Smart, connected things are coming online at a rapid pace and more users want to take advantage of services that will simplify their lives – but not at the cost of compromising their privacy and safety. You realize you need to build customer trust to unlock new opportunities like the ability to create valuable data mashups with up-to-the-minute data feeds from sources like healthcare devices, smart homes, and location services. You’re thinking of how to build delegation and consent capabilities fast enough to satisfy your customers, the business, and the ever-changing regulatory landscape. And you know you must do all of this with an architecture that scales to support millions of consumers and employees that can manage their own permissions.
The ForgeRock Identity Platform, UMA Provider, is a centralized federation authorization architecture that enables consumers and employees to selectively and securely delegate fine-grained access to their data from cloud, mobile, and IoT sources. With UMA Provider, you can give your customers peace of mind, enable employees to be more productive, and provide additional revenue for businesses.
UMA Provider, built from ForgeRock Access Management, includes:
- Fine-grained delegation and consent – Gives end users a convenient central console for organizing digital resources residing in many locations, delegating scoped access to others, and monitoring and revoking access.
- Fine-grained access denial – Provides a dedicated landing page for aggregating pending access requests; the end user can grant requests, edit down the scopes granted, and deny requests outright.
- Chained delegation – Enables an end user who owns a resource to share it with another, who can in turn share it with another; the original owner can see the entire access history and disrupt the sharing chain by revoking the original policy.
- Dynamic policy enforcement point onboarding – Lets each service used by an end user put their digital resources under central protection as the resources are created and changed.
- Security controls and usability features – Lets an administrator set realm-level features such as access token expiration times and email notifications surrounding pending access requests.
- Customizability – Lets implementers use extensive API endpoints and plug-in points to customize just about any characteristic of the UMA Provider, including replacing the standard XUI interface for the console.
- User-Managed Access (UMA) standard – Provides conformance to the UMA standard for industry interoperability and easy application of the ForgeRock solution framework to your entire organizational or partner ecosystem, including federated authorization use cases as well as customer-centric use cases.