Getting Started with ForgeRock® Identity Cloud

IC-300 Rev A

Description

This course takes students from a high-level understanding of how ForgeRock® Identity Cloud (Identity Cloud) works, through the various online resources available to them, to a fully functional hands-on development environment, where they learn how to implement the many features of Identity Cloud in a training environment. Students take real-world use cases and implement them in a provided live Identity Cloud environment, where they learn the concepts and tasks necessary to successfully manage identities, applications, and user journeys in their own Identity Cloud.

 

Target Audiences

The target audiences for this course include:

  • ForgeRock Identity Cloud Administrators
  • Technical users new to Identity Cloud and other ForgeRock products
  • Those new to Identity Cloud and considering taking the certification exam

 

Objectives

Upon completion of this course, you should be able to:

  • Describe the benefits and features of Identity Cloud and how to access an Identity Cloud tenant as an administrator
  • Manage the onboarding of users through self-service, understand managed objects, import identities, and synchronize identities between Identity Cloud and external resources
  • Manage journeys to support how end users authenticate and perform self-service with Identity Cloud
  • Integrate application client profiles and gateway profiles into Identity Cloud to support external applications accessing Identity Cloud for identity and access management services
  • Manage federation to let employees with credentials stored in a remote Active Directory (AD) data store access services in Identity Cloud

 

Prerequisites

The following are the prerequisites for successfully completing this course:

  • Completion of the ForgeRock Product Essentials courses
    • ForgeRock® Access Management Essentials
    • ForgeRock® Identity Management Essentials
    • ForgeRock® Identity Gateway Essentials
    • ForgeRock® Directory Services Essentials

 

Duration

3 days

 

Course Contents

Chapter 1: Introducing ForgeRock Identity Cloud

Describe the benefits and features of Identity Cloud and how to access an Identity Cloud tenant as an administrator.

Lesson 1: Introducing Identity Cloud

Provide an overview of Identity Cloud, and the onboarding process:

  • Describe Identity Cloud
  • Explain Identity Cloud onboarding services

Lesson 2: Getting Access to Identity Cloud

Describe Identity Cloud tenant registration:

  • Describe the tenant registration process
  • Introduce the Identity Cloud Admin UI
Chapter 2: Managing User Identities

Manage the onboarding of users through self-service, understand managed objects, import identities, and synchronize identities between Identity Cloud and external resources.

Lesson 1: Managing Identities

Manage user identities and invite additional administrators using the Identity Cloud Admin UI, which is an administrative interface to manage your tenant settings:

  • Manage user profiles in Identity Cloud
  • Manage a user profile in Identity Cloud
  • Manage administrators
  • Invite a top-level administrator
  • Explain UI integration options
  • Configure themes for the Alpha and Bravo realms
  • Manage password policies
  • Configure password policies

Lesson 2: Onboarding Users With Self-Service

Add new users to your tenant through self-registration:

  • Describe self-registration
  • Register a user
  • Describe self-service
  • Explore self-service features

Lesson 3: Introducing Organizations

Explain how an organization hierarchical structure can be used to model a brand hierarchy to control access to business applications:

  • Explain how to model an organization structure

Lesson 4: Adding Identities With Bulk Import

Bulk import user identities from a CSV file:

  • Describe bulk import
  • Import customers and employees

Lesson 5: Extending the User Identity Schema

Extend the user identity schema to store and display custom properties:

  • Manage placeholder properties
  • Customize placeholder properties
  • Describe how to use custom attributes
  • Add custom attributes

Lesson 6: Synchronizing Identities from External Resources

Connect to external resources using a Remote Connector Server (RCS), and synchronize identities between Identity Cloud and on-prem resources:

  • Explain how to connect to external resources
  • Configure a connection between Identity Cloud and an external ForgeRock® Directory Services (DS)
  • Explain synchronization
  • Populate Identity Cloud with DS entries
  • Configure bi-directional synchronization
  • Populate Identity Cloud with AD users
  • Configure an RCS Cluster (optional)

Lesson 7: Managing Provisioning Roles and Assignments

Manage provisioning roles and assignments to dynamically provision attributes to external resources:

  • Introduce provisioning roles and assignments
  • Create assignments and provisioning roles

Lesson 8: Additional Administration Tasks

Explain additional tasks that an Identity Cloud administrator should be aware of:

  • Add a custom domain name
  • Introduce Identity Cloud REST APIs
  • Explore logs
  • Monitor your tenant
  • View the Identity Cloud analytics dashboard
  • Describe how to manage environment secrets and variables
  • Create and call an environment variable
Chapter 3: Managing User Journeys

Manage journeys to support how end users authenticate and perform self-service with Identity Cloud.

Lesson 1: Exploring Default Journeys

Describe the default journeys included with Identity Cloud, and explore self-service journeys as an Identity Cloud administrator and end user:

  • Introduce journeys
  • Explain self-service journeys
  • Explore self-service journeys

Lesson 2: Modifying Journeys

Use the journey editor in Identity Cloud to manage a journey, and understand the use of authentication nodes and email templates in a journey flow:

  • Introduce authentication nodes
  • Manage journeys
  • Group journeys
  • Modify the Login journey
  • Explore email templates and nodes
  • Configure email templates
  • Modify an email template
  • Describe how to debug a journey
  • Enable debug mode on a user journey

Lesson 3: Configuring Self-Service

Configure the self-service features of Identity Cloud to empower end users to independently make changes to their identity, instead of going through a help desk:

  • Explore knowledge-based authentication (KBA) options
  • Configure self-service to use KBA
  • Explain terms and conditions
  • Configure terms and conditions

Lesson 4: Configuring Social Registration and Authentication

Configure Identity Cloud to let end users register and authenticate new accounts using a social provider:

  • Explain social registration and authentication
  • Configure an OAuth 2.0 client for Identity Cloud and configure Google as an identity provider
  • Add social registration to the Registration journey
  • Add social authentication to the Login journey

Lesson 5: Importing and Exporting Journeys

Import and export user journeys using the Identity Cloud Admin UI:

  • Describe how to export and import journeys
  • Export and import journeys
Chapter 4: Integrating Applications and Gateways

Integrate application client profiles and gateway profiles into Identity Cloud to support external applications accessing Identity Cloud for identity and access management services.

Lesson 1: Defining Applications

Describe the role of an application in Identity Cloud:

  • Describe supported application types

Lesson 2: Adding an Application Client Profile

Add a new application client profile in Identity Cloud for a ForgeRock SDK sample application, and validate the application can authenticate with Identity Cloud using the client profile:

  • Explain how the ForgeRock SDKs are used with Identity Cloud
  • Add an SPA
  • Enable a JavaScript application to use Identity Cloud for authentication

Lesson 3: Integrating Identity Gateway

Show how Identity Gateway can protect an application when it is integrated with Identity Cloud:

  • Introduce Identity Gateway
  • Integrate Identity Gateway with Identity Cloud
  • Integrate the Identity Gateway sample application with Identity Cloud
Chapter 5: Managing Federation

Manage federation to let employees with credentials stored in a remote AD data store access services in Identity Cloud.

Lesson 1: Integrating Third-Party Services using SAML

Integrate Identity Cloud with a third-party provider using SAML v2.0 (SAML) to provide single sign-on services:

  • Introduce Federation
  • Explain how to configure Identity Cloud as an SP
  • Configure Identity Cloud as an SP
  • Explain how to configure ADFS as an IdP
  • Configure ADFS as an identity provider (IdP)
  • Explain how to configure Identity Cloud to use an IdP
  • Configure Identity Cloud to use an IdP
Train Your Team with ForgeRock Private Training

Request a Private Event