Our comprehensive identity platform, as a cloud-delivered service
Why ForgeRock Identity Cloud
Cloud without Compromise
- One subscription, complete freedom
- Maximum deployment flexibility
- True IAM platform
- Predictable pricing
- Your data under your control
- Consistent service at any scale
- Unparalleled and optimized journeys
- Zero Trust: Contextual, adaptive and dynamic
- Any identity, any device
A Comprehensive Identity Platform with Simple-to-Use Capabilities
ForgeRock Identity Cloud provides comprehensive and simple-to-use identity solutions to help you deliver superior experiences, mitigate risk, increase workforce productivity, and reduce costs.
Intelligent User Journeys
Intelligent user journeys are based on ForgeRock’s powerful tree framework that allows you to build registration and authentication flows using an intuitive drag-and-drop interface. This capability allows you to orchestrate user flows with more flexibility, choice, and security. Registration trees allow you to build simple ways to register and onboard new users. Authentication trees allow you to easily configure, measure, and adjust multiple login journeys within a Zero Trust security model using a variety of methods.
ForgeRock Identity Cloud provides a simple, customizable web interface that allows users to perform password resets and view and change their personal information without having to call the help desk. Empowering users to control their own information improves their experience and reduces the amount of time they spend with support teams. Password changes and updates to user profile information can be synchronized across all target user accounts for consistent data in all relevant systems.
Single Sign-On and MFA
With ForgeRock Identity Cloud, your users can securely access any application from any device from any location. With single sign-on (SSO), they have seamless access to multiple applications – whether they are authenticating using credentials stored in the cloud, on premises, or with a third party using federation or social sign-on such as those provided by Google, LinkedIn, and Facebook. SSO can also be easily combined with a secure multi-factor authentication (MFA) to provide an extra layer of security when needed.
Enabling usernameless and passwordless authentication, you can increase productivity and decrease hassle by giving your users easy, low-friction access to the applications and data they need. Utilizing the latest standards, the ForgeRock Go capability allows low-risk, high-confidence users to log in to all your backend systems without ever using a password or even entering a username.
Lifecycle and Relationship Management
Traditional IAM solutions bridge various identity and user data silos across a wide variety of systems and services to deliver a single view of the user identity. However, they are inadequate when it comes to handling employees who regularly share devices, access sensitive corporate data from home, or use personal devices at work. By contrast, ForgeRock Identity Cloud provides data visualization to identify the relationships of any user, device, or thing to detect anomalies in access or provisioning quickly and efficiently.
Synchronization and Reconciliation
With the synchronization and reconciliation service, you can synchronize data in real time and schedule the reconciliation of identity data as needed from your on premises identity repositories to ForgeRock Identity Cloud. With capabilities like delivery guarantee; on-demand and scheduled resource comparisons; and discovery of new, changed, deleted, or orphaned accounts, this service allows consistent user identity information to be available across the entire identity infrastructure, whether on premises or in the cloud.
The ForgeRock Identity Gateway enables organizations to secure on premises legacy applications, APIs, and microservices without changing how they work. This enables organizations to fully embrace a hybrid cloud strategy and bring new capabilities like multi-factor authentication and Zero Trust to legacy applications without a large development effort. ForgeRock Identity Gateway secures data and transactions, and helps future-proofs your changing needs, standards, and technologies. This flexibility and versatility is one of the reasons KuppingerCole named ForgeRock the leader in the Identity API platform vendor.
REST API and SDKs
ForgeRock delivers one common REST application programming interface (API) framework across the entire platform to provide a simple method to invoke any of our identity services. Developer-friendly and lightweight, yet powerful, the REST API framework helps you to eliminate unnecessary identity complexity and increase platform agility.
ForgeRock Identity Cloud Security
Your data in the cloud is protected with the industry's best practices.
ForgeRock Identity Cloud
Learn how a comprehensive identity platform as a service can meet the challenges of today and tomorrow.
ForgeRock Identity Cloud
ForgeRock Identity Cloud capabilities and how your organization can benefit.
A Modern Hybrid Cloud Purpose-Built for Today's Reality
Organizations may desire to move completely to the cloud in the future, but, for the present, they must continue to support business-critical applications that are running on premises. Securing these life-blood applications is not negotiable. Therefore, it’s imperative that cloud identity providers accommodate a hybrid cloud strategy. ForgeRock Identity Cloud is designed to deliver delightful, secure, transparent, and frictionless user experiences for this modern reality.
Identity Cloud treats both cloud and on premises applications the same, removing the need for a major rip-and-replace project that many customers have to go through with cloud-native solutions. Identity Cloud can even coexist with other legacy IAM solutions running on premises. You can also quickly augment legacy systems with new capabilities, such as Intelligent Access and multi-factor authentication (MFA), while you plan and execute on your cloud migration strategy.
Security Is Shared. Data Is Not.
Security concerns – including data sharing and data sovereignty – have been one of the major reasons many large customers have stayed away from moving to a complete cloud IAM platform. ForgeRock Identity Cloud provides maximum security with complete customer isolation in a modern, multi-tenant cloud architecture.
Robust security starts at the infrastructure level, leveraging the native physical and network security features of the service provider to prevent common threats like distributed denial-of-service (DDoS) attacks against customer environments or services. Each customer environment – which includes the identity data, configurations, and all customization –, is stored within a dedicated trust zone to prevent any accidental or malicious co-mingling. All of this data is also encrypted at rest and in transmission to prevent any unauthorized access and prevent data breaches.
The entire platform is also continuously monitored by dedicated, highly trained ForgeRock experts. ForgeRock also implements a mature information security management system (ISMS), owned by our CISO. This ISMS documents a set of detailed security policies that all ForgeRock employees must follow. All of these policies and practices are also regularly reviewed and assessed by internal as well as external auditors.
Security also starts with the fundamentals: secure coding practices, least privilege, dependency management, and continuous vulnerability and penetration testing. We systematically evaluate the assets hosted within the service, an attacker’s options for compromising them, and the effectiveness of the service’s security controls at preventing or detecting threats. This is a continuous process that keeps evolving to meet new threats and address customer demands.
ForgeRock Identity Cloud Express
Built on top of the full ForgeRock Identity Platform, Identity Cloud Express enables you to accelerate time to market of yourIAM projects by including ForgeRock best practices that have been preconfigured with guardrails to help you focus your energies on developing business value, not creating and running IAM solutions or infrastructure. If you want more capabilities and the ability to customize your cloud environment further, you can always upgrade to the full ForgeRock Identity Cloud.
Identity Cloud Express minimizes the skill sets required to embed security into modern IAM applications. Developers can quickly and easily integrate identities based on OAuth 2.0, OpenIDConnect (OIDC), and WebAuthN into any application with minimal configuration. Identity Cloud Express also leverages ForgeRock's API-first model, providing one common REST API framework across the entire platform. This results in less complexity for internal and external developers since a single, common method can invoke any identity service.
Related Blog Posts
Deploy ForgeRock Identity in Your Cloud, Their Cloud, or Our Cloud
Our customers tell us they want to move to the cloud. That’s why ForgeRock offers a range of deployments – whether it's your cloud, their cloud, or our cloud.
How Financial Services Can Embrace the Cloud
With ForgeRock, financial service organizations can deploy our identity solution anywhere and at any scale, with a unified code base.
Build, Buy, or As-A-Service?
As the needs for digital identity become more complicated and the identity market grows to include millions of devices, it is clear that neither a homegrown nor a legacy solution will be able to meet future demands.