ForgeRock Workforce Identity Management

Securing The Modern Enterprise

Securing The Modern Enterprise

Global organizations spend too much of their limited time and security dollars shoring up their perimeter security defenses – defenses that have virtually disappeared during the current pandemic. While this is an area that should not be neglected, it isn't addressing the most problematic area of today's threat landscape: securing the remote workforce. The phrase "negligent employees or contractors and third parties" tells us that these are not malicious insiders who are copying digital records late at night in order to sell them. Today's data breaches result from someone who had access to data that they shouldn't have had access to or because an account was compromised through a phishing attack or some other type of social engineering. What are global organizations to do?

ForgeRock Identity Management (IDM) is a modern identity management solution that allows you to accelerate secure workforce access, increase operational efficiencies, and mitigate security risks.

What is ForgeRock Identity Management?

Why ForgeRock Identity Management?

In today's digital world, global organizations are securing and managing multiple types of digital identities – whether they are employees, contractors, partners, customers, devices, or things. All of these identities need to be created and managed so they have the right level of access to applications, systems, and resources at the right time. Users and customers are provisioned and de-provisioned as identities are added, moved, or removed in order to ensure that accounts are not orphaned and credentials are properly disabled. To properly secure and manage these digital identities at scale, global organizations need to fully automate their identity processes.

ForgeRock Identity Management is a modern identity management solution that fully automates the entire identity lifecycle management process. This automated approach enables organizations to create new user or customer accounts, provision new application or system access, and deprovision user and customer accounts and supporting credentials from target applications and resources.

ForgeRock Identity Management

ForgeRock Identity Management Benefits


Accelerate Secure Workforce Access

  • Automate employee access to business systems and applications on day one
  • Automate employee access to business systems and applications when they move to a new position or department
  • Automate single sign-on authentication to business systems and applications


Boost Business Operational Efficiency

  • Automate employee account creation and removal
  • Enable automated self-service password reset
  • Automate business processes with workflow-driven provisioning activities


Enhance Security and Reduce Risks

  • Automate employee entitlement and role assignments
  • Enable password synchronization across all systems, applications, and data stores
  • Continuously identify and monitor for high-risk users (example: segregation of duties checks)

ForgeRock Identity Management Features

Identity Lifecycle Management

ForgeRock Identity Management (IDM) solution provides comprehensive lifecycle management capabilities for any identity – customer, workforce, and thing. This is activated from the day a new customer is acquired and activated, an employee or contractor is onboarded, or a device is registered. Each identity requires accounts with different levels of privileges across a wide range of systems to perform their duties or access new digital services. ForgeRock Identity Management allows you to centrally define policies that govern access and provides a single view into all those accounts and managed identities. With identity lifecycle management, you can fully automate this process, eliminating error-prone manual processes. It provides a consistent and efficient way to create, modify, and remove accounts while ensuring a high level of security.

Password Management

ForgeRock provides a unified approach to password management to ensure that the right password controls are enforced everywhere – for all users, devices, and things. With ForgeRock, organizations can set a consistent password policy, enforce access rights with password policies and rules that can specify strength, aging, reuse, and attribute validation. Combined with flexible password management, administrators can create and administer policies that let users reset and change their own passwords. With ForgeRock, organizations can design password reset journey's with Intelligent Access drag-and-drop trees. The highly intuitive user interface allows for a seamless user experience between password reset and authentication flows. This unique approach creates a frictionless flow between password reset and authentication and helps decrease abandonment rates by providing an unsurpassed user experience.

Extensive Data Model

ForgeRock IDM’s extensible data model gives you the flexibility to manage multiple identity types, including: customers, partners, workforce, citizens, machines, devices,application programming interfaces (APIs) for bots, applications, microservices, and more. Combined with a highly intuitive UI, administrators can visually define policies based on the contextual relationships between any persons, non-persons, services, and things. This intelligence-based approach allows you to automate identity orchestration across the entire identity lifecycle.

Synchronization and Reconciliation

ForgeRock Identity Management's synchronization and reconciliation service gives you the ability to synchronize data in real time and schedule the reconciliation of identity data as needed. With capabilities like delivery guarantee, on-demand and scheduled resource comparisons, and discovery of new, changed, deleted, or orphaned accounts, ForgeRock Identity Management ensures that consistent user identity information is available across the entire identity infrastructure. This enables you to provide a consistent, personalized experience to your users. Tying synchronization and reconciliation with business process workflows and rules allows for appropriate reviews and administrative actions.

Identity Relationship Visualization

ForgeRock Identity Management is the only modern identity platform that offers identity relationship visualization. At ForgeRock, we understand the importance of context and relationship information, along with user identity, in making security decisions. ForgeRock IDM offers the unique capability to visualize the identity relationships of any user or thing under management. Identity relationship visualization helps you understand the attributes, roles, and relationships among different users, as well as any given user and all their devices. This enables you to quickly detect anomalies, so you can quickly eliminate potential issues before they turn into security problems.


ForgeRock provides you with an out-of-the-box workflow engine that adheres to the Business Processes Modeling Notation 2.0 (BPMN 2.0) standard. Use any BPMN graphical editor to quickly and easily create new workflows or edit existing workflows that are delivered as part of the solution, and/or integrate simple or complex workflow operations during the entire identity lifecycle. By providing workflow-driven provisioning activities, such as user requests, account creation, updates, or deletions, you can efficiently handle approvals, manage escalations, perform preventive maintenance, and directly integrate with ticketing and help desk systems.


Modernizing Workforce IAM

Learn how to extend or replace your legacy workforce identity and access management solution

Solution Brief

ForgeRock Identity Management: High-Level Overview

Securing the Modern Enterprise


The Continued Evolution of Identity

Subtitle: What Has Changed in the Last Decade and What Is in Store for the Future

Analyst Report

KuppingerCole Executive View

ForgeRock Workforce Identity Governance

Technical Resources and Documentation