Centralized Identity Gateway for Applications, Devices, and Things
Better Than a Fish in Your Ear

In the Hitchhiker’s Guide to the Galaxy they have a handy little thing called a Babel Fish. Put it in your ear and you can instantly communicate with anything, anywhere in the galaxy. It’s quick and painless and works great. And that’s exactly how the ForgeRock Identity Gateway works too. It’s a simple, standards-based approach to extend access to web applications, application programming interfaces (APIs), and devices and things.

Download Identity Gateway White paper

A perfect complement to our access management system or as a stand-alone gateway, our Identity Gateway, built from the OpenIG open source project, provides a flexible policy enforcement point to support your current environment while migrating towards a modern, standards-based platform. So you can connect digital assets across your ecosystem, with minimal-to-no changes. And no slimy little fish required!

How to Buy

Get our platform

Free Trial

Try our platform

Application/Service Gateway

Rapidly Identity-Enable Backend Applications and Services

Identity-enable APIs for secure integration with services. Check and enforce identity to protect APIs from unauthenticated and unauthorized users. Leverage any standards-compliant identity provider to integrate the Identity Gateway into the existing architecture. Single sign-on and single sign-off dramatically improves the user experience and will improve adoption and consumption of services.

The ForgeRock Identity Gateway checks the validity of the requestor’s credentials to ensure they are correctly authenticated and authorized to access the requested resource.

  • Offers flexible credentials: OAuth2, OpenID Connect or SAML.
  • Allows you to utilize pre-shared keys using the Access Management Secure Token Service (STS).
  • Provides consistent levels of service by throttling access requests based on business need with parameters for time, day, week, user, domain, IP Address, and subscription levels.
  • Regulates spikes in traffic volume to reduce the risk of malicious attackers attempting denial-of-service (DoS) attacks.
  • Extends authorization by leveraging the Identity Gateway as an independent policy enforcement point that is built on OAuth2 and SAML standards.
  • Provides agent-less architecture to augment an existing WAM deployment.
  • Ensures consistent, secure access with single session sign-on and sign-out.

API Protection

Watch this five minute video for a quick overview of the ForgeRock Identity Gateway and key features like throttling.

Federated Service Provider

Rapidly Enable Your Applications so They Can Easily Connect with Federated Identity Providers

Faster time to market and increased adoption is all possible with API federation as these capabilities simplify the development and connection to the ForgeRock Identity Platform. Enable integration with business partners across your complex organization on-premises, off-premises, in the cloud, and on mobile devices using the latest standards SAML, UMA, OAuth2, and OpenID Connect. Identity Gateway enforces authentication and authorization to ensure secure communication.

Federation can be both IdP and SP invoked, enabling the required attributes to be attained and the user, device, thing, or service to be correctly authenticated and authorized to access the protected resources.

  • Integrate with existing IdPs thanks to an easy, standards-based authentication approach.
  • Authenticate and authorize users, devices, things, and services to access protected resources.
  • Build federation from the latest standards such as SAML, UMA, OAuth, and OpenID Connect.
  • Exchange tokens from one standard to another, using ForgeRock’s Access Management’s STS to enable Mobile Apps to access SAML resources.
  • Leverage a gateway approach to UMA to enable any existing Resource Server for UMA.

Password Capture and Replay

Enable Integration with Legacy Web Applications

Removing already functioning legacy web applications or services may not be a practical option for many organizations if there isn’t a compelling business case to upgrade. If legacy applications and service don’t integrate with identity, they can be painful to manage and create security risks.

The ForgeRock Identity Platform, Identity Gateway, can match the correct identity that the application requires and replay username, password or any other variable in a stateful manner to ensure the session is opened correctly, using variables looked up in any accessible format: databases, flat files or directories. This unique capability enables you to bring SSO to legacy web applications without the need to edit, upgrade, or recode. For example, you could enable integration with legacy web applications like Microsoft Outlook Web Access (OWA) or SharePoint using the same user identity.

  • Eliminates the need to change or rewrite existing applications to access legacy applications.
  • Adds a layer of identity security to applications and APIs without costly and time-consuming changes to each individual app.
  • Reduces the number of passwords end users need to remember and therefore reduces the cost of adding users to each legacy application.

IoT Identity Gateway

Identity-enable IoT Brokers for Seamless Protection

In an IoT ready world, APIs have become the cornerstone to connecting users, devices, and things to applications and services. APIs enable smart devices to communicate with other devices and leverage a variety of complementary applications. IoT is a complex mashup of users, devices, things, services, and applications, all with varied relationships that will require a high level of security and scalability for these APIs. You need to identity-enable applications and services for seamless engagement across any user, device, or thing.

The ForgeRock Identity Platform, Identity Gateway, authenticates and authorizes users, devices, and things to ensure secure access to applications and services is seamless across every platform.

  • Provides a secure and transparent connection between users, devices, and  things to cloud services, mobile devices, and enterprise apps using the standards-based OAuth 2.0 authorization service.
  • Adds a valuable layer of security with centralized authentication as the Identity Gateway can authenticate all traffic that passes through it from users, devices, and things.

The ForgeRock Identity Platform

Typical identity products don’t play well with others. These legacy systems are made up of piece parts acquired and duct taped together, with limited functionality and scalability. They were built for thousands of employees, not the millions of identities coming online.

We built the ForgeRock Identity Platform from the ground up, designed from the outset as a unified model to integrate with any of your digital services. We offer end-to-end capability designed to scale into the billions and support you not just now, but years into the future. You get the feeling it was all built to work together, because it was.

How to Buy

Get our platform

Free Trial

Try our platform