User-Managed Access

Secure Delegated Authorization that Builds Privacy, Consent and Trusted Relationships

Privacy regulations, like GDPR, impact all organizations holding personally identifiable information. Void of compliance, organizations can suffer disastrous repercussions  in the form of  enormous fines and even imprisonment of executives. Further, lax privacy practices can cost an organization reputation and ultimately consumer trust. But new regulations don’t have to bring only doom and gloom. Savvy businesses can leverage these regulations as a way to build trust with their customers.

Organizations can opt for a contextual privacy methodology which takes the burden away from the business and puts it into the hands of the consumer – ultimately building trusted relationships necessary for successful digital transformation.

User-Managed Access, UMA, gives your customers and employees a convenient way to determine who and what gets access to personal data, for how long, and under what circumstances.  Users delegate access through a simple “Share” button in your app, and can monitor and manage sharing preferences all through a central console.

Do More With User-Managed Access
Product Brief

Learn how UMA can help you protect user privacy with a simple user experience

Customer Identity

The Guide to Trusted Digital Relationships with Customer Identity and Access Management (CIAM)

Overview

IoT and other new technologies require modern solutions like UMA for privacy and consent

No More Data About You, Without You

With UMA, sharing information is simple. While there are a few consent tools out there that go beyond the post-compliance opt-in and opt-out checkboxes, they are proprietary, thus limiting sharing capabilities to within the organization. Other privacy and consent tools lack options to empower consumers, such as granular access controls to determine who can do what with their data, the ability to revoke data access at will, and the security needed to prove who is accessing data.

 
Get Started Here

Get the technical resources and documentation to get started with ForgeRock User-Managed Access

Technical Resources
User-Managed Access (UMA) 2.0 Guide

Guide to configuring and using UMA features in ForgeRock Access Management.


Customizing UMA

Guide to Extending UMA Services with custom functionality to fit your deployment


Access Management Guide

Full Access Management documentation.

The Science and Art of Designing the Login Journey

Goldilocks may well have ended up an expert in Intelligent Authentication because she was onto something about that bowl of porridge: not too hot, not too cold, but rather just right. The Goldilocks principle, when applied to customer experience, helps determine the acceptable amount, type and detail of friction in a user login journey.

In the latest video in our Intelligent Authentication series, we cover how access to that data helps provide that “just right” experience for your customers.

 

Read More »

What is OAuth2? A Real World Example.

 

What is OAuth2? It can seem quite complicated, but it doesn’t have to be. Before OAuth2, when you needed to give software services access to your account, you had to give that service your username and password. This meant there was no way to tell whether it was you or the agent accessing your data as a third party doing so on your behalf. That agent had access to everything in that account and you’d have to change the account password when you decided to cancel that service.

Read More »

Striving for a New High Water Mark in U.S. Data Privacy Policy: Part 2

In a continuation of my first post around privacy and the rising tide of global data regulation, I explore why “leaning in to consent” is the best way for U.S. companies to ensure smooth sailing with their customers amid the murky waters of data policy innovation.

Read More »

Humans, Bots, & Trust: Leveraging Threat Intelligence

Threat intelligence gives your security team the ability to balance trust and risk to achieve harmony between customer choice, usability, and data security. Check out how to get it done in the latest video in our Intelligent Authentication series:

 

Read More »

How Telcos Can Reinvent in a 5G World

Before jumping into the exciting identity provider opportunities now facing telecom companies, let's briefly discuss the concept of a "Digital Native." My guess is that by now, everyone is familiar with the concept: someone born and raised amongst the widespread use of digital technology. By contrast then, the rest of us (pre-dating 1985-ish) are ‘Digital Immigrants’, destined to struggle in this new digital world order.

Read More »

The OpenID Connect Neighborhood
1 week 6 days ago
Understand OpenID Connect by analogy and learn how it relates to OAuth2. In my last article, I described the benefits of living in the OAuth2 apartment building. Something I didn’t mention is that the neighborhood my building is in is really unique, too. There are several other buildings like mine (OAuth2-enabled) in the area, which has turned out to be […]
Jake Feasel
The OAuth2 Apartment Building
2 weeks 2 days ago
Understand core OAuth2 concepts by analogy and learn how the various ForgeRock Identity Platform components relate to OAuth2. I live in a modern apartment building. It’s a very nice place – pet friendly, upscale furnishings, prime location. One of the best parts about my apartment building, though, is that it has electronic locks available for all the doors. This is […]
Jake Feasel
Using IG to Protect IDM For Secure and Standards-Based Integration
1 month ago
ForgeRock Identity Management (IDM) has a rich set of REST APIs capable of performing many actions; this is one of the great values that IDM has to offer. However, with such a broad set of APIs available out of the box, it is reasonable to want to limit which of those REST APIs are directly available to the public. The […]
Jake Feasel
We love feedback on our documentation!
2 months ago
We as the ForgeRock documentation team appreciate the feedback that you provide. It helps us improve our work, it helps us make our documentation (docs) more relevant to you, our users. To that end, we’ve improved our feedback processes. If you have an issue with a specific document, look for a bug icon in the upper-right corner of our documents. […]
Mike Jang
ForgeRock Identity Microservices with Consul on OpenShift
2 months 1 week ago
Introduction Openshift, a Kubernetes-as-a-Paas service, is increasingly being considered as an alternative to managed kubernetes platforms such as those from Tectonic, Rancher, etc and vanilla native kubernetes implementations such as those provided by Google, Amazon and even Azure. RedHat’s OpenShift is a PaaS that provides a complete platform which includes features such as source-2-image build and test management, managing images […]
Javed Shah
Platform

An Identity Platform Built with the IoT, CIAM, and You in Mind

Digital Identity

Your Customers...

Millions of customers use your digital services--whether cloud, mobile, or IoT. Protect their digital identities and consolidate customer information, so it's easy to create and personalize the customer experience. 

IoT

Their Things...

Cars, drones, street lights, gas pumps, wearables, medical devices... they all have a digital identity. With ForgeRock, you establish who these devices belong to, and decide how and with whom (or what) they interact.

Privacy

Their Choice.

Protect and respect privacy. With ForgeRock, you can let your customers share data selectively. Ask them what’s okay to share, how, when, and with whom. Put them in charge, and they’ll put their trust in you.

Get Started with the ForgeRock Identity Platform

Manage billions of digital identities on new cloud, mobile, and IoT services, all with one unified platform. Try it out today. 

TRY NOW