How to Automate Identity With Low-Code/No-Code Orchestration


Companies are embracing the use of low-code/no-code to automate processes and build business applications with speed at scale. At ForgeRock, we've been at the forefront of this movement since 2018 with our Authentication Trees. Interestingly enough, Gartner predicts the approach will explode across the identity landscape, saying that, “by 2024, low-code/no-code orchestration tools will be a critical capability for all AM [access management] products.”

Our customers love it because it requires no programming or development. In the IAM context, this means you can turn time-consuming tasks your IT administrators currently perform manually or in a semi-automated way (such as coding the user on-boarding journeys) into simple, drag-and-drop operations.

Read on to learn about three ways ForgeRock Intelligent Access is useful for converting manual processes into sleek automation to help you achieve scale faster.

Zero-Trust Made Easy 

All the rage these days, Zero Trust and CARTA are increasingly finding their way into all types of IT projects. For identity, this means that every user must authenticate into every network or application they want to access, every time. Supporting this is no small task, especially considering the number of users and applications in most organizations. Today, the security perimeter far exceeds enterprise networks, as many of us are now accessing resources in the cloud. Additionally, users are no longer “trusted” just because they are inside the network firewall or logging in from a known device.

It used to be that changes to the user login process had to be hard coded, requiring technical programming skills either in house via contractors. Now, with a Low-Code/No-Code approach like those that ForgeRock Intelligent Access offers, we’ve boiled it down so mouse clicks and a graphical interface replace programming. This saves money, time and – most critically - means IT can be a super responsive partner to the business supporting new user login scenarios in a matter of minutes, not months.

ForgeRock Intelligent Access consolidates all your organization’s identities, applications, and services into one place. This makes it easier to drag and drop user types (consumer, workforce, IoT), multi-factor decisioning, anti-fraud technology, and other nodes in place to visually demonstrate the user journey. 

These journeys can be tested before they go into production and adapted in minutes when the need arises. For example, if a new credential-stealing bot appears, you can increase the strength of authentication by adding a biometric authentication node- or pre-built and tested option- into service with just a few mouse clicks.

Going Passwordless 

No one likes passwords. Fortunately, there is an alternative: “passwordless” authentication, which eliminates a static, user-selected password from the login process. Passwordless authentication can encompass a range of technologies from using the biometrics from mobile devices, to leveraging push notifications, to incorporating a FIDO2 security key. Passwordless can elevate the user experience while also providing security without compromise. 

To implement passwordless authentication, you need a graphical drag-and-drop designer tool, or orchestration engine, that presents all of these options in a single visual flow. This helps you better understand the order and logic for each flow and what the user needs to enjoy a true passwordless experience. To achieve passwordless, we’ve teamed up with a variety of vendors in our ForgeRock Trust Network to build integrations that make adding this capability as simple as a few clicks. We’ve tested these solutions and bring them to you for free - you simply select what you need and drag it into place to help create passwordless user journeys.

For example, a Google reCAPTCHA check that helps prevent fraud is inserted at the beginning of a user web interaction to detect a bot. This isn’t a consumer CAPTCHA where a user is asked to select images of a crosswalk or a building, but rather an enterprise-grade, behind-the-scenes bot detector that requires no user input. 

Next, the flow determines if the username has been involved in any known breach. If everything checks out from a security standpoint, the user is never asked for a password and completes their online journey smoothly.

Delivering Personalized Content 

What frustrates consumers most? When companies reveal they barely know them by interrupting a shopping experience with pop-ups for products they don’t want. What they appreciate is relevant information shared at the right time to help them make purchasing decisions. ForgeRock Intelligent Access helps you deliver dynamic content by using context to drive personalization. Digital signals like user device, location, and time can be leveraged in real time to build dynamic web personalization content. This helps inform downstream applications, and ultimately helps you to develop offers aligned with customer expectations.

A quick check to see if the user has previously logged in can smoothe the way toward an uninterrupted ecommerce experience, removing any friction between the user and their online transaction. 
Orchestration is all about identifying repetitive tasks and turning them into automation wins. This is not just important to free up time and resources, but critical to keeping your organization competitive and responsive as new situations arise. For an informative four-minute overview of ForgeRock Intelligent Access, including our drag-and-drop orchestration engine, check out this video from ForgeRock VP of Product Management Mary Writz.