Identity Gateway

Simply Connect Applications, Devices and Services – From Yesterday to the Internet of Things

In the Hitchhiker’s Guide to the Galaxy they have a handy little thing called a Babel Fish. Put it in your ear and you can instantly communicate with anything, anywhere in the galaxy. It’s quick and painless and works great. And that’s exactly how the ForgeRock Identity Gateway works too. It’s a simple, standards-based approach to extend access to web applications, application programming interfaces (APIs), and devices and things.

A perfect complement to our access management system or as a stand-alone gateway, our Identity Gateway, part of the ForgeRock Identity Platform, provides a flexible policy enforcement point to support your current environment while migrating towards a modern, standards-based platform. So you can connect digital assets across your ecosystem, with minimal-to-no changes.

Product Brief

Identity Gateway In Short

Download our datasheet, which provides an overview of our identity gateway solution

Customer Story

Powering digital transformation at the BBC with scalable, flexible identity management


Get the details

With Identity Gateway you can connect legacy systems and the IoT

Get Started Here

Get the technical resources and documentation to get started with ForgeRock Identity Gateway

Get Started Here
Gateway Guide

Instructions for installing and configuring ForgeRock Identity Gateway.

Deployment Guide

Tutorials for deploying ForgeRock Identity Gateway with Docker, with best practices for containerized deployment in production environments.

Full Documentation

Complete Identity Gateway documentation.

Stay One Step Ahead: Recapping Retail Week Live

How can a retailer get, and remain, one step ahead when it comes to retail technology? This was the key question I and other retail technology experts discussed during our panel session at Retail Week Live in London. On the panel were Julian Burnett, the former CIO of House of Fraser; Jonathan Wall, CDO at Misguided; and Mike Francis, the Head of Digital Transformation for Shop Direct. Henry Wallop, an author and journalist for The Daily Telegraph who specializes in consumer affairs, served as chair for what was a quite far-ranging discussion.

Read More »

ForgeRock Technology Partner Program Forges On With VeriClouds

We launched the ForgeRock Trust Network Technology Partner Program in November 2017 with a clear goal in mind: to enable easier and more seamless integration of complementary technologies to the ForgeRock platform. With innovation at the heart of our work at ForgeRock, we knew we needed to make it simple and straightforward to evolve to meet our customers' needs, and we wanted to bring valuable new capabilities into the program.

Read More »

NYDFS Cybersecurity Regulation Mandates Multi-Factor Authentication

March 1st marked the moment at which financial services entities in New York must be in compliance with several sections of the New York Department of Financial Services (NYDFS) cybersecurity regulation, 23 NYCRR 500. The regulation, which seems to lean heavily on the NIST Cybersecurity Framework, is in response to “the ever growing threat posed to information and financial systems by nation-states, terrorist organizations and independent criminal actor

Read More »

My Perception of Identity

It’s day 11 of working as an intern at ForgeRock and I’m already amazed (dumbfounded) at the power digital identity has in the world. It’s incredibly important for businesses and consumers, and is literally everywhere in the digital realm. So many of us, though, don’t realize how identity comes into play in our online experiences hundreds of times every day. The capabilities and functions of digital identity still make my head spin because it’s relevant for every industry, company, user, device, and even things that haven’t been invented yet.

Read More »

Survey Report: Consumer Trust, Consent and Knowledge in the Age of Digital Identity

We're excited to release the summary report - and a new infographic - from a recent survey we ran in the US and Europe on consumer attitudes toward digital privacy and commercial data handling policies. Conducted by ComRes Global, the survey polled 8,000 consumers on their understanding of how their personal data and financial information is collected and managed by online entities including social media and retail organizations including Facebook, Twitter, Instagram, Amazon and others.

Read More »

Implementing Delegated Administration with the ForgeRock 5.5 Platform
1 month ago
Out of the box in 5.5, IDM (ForgeRock Identity Management) has two types of users – basic end-users and all-powerful administrators. You often need a class of users that fall between these extremes – users which can trigger a password reset action but cannot redefine connector configuration, for example. Another common need is for users to only be allowed to […]
Jake Feasel
Enhancing User Privacy with OpenID Connect Pairwise Identifiers
1 month 1 week ago
This is a quick post to describe how to set up Pairwise subject hashing, when issuing OpenID Connect id_tokens that require the users sub= claim to be pseudonymous.  The main use case for this approach, is to prevent clients or resource servers, from being able to track user activity and correlate the same subject’s activity across different applications. OpenID Connect […]
Simon Moffatt
8 years old !
1 month 2 weeks ago
Happy anniversary ForgeRock! It’s been 8 years since you first shout at the world What an amazing journey since then… And it’s only the beginning This blog post was first published @, included here with permission.
Enhancing OAuth2 introspection with a Policy Decision Point
2 months ago
OAuth2 protection of resource server content, is typically either done via a call to the authorization service (AS) and the ../introspect endpoint for stateful access_tokens, or, in deployments where stateless access_tokens are deployed, the resource server (RS) could perform “local” introspection, if they have access to the necessary AS signing material.  All good.  The RS would valid scope values, token […]
Simon Moffatt
How Information Security Can Drive Innovation
2 months ago
Information Security and Innovation: often at two different ends of an executive team’s business strategy. The non-CIO ‘C’ level folks want to discuss revenue generation, efficiency and growth. Three areas often immeasurably enhanced by having a strong and clear innovation management framework. The CIO’s objectives are often focused on technical delivery, compliance, uploading SLA’s and more recently on privacy enablement […]
Simon Moffatt

An Identity Platform Built with the IoT, CIAM, and You in Mind

Digital Identity

Your Customers...

Millions of customers use your digital services--whether cloud, mobile, or IoT. Protect their digital identities and consolidate customer information, so it's easy to create and personalize the customer experience. 


Their Things...

Cars, drones, street lights, gas pumps, wearables, medical devices...they all have a digital identity. With ForgeRock, you establish who these devices belong to, and decide how and with whom (or what) they interact. 


Their Choice.

Protect and respect privacy. With ForgeRock, you can let your customers share data selectively. Ask them what’s okay to share, how, when, and with whom. Put them in charge, and they’ll put their trust in you.

Get Started with the ForgeRock Identity Platform

Manage billions of digital identities on new cloud, mobile, and IoT services, all with one unified platform. Try it out today.