Previously, we presented an overview of Identity Gateway and how it fits into your organization’s IAM. In the second part of this demo video series, we do a deeper technical dive on how to completely secure your business applications using reverse proxy. Check it out:
Modernizing security for web applications can seem complex and daunting - but it doesn’t have to be. Virtually any web application can be non-intrusively integrated with single sign-on (SSO) with a little help from ForgeRock. Acting as an identity-focused reverse proxy for identity integration, Identity Gateway can be deployed in containers independent to the application -- even individually as a microgateway.
Once deployed, the Identity Gateway can intercept any access request going to the application and leverage ForgeRock Access Management for authorization capabilities, or another federated IdP for that matter, before forwarding the traffic to the application. Prior to forwarding, transformations can be applied to the request. For example, adding headers containing user profile data, or pre-populating username/password form fields to permit automated login can all be easily configured using the Identity Gateway Studio.
An Identity Gateway Case Study
A major telecommunications provider chose the ForgeRock solution for its ability to integrate with existing legacy web applications. This provider utilized Identity Gateway as a reverse proxy server with specialized session management and credential replay functionality. ForgeRock Identity Gateway was deployed in conjunction with ForgeRock Access Management to integrate web applications without the need to modify the target application or the container that it runs in - which ultimately delivered significant cost-savings to the provider. With the time and budget considerations for such a large IT project, the ability to quickly and easily integrate with existing applications was critical to the overall success of the project. Click here to learn more about this case study.
ForgeRock offers an intuitive interface to visually configure and deploy routes. With the Identity Gateway Studio, you can quickly configure authentication enforcement, API authorization, request throttling as well as token and message transformation. You can even collect statistics. Check out our latest demo, above, to learn how you can do it … non-intrusively of course!