Avoid the Privacy Mutiny With
User-Managed Access

Three billion people, 10 billion things, and a pirate walk into a bar. It’s not a joke, it’s what’s happening right now. How are you going to manage who gets access? Who’s allowed in, who can order what, who needs to be cut off...and whose secrets you need to keep? Not to mention customer satisfaction--a happy customer is a repeat customer!

Download User-Managed Access White Paper

ForgeRock has your back with User-Managed Access. UMA, built from the OpenAM and OpenIG open source projects, gives your customers and employees a convenient way to determine who and what gets access to personal data, for how long, and under what circumstances. Users can monitor and manage sharing preferences--all through a central console. Imagine your users delegating access through a simple “Share” button in your app, determining who’s legit and who walks the plank.

How to Buy

Get our platform

Free Trial

Try our platform

User-Managed Access:

Introduction to UMA

How UMA Works

UMA Provider

Enable Consumer-Controlled Data From Cloud, Mobile, and IoT Sources

Smart, connected things are coming online at a rapid pace and more users want to take advantage of services that will simplify their lives – but not at the cost of compromising their privacy and safety. You realize you need to build customer trust to unlock new opportunities like  the ability to create valuable data mashups with up-to-the-minute data feeds from sources like  healthcare devices, smart homes, and location services. You’re thinking of how to build delegation and consent capabilities fast enough to satisfy your customers, the business, and the ever changing regulatory landscape. And you know you must do all of this with an architecture that scales to support millions of consumers and employees that can manage their own permissions.

The ForgeRock Identity Platform, UMA Provider, is a centralized federation authorization architecture that enables consumers and employees to selectively and securely delegate fine-grained access to their data from cloud, mobile, and IoT sources.  With UMA Provider, you can give your customers peace of mind, enable employees to be more productive, and provide additional revenue for businesses.

The ForgeRock Identity Platform, UMA Provider, built from the Open AM open source project includes:

      • Fine-grained delegation and consent: Gives end users a convenient central console for organizing digital resources residing in many locations, delegating scoped access to others, and monitoring and revoking access.
      • Fine-grained access denial: Provides a dedicated landing page for aggregating pending access requests; the end user can grant requests, edit down the scopes granted, and deny requests outright.
      • Chained delegation: Enables an end user who owns a resource to share it with another, who can in turn share it with another; the original owner can see the entire access history and disrupt the sharing chain by revoking the original policy.
      • Dynamic policy enforcement point onboarding: Lets each service used by an end user put their digital resources under central protection as the resources are created and changed.
      • Security controls and usability features: Lets an administrator set realm-level features such as access token expiration times and email notifications surrounding pending access requests.
      • Customizability: Lets implementers use extensive API endpoints and plug-in points to customize just about any characteristic of the UMA Provider, including replacing the standard XUI interface for the console.
      • User-Managed Access (UMA) standard: Provides conformance to the UMA standard for industry interoperability and easy application of the ForgeRock solution framework to your entire organizational or partner ecosystem, including federated authorization use cases as well as customer-centric use cases.

UMA Protector

Define and Protect Individual Resources According to the UMA Standard

Protect APIs without the lengthy time it takes recoding. The ForgeRock Identity Platform, UMA Protector, built from the OpenIG open source project, includes:

      • Multi-service protection gateway: Provides an enforcement point over any number of services or APIs, so that multiple UMA resource servers to which the end user has login accounts can be protected by the authorization server.
      • Requester trust elevation for increased security: Ensures that access requesters aren’t just in possession of a “secret link” but goes above and beyond OAuth 2.0 in proving requesters are who they say they are, according to resource owner policy.
      • Dynamic policy enforcement point onboarding: Lets your web API register its digital resources with an UMA authorization server as those resources are created and changed.
      • User-Managed Access (UMA) standard: “UMAnizes” your web API, turning it into a conforming and interoperable UMA resource server that takes advantage of the UMA Provider’s value-added features.

The ForgeRock Identity Platform

Typical identity products don’t play well with others. These legacy systems are made up of piece parts acquired and duct taped together, with limited functionality and scalability. They were built for thousands of employees, not the millions of identities coming online.

We built the ForgeRock Identity Platform from the ground up, designed from the outset as a unified model to integrate with any of your digital services. We offer end-to-end capability designed to scale into the billions and support you not just now, but years into the future. You get the feeling it was all built to work together, because it was.

How to Buy

Get our platform

Free Trial

Try our platform