
  • Deploy and test a given workflow
  • Explore the beginnings of creating a workflow

Chapter 1: Introducing IDM and Getting Started

Lesson 1: Introducing IDM and Exploring the FEC Solution

  • Describe how IDM is used in the ForgeRock Identity Platform to deliver a CIAM solution
  • Demonstrate each of the core concepts from an end user and administrator perspective

Lesson 2: Installing IDM

  • Describe the basic IDM installation requirements for deploying IDM
  • Install and start IDM for the first time and explore the default UIs
  • Start IDM with the CSV sample configuration and run the sample
  • Start IDM with the LDAP sample configuration and run the sample

Lesson 3: Deploying and Managing IDM as a Project

  • Set up a new IDM project for development
  • Configure IDM to run as a background process

Lesson 4: Performing Basic IDM Troubleshooting

  • Examine the different log files in IDM
  • Get additional help troubleshooting outside of IDM

Chapter 2: Enabling User Registration and Self-Service

Lesson 1: Configuring the Default User Registration Process

  • Configure the outbound email service
  • Enable email-based self-registration

Lesson 2: Configuring IDM User Self-Service

  • Enable email-based password reset and username retrieval
  • Expand the KBA options
  • Add a custom field to the Self-Service UI registration page

Lesson 3: Delegating Administration Privileges

  • Add a new internal role and set up privileges to delegate administration

Chapter 3: Adding Social Registration and Authentication

Lesson 1: Configuring Social Identity Providers

  • Set up a social ID provider for Google and test social registration
  • Set up a social ID provider for Facebook or others (optional)

Lesson 2: Integrating IDM with the ForgeRock Identity Platform

  • Prepare the ForgeRock Identity Platform components
  • Delegate all IDM authentication to AM

Chapter 4: Managing Synchronization and Reconciliation

Lesson 1: Using the REST Interface to Access IDM

  • Query and manipulate IDM objects using the API Explorer and cURL

Lesson 2: Connecting to External Resources Using OpenICF

  • Describe how to connect to external resources using OpenICF
  • Add a connector to an external LDAP resource

Lesson 3: Performing Basic Synchronization

  • Describe how to create sync mappings to flow identity objects and properties between IDM and one or more external resources
  • Add a sync mapping from the IDM repository to the LDAP server
  • Add a sync mapping from the LDAP server to the IDM repository

Lesson 4: Running Selective Synchronization and LiveSync

  • Run selective synchronization using filters
  • Identify methods of determining change events with LiveSync
  • Schedule LiveSync with the LDAP directory

Lesson 5: Configuring Role-Based Provisioning

  • Provision attributes to one or more external resources based on static role assignments
  • Provision attributes to one or more external resources based on dynamic role assignments
  • Add temporal constraints to a role

Chapter 5: Managing the IDM Privacy and Consent Options

Lesson 1: Managing User Preferences

  • Configure synchronization filters with user preferences
  • Extend the user preferences to include additional properties (optional)

Lesson 2: Configuring Privacy and Consent

  • Configure privacy and consent on a sync mapping
  • Configure privacy and consent during user registration

Lesson 3: Enabling Progressive Profiling and Adding Terms and Conditions

  • Enable and configure progressive profiling
  • Add terms and conditions to the registration process

Lesson 4: Enabling the Profile and Privacy Management Dashboard

  • Describe the tabs available on the Profile and Privacy Management Dashboard
  • Review the IDM Self-Service UI while integrated with AM to display additional options on the dashboard

Chapter 6: Managing Relationships Between Objects in IDM

Lesson 1: Managing Relationships in IDM

  • Describe the basic relationship model in IDM and why you might use relationships
  • Demonstrate the existing manager and reports relationship within the managed user object
  • Create a dashboard to visualize relationships
  • Examine the managed user, role, and assignment object relationships in IDM

Lesson 2: Modeling Relationships in IDM

  • Describe how to model a new relationship based on business requirements
  • Create a new relationship for a given relationship model in IDM

Lesson 3: Managing Devices and Things in IDM (Optional)

  • Add a connector to import device identities
  • Create a new device managed object
  • Set up a relationship between device managed objects and user managed objects
  • Create a sync mapping to provision devices to the IDM repository

Chapter 7: Getting Started with Workflow

Lesson 1: Deploying and Starting a Workflow

  • Describe use cases for workflows
  • Describe how workflows are implemented in IDM
  • Enable the workflow service in IDM and examine a sample workflow

Lesson 2: Deploying and Creating a Workflow

  • Describe the structure of workflow files
  • Describe how to model workflows
  • Describe how to use forms in workflows
  • Examine, deploy, and start a workflow to let subscribers create Family and Friend accounts
  • Create and deploy a simple workflow using Activiti Explorer


The following are prerequisites to successfully completing this course:

    • Basic knowledge and skills using the Linux operating system to complete labs
    • Basic knowledge of JSON, JavaScript, REST, Java, Groovy, SQL, and LDAP helpful for understanding examples; however, programming experience is not required

Contact P2L to schedule the dates for this course.